This security camera video footage obtained shows Hayat Boumeddiene, the common-law wife of Amedy Coulibay, one of the Paris gunmen, as she arrives at Istanbul’s airport with a travelling companion on Jan. 2, 2015.The Associated Press
Let's say you're planning to take an international flight. An airline collects information about you: your name, your itinerary, your address, your credit card, a telephone number to contact you and perhaps a meal preference.
Such records are now the source of intense debate within Europe and represent one of the first battles over how to protect its citizenry in the wake of the Paris attacks earlier this month.
The European Union has agreements with the United States, Canada and Australia to share passenger data on flights travelling to those countries. But within the 28-nation EU, there is no such exchange and storing of information – no common database, no shared "no-fly" list.
An earlier attempt to create a database was blocked by European parliamentarians over concerns that it represented an unnecessary intrusion into the privacy of millions of travellers, the overwhelming majority of whom are of no concern to law-enforcement authorities.
But now European officials and national leaders have made it clear they consider passenger data a critical tool for tracking violent extremists, particularly those travelling to and from Syria and Iraq. Gilles de Kerchove, the EU counterterrorism co-ordinator, told a French newspaper that pooling passenger information is the only way to improve the detection of such individuals. Manuel Valls, the French prime minister, said last week that such a system was "indispensable," and added: "We can't waste time."
The push to share information on passengers is just one of a series of measures now under consideration to tighten security. Some EU members are advocating new identification checks, which could end the passport-free travel currently in place among many members of the bloc. In February, EU leaders will meet to consider the proposals.
Proponents say passenger data helps to track down terrorists and criminals and identify their associates. Under the deals struck between the EU and other countries, such information is to be used only to combat terrorism and other serious transnational crimes, such as human trafficking and trade in illicit drugs.
But opponents say such justifications are bunk. "Far-reaching data collection in France would not have prevented the odious attacks in Paris," Jan-Philip Albrecht, a German member of the European parliament, told The Guardian. "Instead of creating an ineffective dragnet on all air passengers, security authorities should have been exchanging the data they already had on these suspects."
Any policy that impinges on an individual's privacy and augments state power tends to touch a raw nerve in Europe, especially in countries with recent experience of living under dictatorships.
Such concerns are rife when it comes to collecting passenger information (or in official terminology, Passenger Name Record data). Last year, for instance, after lengthy negotiations, the EU reached a new draft agreement with Canada to share traveller data. Before holding a final vote, however, parliamentarians referred the agreement to the European Union Court of Justice to determine whether it fell afoul of existing privacy law. If the answer turns out to be yes, it could throw the future of the deal into doubt. It would also raise legal questions about similar EU agreements with Australia and the U.S.
The co-operation between the U.S. and the EU over passenger data is already fraught. An original deal was struck in the years after the terrorist attacks of September 11, 2001, and repeatedly renegotiated. The data sharing has been "an ongoing bone of contention between the U.S. and the European Union," wrote Paul Rosenzweig, a former official at the U.S. Department of Homeland Security, earlier this week. The parties have now reached an "uneasy truce."
In the latest iteration of the agreement with the U.S., the EU pushed to place restrictions on how long passenger data could be retained. It also negotiated for more safeguards to prevent the data from being abused – for example, after six months, the passenger information is now "anonymized," meaning it is stripped of identifying data until and unless it comes the subject of a specific inquiry.
Meanwhile, the momentum – for now – is on the side of those who want to see the EU start collecting, sharing and storing such information on air travellers within its borders. Without such a move, said Mr. de Kerchove, Europe "condemns itself to being less effective in the struggle against terrorism."