Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

EU Court Blocks Air Passenger Data -- more info

From: David Farber <dave () farber net>
Date: Tue, 30 May 2006 13:38:23 -0400


Begin forwarded message:

From: Joel Reidenberg <reidenberg () sprynet com>
Date: May 30, 2006 1:06:33 PM EDT
To: dave () farber net
Subject: EU Court Blocks Air Passenger Data

Dave,
Yesterday, the European Court of Justice threw out the 2004 agreement between the US Dept. of Homeland Security and the Council of the EU that allowed the US government to gain access to European airline passenger data. The Court ruled that the Council could not declare that the promises made by the US provided 'adequate' privacy because the Council had no legal authority under the Directive on data privacy to address public security and state security matters. The Court never reached the substantive issues and did not address whether the protections promised by the US would be sufficient under EU standards. Nevertheless, the Court allowed the PNR transfers to continue until September 30, 2006 as a transition period. 

The decision presents a few scenarios:

- the US and the EU could negotiate a data privacy treaty (unlikely)
- airlines in Europe will scramble to find a way to comply with the DHS mandate and the US government will need to negotiate individually with each national Data Protection Authority in Europe (possible, but unattractive) - airlines and US government will search for the most flexible data protection agency to authorize transfers and then route and manage the PNR through a central headquarters location where the organization can be qualified as a "controller" in that DPA's country (most likely). This might work because, under EU law, the law of the place where the controller is located governs treatment of the data. The European Court's decision indicates that this location would have exclusive jurisdiction to permit the data flow to the US. If the US government then secures an agreement from that local data protection agency, the PNR could be sent to the US without impediment from other EU countries. 

Regards,

Joel



Recent papers:
Technology and Internet Jurisdiction, 153 Univ. Penn. L. Rev. 1951 (2005) http://ssrn.com/abstract=691501
Opportunities and Obstacles for the Simplification of International Data Privacy Rules, Proc. of 27th International Conf. of Data Protection Commissioners (Sept. 2005) 
http://www.privacyconference2005.org/fileadmin/PDF/reidenberg.pdf


**********************************************
Joel R. Reidenberg
Professor of Law and Founding Director
Fordham Information Law & Policy Center
Fordham University School of Law
140 West 62nd Street
New York, NY 10023
Tel: 212-636-6843
Fax: 212-636-6899
Email: reidenberg () sprynet com
Web: http://reidenberg.home.sprynet.com

**********************************************


-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/
Previous By Date Next
Previous By Thread Next

Current thread: