Passenger Name Record

In a Passenger Name Record (PNR) to German PNR system, all data and processes around a flight booking (even hotel or car booking ) recorded electronically and still saved over a period of time even after the end of the flight in the computer reservation systems.

General

After completion of the initial input data, the respective computer reservation system assigns a unique reservation code, the Record Locator. Under this reservation code everyone can open the appropriate reservation system connected processor this flight reservation back and edit.

As a passenger you can with this reservation code on the Internet specially designed pages view his personal flight booking (see hotel or car booking ) and print it out. However, these possibilities, not all the data to the passenger can be seen.

Depending on the reservation system, different data is stored. Since the attacks of September 11, many states require increasingly, personal data that must be stored in a PNR, especially the United States of America, but also the United Kingdom. In September 2010 the European Commission presented a proposal for EU external strategy on transfer of air passenger data (PNR). Lay down the principles for data exchange of PNR data to third countries to be defined. A report by the FTD, according to the legal service of the Council of Member States has warned in a report warning that the policy was questionable as planned because it would too much restrict the right to respect for private life and the right to protection of personal data.

Data in a PNR

Generally found in a PNR History ( recording ) the following data:

• Date on which the PNR was first created and any subsequent changes
• Flight -specific data: Flight day (s) and distance (s), so-called segments
• Flight number (s)
• Flight times (figures in local times )
• Flight duration
• Aircraft ( type designation of the coming to the use of aircraft)
• Booking class ( every airfare arranges the airline a name, and later to be able to calculate the correct fare)

Background and criticism

It is completely clear to what extent the United States further use and store the collected data. According to EU parliamentarians criticized recent EU data protection the PNR agreement sharp as pure regression. Principle was to complain that the guarantees for the protection of personal data " are significantly lower than those of the previous agreement and that is not addressed important issues and deficits ".

Airlines in the EU Member States gave the U.S. authorities are free to 2007 34 details per passenger, officially the first three and a half years may be saved. The information contained not only names, birth and flight data, but also credit card information, special dietary requirements, advance reservations for hotels or rental cars as well as e -mail addresses and phone numbers. The Federal Data Protection Commissioner Peter Schaar criticized at the Berlin round of ARD Morning Show: "These 34 data fields are too many ." He pointed to efforts in the United States in the future to store the data not three and a half, but up to 30 years. The biometric data collected with a fingerprint and a face photo directly enter in the framework of the US-VISIT program would already archived for 99 years. Schaar also complained that the U.S. authorities have direct access to the reservation systems of airlines. This needs to change. Next criticized Schaar that actually every year should be a review of the data collected by the U.S., but this is so far only succeeded once. The parliamentary secretary of the FDP Ernst Burgbacher commented on the subject as follows: " The current situation without a clear legal regulation can not longer be tolerated "; in an agreement which would apply to the European data protection standards.

The European Court has already decided in 2006 that there is no appropriate legal basis for the transfer of air passenger data by EU Member States to the United States and that the data transfer is contrary to EU law. The EU Parliament has previously passed in 2004 against a closed on 28 May 2004 agreement to share the data between the EU Commission and the U.S. court.

For this reason, the EU Commission and the U.S. agreed on an interim agreement in terms of passenger data transfer. This Interim Agreement is based on the ECJ annulled by the agreement and contains essentially only the change that passenger data will in future not automatically queried ( " pull method "), but will only be released upon request ( " push method ").

The EU Parliament also doubted the passenger data for industrial espionage could be abused under the guise of fighting terrorism. Also in the Bundestag demanded opposition politicians recently a strict purpose limitation the transfer of information and as closely as possible limited retention periods. All groups in the Parliament called on the Government to ensure in a new agreement an adequate level of data protection, " especially in limiting the transmission of data and earmarking".

2007, a new agreement was created, which although reduces the transferred data records on 19, instead of 34, but their retention period extended from 3 to 15 years. With less data, the U.S. is but still do not have to survive: "It is a little mummery ," admitted an EU diplomat. " The reduction of 34 to 19 data fields comes about that various data items such as identification data are merged, without changing the amount of data something changes ," complained also of the Federal Data Protection Commissioner Peter Schaar. According to Schaar the agreements on PNR are just like the arrangements for access by U.S. authorities to transfer data from the SWIFT network " considering the requirements of European data protection law inadequate." They would also often lag behind the previous regulations. Critical to consider is beyond the extension of the storage period with partial online access, whether the derivation of any legal claims on non-conforming use of the data will be safe. Regrettable is also that no independent data protection supervision has been agreed. Alexander Alvaro, home affairs spokesman of the Liberals in the European Parliament, criticized the fact that the negotiations had been passed entirely to the Representatives and the U.S., the EU threatened landing bans on European airlines " the gun to my head " had set. U.S. diplomats urged their EU negotiators also repeatedly pointing out that arrivals of terrorists across Europe, the transatlantic partners have to bear the blame. The Green Member of Parliament Omid Nouri Pour appealed to Member States to stop the present Agreement on the supply of the PNR. Otherwise, must be switched on again, the European Court of Justice.

In March 2012 the European Parliament voted for the transatlantic agreement on the transfer of air passenger data. The United States must therefore continue PNRs first store 15 years. Anonymised information from the airlines can be stored indefinitely. The rapporteur of the EU Committee on Internal Affairs Sophie in't Veld commented on this as follows: Not only is the memory length of the data, including credit card and telephone numbers, IP addresses, or special dietary needs include, been actually ratcheted up to "infinite ". It adds that the Department of Homeland Security ( DHS) continues to auto-sync and perform computer search and create personal profiles. Also, the legal protection for EU citizens is inadequate. Both the EU Data Protection Supervisor Peter Hustinx as well as the "Article 29 Working Party " of European privacy advocates have made ​​it clear that the outcome of negotiations not going to the local fundamental rights requirements. The proposed control by Brussels was "a joke", was in't Veld. Even currently WOULD CHOOSE U.S. authorities daily up to 82,000 times a day data from the reservation systems of airlines from. It will change with the agreement bit. In addition, many other countries, including China and Saudi Arabia would continue to ask for the same access rights. Jan Philipp Albrecht, interior expert of the Greens, warned of an "open breach of the law ." The contract allow an automated data synchronization with risk profiles. The proposed "data retention of up to 15 years " is not proportionate. Cornelia Ernst of the Left sees the " fundamental right to protection of personal data undermined ". There were no serious remedy, rather be an " obstruction of justice " it.

At the same time it was announced that the EU wants to collect and store the data on passenger flights within Europe in the future. The data of the passengers will be for two years saved completely. They are then for another three years " anonymous " kept and destroyed after five years. However, even anonymized data can be reconstructed under certain conditions. Federal Data Protection Commissioner Peter Schaar said: " In all these initiatives it comes to travelers always seamless and comprehensive register the resulting data be kept longer time and to link without the single purpose any occasion would have offered "