Court: EU-U.S. Passenger Data Deal Illegal

The European Union's highest court ruled Tuesday that an EU-U.S. passenger data deal was illegal, saying it did not provide adequate privacy protection for European travelers.

The trans-Atlantic agreement compels European airlines to turn over 34 pieces of information about each passenger - including name, address and credit card details - within 15 minutes of departure for the United States.

Washington argues that the information is vital to combat terrorism, and warned that airlines would face fines and a loss of landing rights if they did not comply.

The European Court of Justice in Luxembourg, however, found that the data would not be "adequately protected" by the U.S., and overruled a previous EU finding.

It backed a challenge from the European Parliament claiming that the EU view "does not constitute an appropriate legal basis for the decision approving the conclusion of the agreement and, in both cases, that fundamental rights have been infringed."

The European Parliament had asked the court to annul the treaty after the European Commission - the EU's executive body - and EU governments signed the deal with the Americans in May 2004, despite the parliament's strenuous objections.

Since March 2003, the EU and the U.S. have been exchanging data under an informal arrangement. But airlines had argued for a permanent legal settlement.

During the negotiations, the EU won some concessions from the Americans. These included shortening the time the data is stored, deleting sensitive information such as meal preference and U.S. assurances that the information would be shared with other countries on a restricted basis only.

The data collected are called passenger name records, or PNR, and can usually include a variety of information such as credit card numbers, travel itineraries, addresses, telephone numbers and meal requests. The latter can indicate a passenger's religion or ethnicity.

EU and U.S. officials say the data collected under the deal would only be used to fight terrorism and other serious crimes, including organized crime.

The deal would limit the amount of data on passengers that can be collected, restricts who can see it and calls for it to be stored no longer than 3 1/2 years.

Europeans would also have right to "equal redress" with U.S. authorities if they have a complaint to make and would have access to a privacy officer who handles complaints.

Washington has warned that if it does not get the passenger information it wants it would punish airlines with fines of up to $6,000 per passenger and the loss of landing rights.

The EU struck a similar deal with Canada last year that transfers passenger names to the Canada Border Services Agency, which has promised to treat the information in line with EU data protection.

The Associated Press