Complaints filed today in German courts and administrative complaints to data protection authorities in Austria challenge government access to and use and retention of Passenger Name Record data (commercial airline reservation records) as a violation of fundamental rights guaranteed  by European Union, German, and Austrian law:

• English translation of complaint, De Capitani v. Federal Republic of Germany
• Original complaint in German, De Capitani v. Bundesrepublik Deutschland
• Background information about the legal campaign (in German): NoPNR.eu
• We’re going to overturn the PNR directive (epicenter.works)
• Video of press conference by epicenter.works announcing campaign (in German)
• Press coverage in German:
  • Massenüberwachung: Bürgerrechtler klagen gegen Fluggastdatenspeicherung (Stefan Krempl, Heise.de)
  • Überwachung: Bürgerrechtsorganisationen klagen gegen Vorratsdatenspeicherung der Lüfte (Lorenz Mrohs, Netzpolitik.org)
  • Überwachung von Passagieren: Bürgerrechtler klagen gegen Fluggastdaten-Speicherung (Patrick Beuth, Spiegel Online)
  • Fluggast-Massenüberwachung: “Die Rasterfahndung am Himmel muss beendet werden” (Jannis Brühl, Süddeutsche Zeitung)
  • Datenschützer wollen Fluggastdatenspeicherung kippen (Georg Pichler, DerStandard.at)
  • PNR-System: Klage soll europäische Fluggastdatenspeicherung stoppen (Friedhelm Greis, Golem.de)
  •  NGOs wollen Sammlung von Flugpassagier-Daten kippen (Christoph „Burstup“ Weiss (ORF.at)
  • Fluggastdaten: Darf die Polizei wissen, in welchen Flieger Sie steigen? ( Kai Bierman, Zeit Online)
  • Streit um Fluggastdaten: Gegen Rasterfahndung am Himmel (Christian Roth, taz.de)
  • Aktivisten klagen gegen „Rasterfahndung am Himmel“ (Krone.at)

We’ve made (unsuccessful) administrative complaints regarding PNR data to data protection authorities in EU member states incluidng the Netherlands, France, and Germany, and challenged  some aspects of the US governmet’s PNR-based travel surveillaace system in US court under the Privacy Act. But so far as we know, the lawsuits filed today se are the first court cases outside the US to challenge the legality of government demands for access to PNR data or other travel records.

The European legal campaign against PNR-based mass surveillance of travelers is a project of the Gesellschaft für Freiheitsrechte (GFF) in Germany and epicenter.works – Plattform Grundrechtspolitik in Austria, funded in part by one of the first grants from Digital Freedom Fund (DFF) for impact litigation.

The lead plaintiff in the case filed in German administrative court in Wiesbaden, Emilio De Capitani, is a retired former director of the staff of the LIBE (civil liberties) committee of the European Parliament. Mr. De Capitani and the plaintiffs in additional cases filed in other German local courts are represented by Prof. Dr. Remo Klinger and his colleagues at the law firm of Geulen and Klinger in Berlin. The plaintiffs in the Austrian cases are represented by attorney Ronald Frühwirth in Graz.

Mr. De Capitani plans to fly from  Brussels to Berlin for a meeting of GFF in November 2019. He has purchased tickets and informed the airline that he does not want PNR data pertaining to his travel to be made available to government agencies

In response, the airline has told Mr. De Capitani that regardless of his preferences, the airline will provide government agencies in Germany (and possibly also Belgium, although it is not clear if Belgium already has or will have established a “Passenger Information Unit” to receive and process PNR data) with complete copies of the PNRs pertaining to his travel.

This action by the airline is required by German law. Germany and each other member state of the European Union is required to establish a Passenger Information [surveillance] Unit within the government and to have such a law mandating airlines to provide PNR data to the government to comply with the EU PNR Directive adopted in 2016.

The legal analysis in the complaint is conducted primarily under the legal standard of “proportionality” of intrusions on rights to legitimate government purposes. It focuses on the suspicionless, dragnet character of the  surveillance and retention of data concerning  travelers carried out through government access to PNR data, and the use of PNR data not merely for carrying out judicial orders against identified individuals, but also for pre-crime predictive profiling of innocent individuals based on algorithms and “patterns”.

Mr. De Capitani has asked the German court to find that the German PNR law violates fundamental rights recognized by German law, a decision that would ultimately be made by the German Constitutional Court. Because national courts of EU member states do not have jurisdiction to invalidate EU legislation, Mr. De Capitani has asked the German court to refer the question of whether the EU PNR Directive violates fundamental rights recognized by EU law to the European Court of Justice for a binding determination. And Mr. De Capitani has asked for a temporary preventive injunction prohibiting the government from accessing or requiring the airline to give the government access to PNR data pertaining to him and his travel to government agencies while the case is pending.

Mr. De Capitani’s legal complaint is directed against the German government. Others of the lawsuits filed today name airlines including Lufthansa as defendants.

[This article has been updated with additional information and links.]