Menu
Canada-EU counter-terror data exchange is illegal, says top EU judge

Canada-EU counter-terror data exchange is illegal, says top EU judge

The opinion of the attorney general of the Court of Justice of the EU is not binding on the court

An agreement to send Canadian authorities passenger name record (PNR) data for flights from the European Union cannot be entered into in its current form, a top European Union judge has said.

That's because parts of the draft agreement are incompatible with EU citizens' fundamental privacy rights, according to Paolo Mengozzi, Advocate General of the Court of Justice of the EU, in a legal opinion issued Thursday.

His opinion, on a case brought by the European Parliament, is only advisory, and it still remains for the CJEU to make a final ruling on the matter.

But if the court follows his advice, it could disrupt the European Commission's plans for a new directive on the sharing of PNR data among EU member states and with other countries. 

The agreement, which the EU and Canada began negotiating in 2010, concerns the transfer of PNR data to Canadian authorities for the purpose of combatting terrorism and other serious transnational crime. The passenger name records concerned contain 19 categories of information, covering the passenger's identity, nationality, address, contact details of the person making the reservation, payment information such as the number of the credit card used to reserve the flight, luggage details, and additional services requested concerning health problems, mobility, or dietary requirements. This might allow authorities to infer information about passengers' ethnic origin or religious beliefs.

The European Parliament refused to give its approval to the deal following its signature by the Council of the EU in 2014, preferring first to seek the opinion of the CJEU on its compatibility with EU laws on privacy and the protection of personal data.

In his opinion, Advocate General Mengozzi found five articles of the agreement incompatible with the provisions of the EU Charter of Fundamental Rights on the right to respect for private and family life, and the right to protection of personal data.

Those articles allow Canada to:
- process PNR data for reasons other than the agreement's public security objectives of preventing and detecting terrorist offenses and serious transnational crime;
- process, use and retain sensitive data;
- make unnecessary disclosures of the information;
- keep the data for up to five years for pretty much any reason, whether or not connected to the prevention of terrorism or serious crime, and
- transfer the data to a third country without being able to prevent that transfer to yet other countries.

Mengozzi identified 11 changes to the agreement needed in order to make it compatible with the charter, including:
- clearly defining the data to be transferred, and excluding sensitive data from the definition;
- exhaustively listing the offenses that constitute serious transnational crime, and
- informing EU member states when information about one of their citizens is passed on to other agencies.

His opinion was greeted with a mixture of delight and dismay.

Timothy Kirkhope MEP, Justice and Home Affairs spokesman of the European Conservatives and Reformists group, described the opinion as irresponsible and said: "Given the level of the threat you have to ask what planet some of these lawyers live on. Law enforcement authorities all say we are continually playing catch-up on information flow and analysis, and the CJEU now risks setting back our efforts even further."

But Joe McNamee, Executive Director of lobby group European Digital Rights, agreed with the advocate general's disapproval of the deal. "Once again, the European Court is confirming that the European Commission has failed to understand the law. The European Commission has -- again -- failed in its basic function as the 'guardian of the treaties,'" he said.

If the full court follows Mengozzi's advice, then the data sharing agreement may not enter into force until those amendments are made. The opinions of the court's advocates general are not binding, but the court follows them in the majority of cases.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Featured

Slideshows

The making of an MSSP: a blueprint for growth in NZ

The making of an MSSP: a blueprint for growth in NZ

Partners are actively building out security practices and services to match, yet remain challenged by a lack of guidance in the market. This exclusive Reseller News Roundtable - in association with Sophos - assessed the making of an MSSP, outlining the blueprint for growth and how partners can differentiate in New Zealand.

The making of an MSSP: a blueprint for growth in NZ
Reseller News Platinum Club celebrates leading partners in 2018

Reseller News Platinum Club celebrates leading partners in 2018

The leading players of the New Zealand channel came together to celebrate a year of achievement at the inaugural Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months, with more than ​​50 organisations in the spotlight.​​​

Reseller News Platinum Club celebrates leading partners in 2018
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP has honoured its leading partners in New Zealand during 2018, following 12 months of growth through the local channel. Unveiled during the fourth running of the ceremony in Auckland, the awards recognise and celebrate excellence, growth, consistency and engagement of standout Kiwi partners.

Meet the top performing HP partners in NZ
Show Comments