You are currently viewing EU PNR : “the system might lead to a move towards a surveillance society”.

EU PNR : “the system might lead to a move towards a surveillance society”.

On 24 September 2015 the European Data Protection Supervisor (EDPS), Giovanni Buttarelli, delivered his second opinion on the proposal of a Directive on the use of PNR data of airline passengers, flying to Europe and from Europe, as an instrument of law enforcement for the prevention, detection, investigation and prosecution of terrorism and serious crime. The analysis of the EDPS, whose mission is to advise the institutions on data protection implications of their policies, aims at evaluating the impact of the system on individuals’ right to privacy and data protection. The EU PNR system was approved by the LIBE committee of the European Parliament in July 2015.


After the green light given to the project, Jan Philipp Albrecht, MEP of the Green party, stated in no uncertain terms: “A black day for fundamental rights in Europe”. Critiques also followed by many other MEPs, who defined the system a proper threat to the right of privacy and data protection: a “fully automatic mass screening” system, deeply invasive, to such an extent that European Digital Rights (EDRi) nominated the PNR proposal for the ‘Big Brother Awards 2015’.

The opinion of the EDPS, for obvious reasons, has taken into account the ECJ judgement on the Directive 2006/24/EC on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks (DRI judgement). The directive has been declared invalid by the Court in April 2014, since it “entails a wide-ranging and particularly serious interference with the fundamental rights to respect for private life and to the protection of personal data, without that interference being limited to what is strictly necessary”. As in the PNR case, the main question concerned the proportionality and the necessity of the rules.

The importance of necessity and proportionality principles

Art. 52 of the European Charter of Fundamental Rights explicitly allows limitations on the exercise of the rights and freedoms recognised by the Charter. However, “subject to the principle of proportionality, limitations may be made only if they are necessary and genuinely meet objectives of general interest, recognised by the Union, or the need to protect the rights and freedoms of others.”

Thus, if we define the fight against terrorism and serious crime as a “general interest” of the European society and we do enable legislators to determine certain limitations to fundamental rights and liberties, then, it is of imperative importance that those derogations apply under conditions of proportionality and necessity. The actions undertaken according to derogative measures have to be strictly necessary and their scope may not exceed the core “objective of general interest”.

The extent of measures and actions that restrict fundamental rights room, together with the existence of democratic and judicial mechanisms that guarantee their legitimacy and control, constitute the red line that prevent democracies from falling into police states.

Nation States, by following the logic of the social contract that allowed to overcome the old natural state of the society, ask citizens to partially surrender their rights and liberties in order to be able to guarantee public and national security.

The compression of fundamental values, thus, when it is aimed at achieving superior objectives in the general interest of the society, remains to some extent legitimate. Therefore, the fact that some rules of law interfere with fundamental rights such as the respect of private life and the protection of personal data, as the PNR proposal actually does, it is not necessarily illegitimate, nor ethically incorrect.

To what extent, then, can security be balanced with fundamental rights and liberties?

Is a fundamental liberty, such as protection of data and right to privacy, supposed to be in any case overridden by principles, apparently more valuable, such as security?

Major problems arise when the application of derogations do not comply with principles such as, legality, legitimate aim, adequacy, proportionality, necessity, judicial control, transparency, public oversight, safeguards against excessive practices and right to effective remedy.

Let’s see the European Data Protection Supervisor’s view on this matter

The EDPS opens his opinion by stating that both necessity and proportionality of data processing represent “absolute prerequisite for the development of the PNR scheme”.

“The EU needs to justify on a basis of available evidence why a massive, non targeted and indiscriminate collection of data of individuals is necessary and why that measure is urgently needed.”

Proportionality of the system

In order to comply with this requirement, the proposal should envisage “clear and precise” measures that rule and limit the extent of the interference with fundamental rights, as well as the “scope and application” of the derogative provisions and effective mechanisms of safeguard and guarantee.

According to Giovanni Buttarelli, the Proposal sets up the basis for a proper “massive, non-targeted and indiscriminate collection of data”.

More that 300 million of non-suspect passengers would be “potentially” targeted by the PNR system, since the plan is to collect and store data of all airline passengers entering or leaving Europe without any differentiation and without acting on a case-by-case basis, but rather collecting data in bulk and in an indiscriminate way. The interference with the rights of privacy and data protection seems really far from being limited and circumscribed.

Even though some of the new provisions, laid down and approved by the LIBE committee, have been warmly welcomed by the EDPS, the scope of the project is not defined in an exhaustive manner. The notion of ‘immediate and serious threat to public security’, defining the purpose for which data access is allowed, does not seem to be enough: the text still lacks of measures preventing further access to data, as well as their subsequent use.

Therefore, no clear constraints and rules have been settled in the field. “Article 5 (5) of the text remains problematic since it allows the competent authorities to use the data for other violations of criminal law, or other offenses than the ones being the purpose of the EU PNR scheme”, the EDPS remarked. On the same line, the list of crimes covered by the system is not as precise as necessary and also the transnational nature of “serious crime” is not well defined. The Proposal, generally speaking, is accused to leave too much space for interpretation by competent authorities.

Critiques are also raised with regards to the data retention period. The system envisaged by the Proposal, determines a delay of 30 days for unmasked data and an extension of 4 to 5 years for masked data. The latter, however, according to the EDPS’ opinion still remain identifiable. “No evidence has been shown why there is a need to keep these further, in a form that still renders possible the identification of the individuals for 30 years.”

Not only evident lack of proportionality of the measures, but also of full transparency of the conditions of collection, access and use of data has been underlined by the EDPS.

