Passenger data transfers stirs heated international row

The transfer of passenger data by airlines to the US Customs and Border Protection Agency has created a global divide over fears the information is being misused and lacks privacy protection.

While a spokeswoman for the Federal Privacy Commissioner Malcolm Crompton has confirmed discussions are continuing with Australian Customs officials a trans-Atlantic row has already erupted between the European Union and the US.

The discussions with Australian customs follow privacy fears about the level of information sent to the US by local airlines via the Advanced Passenger Information System database provided by Unisys.

As reported previously in CW (May 26, 2003), Crompton said there needs to be a balance between the information provided and how it is used to ensure there isn't any 'function creep' where data is being used for purposes other than those originally stated by the US. Earlier this month the European Commission warned the transfer of passenger data is in breach of the EU Data Protection Directive and a more 'legally secure' framework is required to address the privacy shortcomings.

The need for airlines flying into the US to provide Passenger Name Records (PNRs) was introduced in December 2001 following September 11. PNR information typically includes names, travel routes, credit card numbers, and other details which US authorities said was necessary to identify potential terrorists entering the country.

The EU is insisting on privacy safeguards relating to the manner in which the data can be accessed and used by the US which utilises the Computer Assisted Passenger Pre-Screening (CAPPS II) system.

Unless steps are taken by the US to implement safeguards, EU commissioner in charge of customs issues, Fritz Bokestein, warned there could be a "highly charged trans-Atlantic confrontation".

At a privacy conference in Sydney last week the US-based Electronic Privacy and Information Centre (EPIC) released a report warning against the use of CAPPS II claiming the system which scans for potential terrorists "is like looking for a needle in a haystack while it exposes everything else in the process."

The report, which surveyed 55 countries to document the effects of September 11, 2001, warns personal privacy has become a casualty of the war against terrorism.

The Australian government was among those criticised for its poor privacy protection laws.

"Australia and the Slovak Republic are building new DNA databases to fight crime, even though some of them are not protected by any legal data protection framework and could, as a result, easily be subject to abuse," the report said.

- with Jaikumar Vijayan

Copyright © 2003 IDG Communications, Inc.

Download: EMM vendor comparison chart 2019
Shop Tech Products at Amazon