EU plans to keep all air traveller data lack 'full clarity' and could break privacy regs, says European data protection supervisor

Buttarelli believes scheme needs better consideration before passenger credit card details and meal choices are indefinitely retained

An ongoing scheme to bring into law the retention of every single detail of EU air travellers' passenger information has been publicly criticised by European data protection supervisor Giovanni Buttarelli, who suggests the plans lack both clarity and, in some cases, necessity.

The Passenger Name Record scheme (PNR) has been rejected three times in European parliament - once in 2007, once in 2011 and once in 2013 - but is now under discussion again.

The legislation aims to collect "racial or ethnic origin", "political opinions" and "religious beliefs", which the Commission's proposal says should be collected for "purposes of preventing, detecting, investigating and prosecuting serious crime and terrorist offences".

It goes on to say that the information above - which will also include credit card details, full names and addresses, and even the choice of meal a passenger makes for a flight - will be handled in such a way to "strongly protect privacy and personal data", stating that "EU States should not be able to access the databases of air carriers" unless a direct and specific request is made.

There are also to be "clear rules" on how such data should be transferred in such a scenario where it was actually needed.

However, Buttarelli does not seem convinced by many of these assertions, and published a document to that effect late last week.

Besides questioning how the proposed legislation interacts with funding principles and prior EU law, Buttarelli's main issue is with the volume of data recovered, retention periods and unclear explanation of the extent to which EU governments can access the data.

The EU PNR Proposal entails an interference with the fundamental rights of a very large number of air passengers, without differentiation, limitation or exception being made in the light of the objective of fighting against serious crime and terrorism," writes Buttarelli.

He also mentions that this "indiscriminate" approach is partly what stopped the legislation passing on previous occasions. He suggests that "exceptional justification" to collect so much data would be required, and this justification has "never been made available" by the proposals.

Buttarelli is also concerned that, while the proposals ask for only 30 days' retention of "unmasked data" followed by a 4-5 year period of "masked data", some data will still remain behind that could make individual passengers identifiable for a further 30 years, with no reason "demonstrated why".

In terms of access limitation, Buttarelli points out that "the Proposal does not clearly mention how to strictly limit the access and the subsequent use of the data in question to the purpose of preventing and detecting precisely defined serious offences or of conducting criminal prosecutions relating hereto", stating overall a "lack of full transparency of the conditions of collection, access and use" of each and every passenger travelling in the air in the EU.

Buttarelli says he "welcomes the various improvements" (perhaps with tongue firmly in cheek, given his earlier statements) the Council and Committee seem to have made, but that none of the prerequisites for a robust PNR scheme are "met in the Proposal".

Your move, EU Commission.