In Terror Fight, EU Officials Seek Air Passenger, Social Media Data

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Stephen Gardner

Jan. 29 — Justice ministers from the European Union's 28 member states Jan. 29 confirmed plans to respond to recent terrorist attacks in Belgium and France by pressing ahead with a stalled EU directive that would require airlines to hand over passenger booking data to law enforcement agencies.

Meeting in Riga, Latvia, ministers issued a joint statement on the EU response to the terrorist attacks, which also included a commitment to work with social media companies to remove extremist content from their platforms.

However, the ministerial statement didn't mention ideas outlined by some EU officials to require technology companies such as WhatsApp Inc. to give law enforcement agencies access to encrypted communications.

Silent on Back Door Access

U.S. President Barack Obama and U.K. Prime Minister David Cameron have raised the issue of the creation of a back door to allow law enforcement agencies access to encrypted private communications. EU officials debated the idea with the European Parliament's Civil Liberties, Justice and Home Affairs committee (LIBE) Jan. 27.

Privacy analysts and EU lawmakers have questioned if access to encrypted communications is technically workable and have said it might represent an infringement of privacy rights.

In their joint statement, the justice ministers were silent on the apparent dropping of the idea of gaining access to encrypted private communications as a counterterrorism measure.

Janis Berzins, a spokesman for the Latvian government, which presently holds the rotating presidency of the European Council and organizes ministerial meetings, told Bloomberg BNA Jan. 29 that the ministerial statement contained “the things we are working towards.”

“That's all I can say right now,” Berzins said.

Air Travel Records Revisited

On access to airline passenger booking information, known as passenger name records (PNR), the Jan. 29 ministerial statement said “constructive dialogue should be restarted with the European Parliament with a view of the adoption of the EU PNR directive as soon as possible.”

The commission, the EU's executive arm, proposed in February 2011 a PNR directive, which would require airlines to provide information from their passenger databases for flights arriving in or departing from the EU to a dedicated law enforcement unit established in each member state.

Under the proposal, EU member state authorities would be able to hold the data, including passenger names, addresses, phone numbers and credit card details, for up to five years.

The proposal has been in limbo since LIBE committee lawmakers blocked it in mid-2013, saying that it amounted to blanket surveillance and contravened privacy rights.

The opposition to the PNR proposal of some LIBE committee lawmakers has become more entrenched since the April 2014 European Court of Justice ruling that invalidated the EU Data Retention Directive (2006/24/EC), which required telecommunications and Internet companies to provide subscriber communication data to law enforcement agencies.

Jan Philipp Albrecht, a prominent German Green lawmaker who is the European Parliament's lead negotiator on the EU's ongoing data protection reform, said in a Jan. 28 statement that the ECJ ruling on the Data Retention Directive was “crystal clear,” and “it is unthinkable that the commission would try and bulldoze through a PNR scheme based on blanket data collection.”

European Parliament's Next Move

European Parliament spokeswoman Isabel Teixeira Nadkarni told Bloomberg BNA Jan. 29 that the next move on the stalled PNR Directive would be taken by Timothy Kirkhope, a British center-right lawmaker who is responsible for preparing the Parliament's position on the directive.

Kirkhope was “planning to present a revised draft report” setting out amendments to the commission's initial proposal, for adoption by LIBE and subsequent adoption by the whole European Parliament, Nadkarni said.

The Council of the EU, which represents EU member state governments, has already adopted a position on the PNR proposal, so it was now “up to Parliament to take a decision,” Nadkarni said.

Once a Parliament position is in place, Parliament and council negotiators can meet to finalize the directive.

Nadkarni said that it was currently unclear when discussions in LIBE on the stalled proposal would start.

Content Monitoring

On extremist online content, justice ministers said in the Jan. 29 statement that they would strengthen their “efforts to cooperate closely” with Internet companies to “detect and remove illegal content, in full respect of fundamental rights, fundamental freedoms and in full accordance to national legislation.”

EU Migration, Home Affairs and Citizenship Commissioner Dimitris Avramopoulos, speaking to journalists Jan. 29, said that EU officials would meet with social media companies and civil society to develop “concrete workable solutions” for monitoring platforms and detecting extremist content.

The ministers' statement added that “possible creation of effective counter-narratives, notably on social media, should also be explored.”

Other measures to counter terrorism would include closer cooperation between EU law enforcement agencies, better sharing of data from existing border control and criminal record databases and “reinforcement of the existing tools” to track financial transactions, the ministers' statement said.

The EU-level response to recent terrorist attacks will be further discussed at a Feb. 12 meeting of EU prime ministers and presidents.

To contact the reporter on this story: Stephen Gardner in Brussels at

To contact the editor responsible for this story: Katie W. Johnson at

The justice ministers' joint statement on measures to combat terrorism is available at


Request Bloomberg Law: Privacy & Data Security