After terrorist attacks in Paris and Copenhagen earlier this year, the member states' calls for the databases became louder, and the Commission has been working on a compromise to convince the Parliament to go ahead with the plan, promising better privacy protection.
With Wednesday's vote in the LIBE committee, the Commission appears to have succeeded.
However, the victory may be short-lived: Opponents of the databases warn that they may be illegal.
European digital rights groups EDRi and Access Now warn that the EU risks making exactly the same mistake it made when it adopted the Data Retention Directive obliging telecommunications operators to retain data about customers' communications and location and provide it to law enforcers. The Court of Justice of the European Union (CJEU) invalidated the directive last year because it interfered with fundamental privacy rights.
"The Commission has still not produced evidence for the necessity and proportionality of an EU PNR scheme," said Member of the European Parliament Jan-Philipp Albrecht. This means that "terrorists will be able to enter the EU easily by train or car as we put all money into blanket PNR collection," Albrecht added.
EDRi and Access Now say it is not proven that creating a blanket surveillance measure like the PNR databases will work to prevent terrorism and serious crimes.
The EU has already signed bilateral PNR Agreements with the U.S., Canada and Australia, and on Wednesday the Commission started negotiations for an EU-Mexico PNR agreement. Some EU countries such as the U.K. already have a PNR system while others have either enacted legislation or are currently testing PNR data systems, according to the Parliament's website.
The Parliament hopes to end negotiations on the PNR system before the end of the year.
Sign up for CIO Asia eNewsletters.