After five years of talks, MEPs have finally adopted a controversial EU law allowing the collection and sharing of flight passenger data.
The main aim of the EU passenger name records (PNR) directive, first proposed by the European Commission back in 2011, is to detect terrorist and serious criminal activity.
The vote on PNR was immediately welcomed by the Commission.
In a statement on Thursday, the executive said, "This is a strong expression of Europe's commitment to fight terrorism and organised crime."
However, the outcome was not universally welcomed and 'Access Now', a pressure group, issued a statement saying, "The directive infringes on the fundamental rights of millions of people travelling in and out of the EU. Adding more hay to the haystack by expanding data collection does not make Europeans more safe."
A spokesperson for Parliament's Greens/EFA group agreed, saying, "There is no evidence introducing a large and blunt data dragnet will improve security and could prove counter-productive by diverting resources badly-needed elsewhere."
The databases created under the law would contain sensitive information such as credit card details, and would be held for a disproportionately long period of time.
The directive allows for the transfer of basic passenger information given at the time of booking a flight in the EU to identify patterns of suspect behaviour.
Despite previous rejections, stiff opposition and an earlier rejection by Parliament's civil liberties committee, the plenary in Strasbourg adopted the law in a vote on Thursday.
Passenger name records are routinely used already in the USA and UK to detect terrorist activity, drug and people trafficking.
The data collected has proven useful and the agreement now approved by deputies will allow all data to be collected on all flights into and out of the EU, as well as flights within the EU.
EU governments are expected to quickly implement the legislation, adopted by 461 votes to 179 with nine abstentions, in order to assist in the detection of radicalised 'foreign fighters' returning from Syria.
Details of the legislation include:
- A five year retention period of data for both terrorism and serious criminal offences;
- After six months of storage, data will be masked out (anonymised) by authorities;
- A specific and closed list of offences the data can be used to investigate and prosecute;
- A clear framework of rules for the use of data, including the need for a data protection officer in the relevant law enforcement units.
The directive also states that there will be a "robust" review mechanism after two years.
The vote in Strasbourg comes after Parliament and Council reached a political agreement on an amended text of the PNR proposal last December.
Reaction was swift, with Commission First Vice President Frans Timmermans and EU migration, home affairs and citizenship Commissioner Dimitris Avramopoulos, saying, "This is a strong expression of Europe's commitment to fight terrorism and organised crime together through enhanced cooperation and effective intelligence sharing.
"The atrocious terrorist attacks in Paris on 13 November last year and Brussels on 22 March showed once more that Europe needs to scale up its common response to terrorism and take concrete actions to fight it. The directive will be an important contribution to our common response."
Speaking after the adoption of the proposals, British Tory MEP Timothy Kirkhope, who has steered the directive through Parliament, said, "We have adopted an important new tool for fighting terrorists and traffickers.
"By collecting, sharing and analysing PNR information, our intelligence agencies can detect patterns of suspicious behaviour to be followed up. PNR is not a silver bullet, but countries that have national PNR systems have shown time and again that it is highly effective."
Kirkhope noted that, "It has taken a number of years and hundreds of hours of negotiation, but finally we have an agreement. There were understandable concerns about the collection and storage or people's data, but I believe that the directive that we have adopted puts in place data safeguards, as well as proving that the law is proportionate to the risks we face."
The ECR group member added, "EU governments must now get on with implementing this agreement. We cannot afford to waste any more time in developing a robust response to the terrorist threat."
Further reaction came from EPP group leader Manfred Weber, who said, "With today's adoption of the directive we strengthen security for Europeans. After years on the negotiating table, Parliament finally brought the discussion to an end."
The German went on, "The new legislation is not a panacea but it is a very important tool in fighting terrorism and organised crime."
"We have to strengthen law enforcement authorities too. We have to use all instruments available to protect citizens' lives and enhance security in our cities. The new data protection standards are very high. It is not a mass collection of data but targeted access to data. The collected data are used only in cases of serious crimes, in a restricted manner."
EPP group shadow rapporteur Axel Voss said, "The vote was the final leg of a long journey in which common sense finally prevailed. The directive is a strong solution to fighting terrorism. We need this instrument in order to distinguish the bad from the good and to make our world a safer place. PNR adds true value to other EU tools."