What the US knows about visitors
European and US officials have been holding last-minute negotiations to renew a deal on the transfer of airline passenger data before it runs out on Saturday.

There have been warnings of chaos if agreement is not reached. Airlines would face massive fines if they flew to the US without supplying the data - and they could be prosecuted under European data protection laws if they did.

It is likely there would be huge queues at US immigration, as officials scrutinised the tickets of arriving passengers for some of the data they can now obtain electronically.

Under a 2004 agreement between the EU and the US, US Customs and Border Protection (CBP) can access European airline reservation databases and pull out 34 pieces of information about each passenger.


SOME THINGS US CUSTOMS KNOWS
Your history of missing flights
Your frequent flyer miles
Your seat location aboard
Your e-mail address
However, the 2004 agreement was annulled by the European Court of Justice in May, which ruled that officials had failed to give it an appropriate legal basis.

The judges said it could continue to operate until 30 September, while a new legal foundation was constructed.

But discussions between the US and the EU appear to have gone beyond legal technicalities - which is why they are going down to the wire.

Disputed areas

Officials in Brussels say the EU wants to give away less data, while the US wants more.

US demands for information are going to go up not down
Hugo Brady
Centre for European Reform

In future, the EU also wants to go over to a system where airlines "push" the data across to the US, rather than allowing the CBP to continue "pulling" it.

European privacy authorities also want the US to give legally binding guarantees regarding protection of the data transferred, instead of the existing non-binding undertakings.

Meanwhile, US Secretary of Homeland Security Michael Chertoff has said the CBP needs to be able to share the data - in an attempt to identify potential terrorists - with other government departments, such as the FBI.

However, it is reported that the most likely outcome now will be the renewal of the existing agreement on a new legal basis, for an interim period.

The bigger questions will be left for further negotiations on a new agreement, which is to take effect at the end of 2007, when the agreement which has now been annulled was due to have run out.

Passenger profile

The Passenger Name Record (PNR) data falls into 34 overlapping fields, some of which contain very little information, for example the passenger's name, while others contain a lot, including the passenger's name (again), date of birth, sex, citizenship and so on.

The data can be broken down into the following categories

* Information about the passenger : name; address; date of birth; passport number; citizenship; sex; country of residence; US visa number (plus date and place issued); address while in the US; telephone numbers; e-mail address; frequent flyer miles flown; address on frequent flyer account; the passenger's history of not showing up for flights

* Information about the booking of the ticket : date of reservation; date of intended travel; date ticket was issued; travel agency; travel agent; billing address; how the ticket was paid for (including credit card number); the ticket number; which organisation issued the ticket; whether the passenger bought the ticket at the airport just before the flight; whether the passenger has a definite booking or is on a waiting list; pricing information; a locator number on the computer reservation system; history of changes to the booking

* Information about the flight itself : seat number; seat information (eg aisle or window); bag tag numbers; one-way or return flight; special requests, such as requests for special meals, for a wheelchair, or help for an unaccompanied minor

* Information about the passenger's itinerary : other flights ticketed separately, or data on accommodation, car rental, rail reservations or tours.

* Information about other people : the group the passenger is travelling with; the person who booked the ticket

The CBP system has been built in such a way that some "sensitive" information is filtered out.

Protected data

According to the undertakings on data protection provided by the US, this includes "personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, and data concerning the health or sex life of the individual".

This means that Halal or Kosher meal preferences will not show up, while requests for a vegetarian meal will.

"You can be sure that the US will construe whatever they can from the information provided. You can construe a lot from someone's name," says Hugo Brady, an expert in European security co-operation at the Centre for European Reform.

"They have compiled a number of scenarios which they believe amount to suspicious activity and the data is screened for a match. Did the passenger pay cash, did he have baggage? And so on."

He adds: "US demands for information are going to go up not down and we are going to have to find a way of aligning security and privacy to a mutually satisfactory end."
Story from BBC NEWS:
http://news.bbc.co.uk/go/pr/fr/-/2/hi/europe/5390074.stm

Published: 2006/09/28 19:38:48 GMT

© BBC MMVI