The paper used the foiled Yemen cargo bomb plot to say that it is “distressing” to consider the tension between the United States and Europe over aviation security, and especially the sharing of PNR information.
European privacy advocates suggest that U.S. authorities can easily misuse such information. In past years, the executive branch of the European Union has agreed to share the data; but recent legal changes have given the European Parliament control over the issue. And that body, heavily influenced by privacy activists, has instructed the E.U. to drive a harder bargain with the United States in the current round of talks over renewing the data-sharing. Among the European Parliament’s vaguely formluated demands are “effective independent oversight” of U.S. use of the data and a ban on “decisions having adverse effects on passengers . . . A human being must be involved before a passenger is denied boarding.”
Obviously, when government gathers and “mines” a vast array of names, addresses and credit card numbers, there is potential for abuse. We’re struck, though, by how little European critics of data-sharing have shown in the way of actual, as opposed to conceivable, harm. One oft-stated concern is that U.S. officials might use a request for halal meals to “profile” a passenger as a Muslim and therefore subject him or her to extra scrutiny. But that would be true for any passenger named “Muhammad” – and no one is proposing to forbid sharing passenger names. Recent events suggest that concerns over terrorism in the air are as serious as ever. The burden should be on the European Parliament to demonstrate why amorphous anxieties about privacy should trump them.
MEP Sophie in’t Veld responded here:
If the European Parliament is challenging the massive and indiscriminate collection of personal data, without concrete suspicion, this is part of its duty to Europe’s 500 million citizens, not some “amorphous anxieties about privacy.” We believe that data collection should be limited to what is necessary and proportional and that mass collection of data does not automatically lead to greater security.
Barry Steinhardt, senior adviser for Privacy International, responded here:
Private data, such as like our travel and financial records, flows back and forth across international borders. Europe and much of the rest of the developed world have has strong laws and independent institutions – data protection commissions – to guard private data within their borders. European law prohibits export of data to the nations without “adequate” privacy protections.
Sad to say, the United States flunks that adequacy test. We are the Wild West of privacy, where almost anything goes. With a few loophole-ridden exceptions, we have virtually no privacy laws that adequately protect Americans, let alone foreigners.
We do have a sheriff – the Federal Trade Commission-but it polices only the private sector, not the government. Even there, its role is limited to being an honesty cop. Corporations don’t have to affirmatively protect our privacy. They just can’t misrepresent what they do with our data. Bravo to Europe for protecting its citizens. Americans stand to benefit if those efforts rub off here.