Ironically, on the day Europe marks Data Protection Day, it emerged that Britain is leading a campaign to beef up counter terrorism tactics by dramatically increasing the amount of Passenger Name Record (PNR) data collected on every aircraft passenger in Europe, ahead of flying. It is due to be discussed at a Meeting of Ministers for Justice and Home Affairs in Riga on January 29.
Currently, the data collected includes travel dates, travel itinerary, ticket information, contact details, the travel agent through which the flight was booked, means of payment used, seat number and baggage information. The data is stored in the airlines' reservation and departure control databases.
The new proposal – being championed by the UK Home Secretary Theresa May as part of Prime Minister David Cameron’s pre-election campaign of talking tough on terror – envisages 42 further pieces of data being collected on each passenger.
These include details of all forms of payment information, billing address, contact telephone numbers, frequent flyer information, “general remarks”, special service requests such as meal preferences, “received from” information and one-way tickets.
The UK has already opted into the Advance Passenger Information (API) and Passenger Name Record (PNR) data agreement with the US, Canada and Australia, under which passenger data is kept for ten years ('masked' after 6 months, but capable of being re-personalised in the event of a terror investigation).
Charlie Hebdo Attacks Spark EU Action
On January 11, 2015 – the day millions marched in France in solidarity with those killed in the Charlie Hebdo shootings – Theresa May met other European interior ministers and agreed to push for further powers to retain more PNR data in the fight against terror.
In a statement to parliament following the Charlie Hebdo attacks, Theresa May said:
“There was firm support from all the countries present for new action to share intelligence, track the movement of terrorists and defeat the ideology that lies behind the threat. It is important that we now deliver on those talks, and my officials, the Security Minister and I will keep up the pace—in particular when it comes to passenger name records—with other European member states.”
Cameron’s government failed to pass through parliament the proposed Electronic Data Bill, requiring all communications providers to hold for 12 months users’ telephone call, email and browsing data so that they could be used by the security services. The Liberal Democrats did not support the bill, but Cameron and May have tried ever since to introduce similar powers, using the emergency Drip Act (Data Retention and Investigatory Powers Act 2014) to strengthen anti-terrorist powers.
Sputnik UK's Jim Ensom explained the political context of the Snooper's Charter and the moral and ethical questions dividing Westminster.
The emergency legislation – which only lasts until 2016 – was brought in following a European Court of Justice (ECJ) ruling on data retention that declared the European Data Retention Directive to be invalid. In its April ruling, the ECJ found that "the wide-ranging and particularly serious interference of the directive with the fundamental rights at issue is not sufficiently circumscribed to ensure that that interference is actually limited to what is strictly necessary."
However, attempts are being made to add extra clauses into the Counter-Terrorism and Security Bill currently going through parliament to bring in sweeping powers of mass data collection.
Clear Breach of Human Rights
May told parliament: “This is not, as I have heard it said, ‘letting the Government snoop on your e-mails’. It is allowing the police and the security services, under a tightly regulated and controlled regime, to find out the who, where, when and how of a communication but not its content, so that they can prove and disprove alibis, identify associations between suspects, and tie suspects and victims to specific locations.”
But Mike Rispoli, from Privacy International, told Sputnik UK that the invasive use of PNR data was incompatible with human rights legislation.
“I think that there are real concerns around the amount of data and how long it’s being stored for. I don’t see any reason why things like your meal preferences should be stored, other than to be used for profiling purposes."
“Last year the European Court of Justice very clearly stated that this type of mass data retention is incompatible with human rights. What is being proposed very clearly violates this ruling. These types of proposals constitute mass surveillance and are a breach of human rights. It is a gross violation of our right to privacy.”
Data Protection Day is marked on January 28 each year in the US, Canada and Europe to raise awareness of the need to protect personal data. Human rights and civil liberty groups question whether the mass-trawling of passenger data and the mass-collection of internet browsing and e-mail information will go any way to protect personal data.
Nor will it make the world safer from terrorists, who now resort to using the dark web and other less public forms of communication.