ACLU, Privacy Int'l on Eurocrats' "global travel surveillance" [priv]

[Declan McCullagh <declan () well com>]

---

Date: Mon, 2 Feb 2004 15:11:04 +0000
To: Declan McCullagh <declan () well com>
From: Simon Davies <s.g.davies () lse ac uk>
Subject: more scandal about PNR and air privacy

Declan,

this is our latest report on the air travel privacy issue. Some disquieting 
things have come out of it. I'd be grateful if you would circulate this on 
Politech :-)

Hope all is well

Cheers

Simon


PRIVACY INTERNATIONAL

MEDIA RELEASE


Report on Transfers of Air Passenger Data to the U.S. Department of 
Homeland Security:

Report discloses covert EU strategy to establish regime of global travel 
surveillance

Negotiations by the European Commission described as "systematic deception 
and subterfuge".

2nd February 2004
For immediate release



The human rights watchdog Privacy International today published a detailed 
report on covert actions by the European Commission intended to undermine 
the privacy rights of air travellers.

The report is the most comprehensive investigation yet published on 
negotiations between the US Department of Homeland Security and the 
Commission over the mandatory transfer to the US of files on all EU air 
passengers.

The report has been released in association with European civil rights 
groups Statewatch and the European Digital Rights Initiative (EDRi). It 
includes a commentary from the American Civil Liberties Union, voicing its 
concerns regarding the action of the U.S. government, while also raising 
their concern about the overstepping done by the EU.

A demand by the US for EU passenger data has provoked widespread concern in 
Europe. The Commission pledged to undertake hard-line negotiations to 
appease the US while also protecting Europe's cherished privacy rights.

However the Privacy International report provides damning evidence that the 
Commission has engaged in a process of systematic deception and subterfuge 
in the latter stage of negotiations.  Not only has it allowed key privacy 
rights to be extinguished in a deal struck with the US last December, but 
it has also failed to disclose its own intention to establish a more 
extensive regime in the EU. The proposed EU surveillance system will be 
used not only for purposes of anti-terrorism, but also for immigration, law 
enforcement and customs.

The Commission has also been silent about its pivotal role in plans to 
establish a global air travel surveillance system similar to the one being 
built by the US.

The report's principal author, Dr Gus Hosein, Senior Fellow at Privacy 
International, said: "This is a case of opportunism by the Commission.  The 
EU is can blame the U.S. for an admittedly unjust law, but then going 
further than the U.S. to establish a global system of surveillance of 
movement."

Privacy International has expressed its concern and anger at the actions of 
the Commission. It urges the European Parliament to conduct a comprehensive 
investigation into the affair, with a view to taking legal action against 
the Commission.

Privacy International's Director, Simon Davies, warned that the Commission 
had overstepped its mandate and had breached the trust of European 
citizens. "The European Parliament and the people of Europe have been 
deceived by the Commission. A full-scale investigation is now necessary. We 
believe legal action should be taken against the Commission to ensure that 
this dangerous subterfuge does not occur in the future", he said.

The report is available in pdf format at
http://www.privacyinternational.org/issues/terrorism/rpt/transferringprivacy.pdf
 _________________

 - Simon Davies is at simon () privacy org. Gus Hosein is at gus () privacy org

- Privacy International (PI) www.privacyinternational.org is a human rights 
group formed in 1990 as a watchdog on surveillance by governments and 
corporations. PI is based in London, and has an office in Washington, 
D.C.  Together with members in 40 countries, PI has conducted campaigns 
throughout the world on issues ranging from wiretapping and national 
security activities, to ID cards, video surveillance, data matching, police 
information systems, and medical privacy, and works with a wide range of 
parliamentary and inter-governmental organisations such as the European 
Parliament, the House of Lords and UNESCO.


--

Date: Mon, 02 Feb 2004 14:25:27 -0500
To: Declan McCullagh <declan () well com>
From: Barry Steinhardt <Bsteinhardt () aclu org>
Subject: New Report on American Grab of European Air Passenger Data

Declan,

Privacy International, the European Digital Right Initiative  and 
Statewatch have published a report Transferring Privacy: The Transfer of 
Passenger Records and the Abdication of Privacy Protection  on the 
agreement by the European Commission to transfer private information about 
air travellers flying from Europe to the US .The report and commentary on 
the role of the US Government by the ACLU, along with a link to the highly 
critical report of the internal EU "Article 29 Working Group" on Privacy 
can be found  http://www.aclu.org/Privacy/Privacy.cfm?ID=14852&c=130.

Notably the reports shows that the European Commission has failed to 
protect the privacy and fair process rights of its residents and the 
citizens of other nations, including Americans, who fly from Europe to the US.

   * The Europeans declared US privacy protections "adequate," a finding 
required under EU law for sharing data, despite the fact that the U.S. 
clearly does not meet the criteria for such a finding.
   * Although the EU legal regime only permits data transfer for combating 
terrorism, the European Commission allowed the US to use information for 
regular crimes as well.
   * The Commission announced that the December 2003 agreement did not 
permit the U.S. to use European data for CAPPS II, and that would be 
negotiated separately.  A few weeks later, however, the U.S. Department of 
Homeland Security declared that European records are currently being used 
to test CAPPS II.  This even before a Congressionally mandated study of the 
likely privacy implications and effectiveness of CAPPS has even been 
completed.
   * The Commission accepted a U.S. offer to retain European data for 3.5 
years, far in excess of what EU regulations permit.
   * The Commission accepted a weak due process procedure that is entirely 
internal to the Department of Homeland Security, where EU rules require a 
true right to redress for citizens who believe their data is being abused.
I hope you will post this message and the links to Politiech. I believe the 
list members will find it of interest.

Barry Steinhardt





Director Technology and Liberty Program
American Civil Liberties Union
125 Broad Street NYC 10004


_______________________________________________
Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)