“The lack of full clarity regarding the purposes for which the EU PNR is used and of the conditions and criteria required to access the data, are elements currently indicating an insufficient degree of respect of the principles of transparency, accessibility and predictability of the law providing for the surveillance of citizens.”

Justify the necessity

The EU PNR Proposal, according to the EDPS, fails in evaluating and arising the deficiencies of the already existing instruments aimed at the fight against terrorism and serious transnational crime at the european level. Such evaluation is a fundamental element allowing to assess the necessity of the implementation of further systems, such as the European PNR, which imply greater restrictions of fundamental rights and liberties. “The available information does not justify why the massive, non-targeted and indiscriminate collection of passengers’ personal information is necessary and why it is urgently needed.”

The EDPS goes even further in his opinion, by saying: “various recent events in the EU demonstrate intelligence gaps unrelated to air travelers and that by targeting resources and intensifying efforts on know suspects would in some cases be more effective than profiling by default millions of travelers”.

Since many Member States already have national PNR systems, the need of harmonization of the national system may constitute a valid necessity to justify the set up of a unique European system. However, the EDPS raises a critical view on this point by launching a cutting remark to the Commission that, after the rejection of the EU PNR scheme by the LIBE committee in 2013, promoted the adoption of national PNR systems by Member States, thus actively “contributing to the current lack of harmonization”.

“The EU PNR Proposal cannot be seen as an adequate response in terms of harmonization of data protection issues at national level, but merely as an EU response to a situation subsidized at EU level.” The paradox is clear and it undermines all the good intentions. To some extent then, it gets even worse when the EDPS calls into question the EU-Canada PNR agreement.

The European Parliament, in November 2014, adopted a resolution expressing clear concerns about the legal value of this Agreement and its compatibility with the European law in the field of data protection and right to privacy (art. 16 TFUE, art. 7 and 8 of the European Charter of fundamental rights). Therefore, given the EDPS’ opinion, according to which the EU PNR system is very similar to the Canadian one, and the fact that the LIBE committee of the Parliament just approved the EU project, the overall picture almost gets self-contradictory.

So, what about art. 52 of the European Charter of Fundamental Rights, whose fundamental importance was previously remarked? Apparently, none of the two imperative conditions of necessity and proportionality seems to be fulfilled.

The text approved by the LIBE MEPs in July, presents less invasive and extensive measures than those envisaged by the previous version, that was rejected by the same committee in 2013. However, despite the progress made by the Council and the LIBE committee that the EDPS has openly recognized and remarked, “the essential prerequisite for a PNR scheme – i.e. compliance with necessity and proportionality principles – is still not met in the proposal”. The proposal still does not comply with art. 7, 8 and 52 of the European Charter of Fundamental rights, art. 16 of the TFUE and art. 8of the ECHR.

Recommendations of the EDPS

To sum up, according to the EDPS the EU PNR Proposal should “limit the data retention period to what is justified by objective criteria explaining the period retained” and should “more explicitly provide that the PNR data may not be used for other purposes than the prevention, detection, investigation or prosecution of terrorist offences and serious transnational crimes. He urges also the necessity to obtain a “prior approval by a court or an independent administrative body, upon a request of access to the data by a competent authority”.

The Proposal should also include “appropriate safeguards guaranteeing the security of the data processed by the PIU”, the Passengers Information Units in charge of data processing.

Greater clarity would be necessary with the regards to the criteria required to access PNR data by competent authorities and the scope of the system: “the definition of ‘serious transnational crime’ and ‘immediate and serious threat to public security’ should be further defined”.

The EDPS, furthermore, invites the legislator to wait until the delivery of the answer by the ECJ on the EU-Canada Agreement, as well as the for the finalization and the adoption of the new Data Protection Package, in order to align the PNR project with them.

The approval of the European PNR system was included in the top priorities of the EU agenda after the Charlie Hebdo massacre that took place in Paris in January 2015. Then, it was subject to further pressures coming at the beginning of September, by following the attempted attack on the Thalys Amsterdam-Paris. Events that have strongly undermined civil society’s perception of security and that have physiologically triggered the need to strengthen the existing security systems.

The trialogue talks on the dossiers, among the Parliament, the Council and the Commission started one month ago. The EDPS’ opinion, by calling the legislators to “further explore the feasibility of more selective and less intrusive surveillance measures”, will surely have an impact on this proceeding.

Despite the adoption of such measures is sometimes urged on the wave of sensational events, it is always necessary to remember the rationale that the legislators have to apply, in order to find the right equilibrium among asymmetric elements, such as liberty and security, that constitute fundamental imperative for the functioning of democratic societies.

Paola Tavola


For further information



     -. Procedure File of the European PNR system (EN)


     -.Full text of the second Opinion of the EDPS on the Proposal for a Directive of the European Parliament and of the Council on the use of Passenger Name Record data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime

     -. EU secret profiling of air passengers nominated for “big brother awards”


     -. The Court of Justice declares the Data Retention Directive to be invalid – Press release (EN)


     -.Full text of the judgement of the Court, 8 April 2014(EN);jsessionid=9ea7d0f130d58681ec9e7328459f946cf2c25b638047.e34KaxiLc3eQc40LaxqMbN4ObNqRe0?text=&docid=150642&pageIndex=0&doclang=EN&mode=req&dir=&occ=first&part=1&cid=169677



Adeline Silva Pereira

Après avoir effectué la deuxième année du master Sécurité Globale analyste politique trilingue à l'Université de Bordeaux, j'effectue un stage au sein d'EU Logos afin de pouvoir mettre en pratique mes compétences d'analyste concernant l'actualité européenne sur la défense, la sécurité et plus largement la coopération judiciaire et policière.

Laisser un commentaire