The European Parliament has voted to refer a proposed agreement between the European Union and Canada concerning transfers from the EU to Canada of Passenger Name Record (PNR) data about air travelers to the European Court of Justice (ECJ) for the court’s opinion on whether the agreement is consistent with EU treaties and the EU Charter of Fundamental Rights.
This action might easily — and correctly — be dismissed as narrow, technical, evasive of legislators’ responsibility to consider the propriety and legality of their own actions (and to reject proposals outright if they think they would violate treaties or fundamental rights), and of no direct relevance to the US.
But this could, nevertheless, prove to be a significant setback to the efforts of the US “homeland-security” and surveillance establishment, and its allies in Europe and Canada, to globalize the PNR-based system of surveillance and control of travelers that has been put in place in the USA since 9/11.
Canada requires all international airlines to hand over passenger data to the Canadian government, and passengers on flights to, from, within, or overflying Canada are “vetted” against both Canada’s own no-fly list and the US government’s no-fly list. Canadian data privacy law has been amended twice since 9/11 to allow cross-border transfers of data about airline passengers. But while those requirements have some domestic support in Canada, they have been enacted somewhat reluctantly by the Canadian Parliament, mainly in order to avoid interference by the US with the large fraction of flights to, from, and within Canada that routinely pass through US airspace. There has been opposition by some Members of the Canadian Parliament, by the Privacy Commissioner of Canada, and by Canadian NGOs such as the International Civil Liberties Monitoring Group / Coalition pour la surveillance internationale des libertés civiles.
In April of 2012, the European Parliament approved — over objections from a substantial minority of MEPs — an “agreement” to permit transfers of PNR data to the US. But European opinion on this issue has shifted significantly since between then and this month’s debate on the EU-Canada PNR agreement, as a result of (1) Edward Snowden’s revelations about NSA spying, (2) growing recognition of the parallels between surveillance of communications metadata and surveillance of travel metadata, and (3) the ruling in April of 2014 by the ECJ that an EU directive mandating retention and government access to communications, internet, and transaction metadata violates European law and fundamental rights.
The ruling by the ECJ has voided the EU data retention directive. The hope is that the EU-Canada PNR agreement will be the second domino to fall, with the EU-USA PNR agreement next in line.