Wednesday, 27 January 2010

EDPS on agreements to transfer data outside EU - passenger name records, financial data

The European Data Protection Supervisor Peter Hustinx has issued comments on international agreements for the exchange of data of 25 Jan 2010, notably the EU-US and EU-AUS PNR (passenger name record i.e. passenger flight info) agreements and the EU-US TFTP (Terrorist Finance Tracking Program) agreement (allowing the US to get info on EU banking transactions).

In brief, he's not happy with that the agreements adequately protect the privacy of EU citizens in terms of purpose limitation, proportionality etc.

He also emphasised the need for a comprehensive approach to international data exchange agreements and would support the current initiative for a transatlantic agreement on law enforcement with the United States of America (mentioned in my summary of the Article 29 Working Party's paper on the future of privacy) - "provided that the level of protection offered by the agreement is sufficiently high and strong implementation measures are foreseen".

©WH. This work is licensed under a Creative Commons Attribution Non-Commercial Share-Alike England 2.0 Licence. Please attribute to WH, Tech and Law, and link to the original blog post page. Moral rights asserted.