Transatlantic Cooperation on Travelers' Data Processing: From Sorting Countries to Sorting Individuals

Transatlantic cooperation on traveler data now targets individuals. Lasting agreements must bridge U.S.–EU gaps on privacy and redress.

Governments once based the intensity of security screening primarily on a traveler’s nationality, but new sources of information, data sharing, and data processing allow a more direct focus on personal characteristics. Governments’ use (and sometimes misuse) of information gathered from these sources, however, raises a host of legal and political questions related to individual privacy and data-protection rights reflected in data-sharing agreements.

This report details the post-9/11 programs and agreements implemented by U.S. and European governments to identify terrorists and serious transnational criminals through the collection and processing of increasing quantities of traveler data. Data-sharing agreements have played a significant role both in enabling developments to take place, and in limiting potential negative consequences for individuals. As they enter the next phase of negotiations about data processing, the following recommendations will remain pertinent: border-control policies should become more “friendly” to travelers and citizens, data processing and its consequences should be opened up to greater public scrutiny and debate, technology should not be adopted blindly, the European Union should clarify its position on the use of profiling techniques, and policymakers on both sides of the Atlantic should acknowledge (and address) the political issues that their adoption raises.

Table of Contents

I. Introduction

II. The EU and US Travelers’ Data-Collection Architecture

A. Passenger Name Record Data

B. Advance Passenger Information

C. Data Collected Directly from Individuals

III. Using Data for Screening Passengers: Sorting Countries and Sorting Individuals

A. The “Dream of Targeted Governance”

B. Passenger Data and the Evolution of Border Security Strategies

IV. Data Protection, Privacy, and Other Concerns about the Use of Personal Passenger Data

Profiling and Data Mining

V. Policies and Agreements on Transatlantic Data Sharing

A. The Passenger Name Record Agreement

B. Recent Developments in the Evolution of the Transatlantic Data-Protection Framework

C. Commission Mandate for the EU-U.S. Data-Protection Agreement

D. Transfers of Data between EU and U.S. Government Bodies or Authorities

E. Data-Sharing and Processing Practices Involving Canada: The EU-Canada PNR Agreement

VI. Conclusion: The Challenges Ahead

About the MPI-EUI Project

This concluded, EU-funded project identified ways in which European and U.S. immigration systems can be improved to address major challenges, in the context of economic turmoil and in the longer term.

About the Global Program

The Global Program bridges policy advice, research, and candid dialogue to design effective migration policies, drawing on global evidence and anticipating the forces reshaping how people move.