The European Commission is reportedly revving up the engines on a controversial plan to retain passenger flight data across the EU, although a prior attempt got its wings clipped due to privacy concerns.
The new plan calls for a database with personal flight data such as travel dates, itineraries, ticket information and baggage information, according to a document published by Statewatch on Wednesday and described as a leaked and legitimate EC document.
The plan is being fast-tracked by the Commission in the wake of the shootings at French satirical magazine Charlie Hebdo earlier this month.
Critics say such a database could violate fundamental human rights, but the Commission argues that it would help law enforcement with the prevention, detection, investigation and prosecution of terrorist offenses and serious transnational crime.
An earlier proposal was shelved in 2013, when the European Parliament rejected the plans out of concern that they would violate fundamental rights. But since then, calls for such a database have become louder, and they are reaching a crescendo after the Paris attacks.
The Commission is now proposing a "workable compromise" to overcome political differences with the European Parliament, according to the published document.
The revised plan for a Passenger Name Record (PNR) database for EU flights aims "to strengthen the data protection safeguards, while preserving the operational effectiveness of the PNR proposal to fight terrorism and serious transnational crime," the document reads.
A Commission spokeswoman declined to comment on the authenticity of the document. She did say that the Commission is working "on all possible options," and that those need to be carefully assessed to reach a quick and effective result on the EU PNR proposal, fully in line with fundamental rights.
According to the leaked document, the Commission for example wants to narrow law enforcement access to the database for the purposes of fighting terrorism and "serious transnational crime", leaving out "serious crime." It also wants to reduce the retention period of the full PNR data to 7 days from 30 days. After that period, the data would be "depersonalized" and remain available for a period of four years -- instead of the original five years -- for investigations of transnational crimes. However, authorities investigating terrorism would get access to five years worth of data.
The leaked document also reveals that the EC wants stricter conditions for access to PNR data, so a Data Protection Officer would be appointed within national Passenger Information Units to be responsible for the processing of the data. Optionally, such transfers could also be overseen by a country's judicial authority, the Commission is proposing, adding that passenger rights should also be spelled out in order to explain how they could access their data and how to request the modification or erasure of their data.
Sign up for CIO Asia eNewsletters.