EC Data Protection Directive Working Party Critical of Canadian Airline Passenger Information Program

In March 2004, the European Union Data Protection Working Party issued an opinion regarding Canada's recent adoption of several laws and regulations requiring airlines to transfer airline passenger information for security purposes when flying in and out of Canadian territory (the "API/PNR Program"). The opinion focuses on the level of protection afforded by Canadian authorities to transmitted personal data relating to both passengers and crew members.

The Working Party specifically expressed concerns regarding the type of information that is collected from passengers, the length of time that the data is retained and the anonymous nature of the data.

The Working Party also emphasized that the use of collected data should be limited to fighting acts of terrorism and a short list of serious offences directly related to terrorism. In addition, disclosure of API/PNR information to third countries must be restricted to cases where the information relates to persons traveling to those countries and may only be forwarded where the destination country affords equivalent levels of data protection.

The Working Party also advocated the use of the Canadian Privacy Act to provide recourse in the event of the unauthorized access, use or disclosure of Customs information.

For more details of this opinion, visit:
http://Europa.eu.int/comm/internal_market/privacy/docs/wpdocs/2004/wp88_en.pdf

Volume II

EC Data Protection Directive Working Party Critical of Canadian Airline Passenger Information Program