EUR-Lex Access to European Union law

Back to EUR-Lex homepage

This document is an excerpt from the EUR-Lex website

EU-US agreement on airline passenger name record data

EU-US agreement on airline passenger name record data

The aim of the agreement is to set a legal framework for the transfer of passenger name records (PNR) data by carriers operating passenger flights between the EU and the United States to the United States Department of Homeland Security (DHS).

ACT

Council Decision 2012/472/EU of 26 April 2012 on the conclusion of the agreement between the United States of America and the European Union on the use and transfer of passenger name records to the United States Department of Homeland Security

SUMMARY

The goal of the agreement is to set a legal framework for the transfer of passenger name records (PNR) data by carriers operating passenger flights between the European Union and the United States to the US Department of Homeland Security (DHS) and the subsequent use of that data by the US DHS.

The main purpose is to prevent, detect, investigate and prosecute terrorist offences and related crimes, as well as other serious cross-border crimes punishable by a sentence of imprisonment of at least 3 years.

PNR data is the information voluntarily provided by passengers and collected by air carriers during the reservation and check-in procedures. It includes information such as name, dates of travel and travel itinerary, ticket information, contact information, payment /billing information, travel agent, seat number and baggage information.

Key points of the EU-US PNR agreement are as follows:

  • The use of PNR data will be limited to the prevention, detection, investigation and prosecution of terrorist offences or transnational crime.
  • There will be a legally binding commitment from the US Department of Homeland Security to inform the Member States and EU authorities of any EU-relevant intelligence leads flowing from the analysis of these PNR data.
  • There will be a robust data protection regime with strong data security and integrity requirements.
  • Individuals will have the right to access their PNR data held in the United States and, if the information is inaccurate, it must be changed or removed.
  • There will be limited usage of PNR data for a period of 10 years for transnational crime and 15 years for terrorism. After 6 months personally identifiable information of PNR data will be masked out and after 5 years PNR data will be moved to a dormant database with additional controls.

BACKGROUND

PNR, which stands for passenger name record, is the information passengers provide to the airline or travel agent when booking a flight. This information has been used by law enforcement authorities around the world for many years to identify serious criminals and terrorists. It was used, for example, to get hold of the terrorists behind the planning of a suicide bombing in the subway in New York in 2009. It was also used after the 2008 terror attacks in Mumbai and to get hold of the plotter behind the planned attack in Times Square in 2010. This information is also an extremely important tool to identify drug smugglers.

The 2012 EU-US agreement on passenger name records (PNR) replaces the EU-US agreement of 2007.

REFERENCES

Act

Entry into force

Deadline for transposition in the Member States

Official Journal

Council Decision 2012/472/EU

12.8.2012

-

OJ L 215 of 11.8.2012.

RELATED ACTS

Council Decision 2012/471/EU of 13 December 2011 on the signing, on behalf of the Union, of the agreement between the United States of America and the European Union on the use and transfer of Passenger Name Records to the United States Department of Homeland Security (Official Journal L 215 of 11.8.2012)

Last updated: 28.01.2014

Top