43 Amendments of Tomáš ZDECHOVSKÝ related to 2011/0023(COD)
Amendment 51 #
Draft legislative resolution
Citation 5 a (new)
Citation 5 a (new)
- having regard to the European Parliament resolution of 11 February 2015 on anti-terrorism measures (2015/2530(RSP)),
Amendment 106 #
Proposal for a directive
Recital 10
Recital 10
(10) To prevent, detect, investigate and prosecute terrorist offences and serious crime, it is therefore essential that all Member States introduce provisions laying down obligations on air carriers operating international flights to or from the territory of the Member States of the European Union, intra-EU flights from one Member State to another Member State and domestic flights with a final destination in the same Member State and non-carrier economic operators when involved in booking such flights.
Amendment 113 #
Proposal for a directive
Recital 11
Recital 11
(11) Air carriers already collect and process PNR data from their passengers for their own commercial purposes. This Directive should not impose any obligation on air carriers and non-carrier economic operators to collect or retain any additional data from passengers or to impose any obligation on passengers to provide any data in addition to that already being provided to air carriers and non-carrier economic operators.
Amendment 115 #
Proposal for a directive
Recital 11 a (new)
Recital 11 a (new)
(11a) Non-carrier economic operators, such as travel agencies and tour operators, sell package tours making use of charter flights for which they collect and process PNR data from their customers, yet without necessarily transferring the data to the airline operating the passenger flight.
Amendment 139 #
Proposal for a directive
Recital 15
Recital 15
(15) There are two possible methods of data transfer currently available: the ‘pull’ method, under which the competent authorities of the Member State requiring the data can reach into (access) the air carrier’s reservation system and extract (’pull’) a copy of the required data, and the ‘push’ method, under which air carriers and non-carrier economic operators transfer (’push’) the required PNR data to the authority requesting them, thus allowing air carriers to retain control of what data is provided. The ‘push’ method is considered to offer a higher degree of data protection and should be mandatory for all air carriers and non-carrier economic operators.
Amendment 143 #
Proposal for a directive
Recital 17
Recital 17
(17) The Member States should take all necessary measures to enable air carriers and non-carrier economic operators to fulfil their obligations under this Directive. Dissuasive, effective and proportionate penalties, including financial ones, should be provided for by Member States against those air carriers and non-carrier economic operators failing to meet their obligations regarding the transfer of PNR data. Where there are repeated serious infringements which might undermine the basic objectives of this Directive, these penalties may include, in exceptional cases, measures such as the immobilisation, seizure and confiscation of the means of transport, or the temporary suspension or withdrawal of the operating licence.
Amendment 161 #
Proposal for a directive
Recital 20
Recital 20
(20) Member States should share with other Member States and Europol the PNR data that they receive where such transferthis is necessary for the prevention, detection, investigation or prosecution of terrorist offences or serious crime or the prevention of immediate and serious threats to public security through. The provisions of this Directive should be without prejudice to other Union instruments on the exchange of information between police and judicial authorities, including Council Decision 2009/371/JHA of 6 April 2009 establishing the European Police Office (Europol)39 and Council Framework Decision 2006/960/JHA of 18 September 2006 on simplifying the exchange of information and intelligence between law enforcement authorities of the Member States of the European Union40 . Such exchange of PNR data between law enforcement and judicial authorities should be governed by the rules on police and judicial cooperation. __________________ 40 OJ L 386, 29.12.2006, p. 89.
Amendment 173 #
Proposal for a directive
Recital 21 a (new)
Recital 21 a (new)
(21a) PNR data should be processed to the greatest extent possible in a masked out way in order to ensure a highest level of data protection by making it impossible for those having access to masked out data to identify a person and to draw conclusions as to what persons are related to that data. Re-identifying masked out data is possible only under conditions ensuring a high level of data protection.
Amendment 203 #
Proposal for a directive
Recital 28
Recital 28
(28) This Directive does not affect the possibility for Member States to provide, under their domestic law, for a system of collection and handling of PNR data for purposes other than those specified in this Directive, or from transportation providers other than those specified in the Directive, regarding internal flights subject to compliance with relevant data protection provisions, provided that such domestic law respects the Union acquis. The issue of the collection of PNR data on internal flights should be the subject of specific reflection at a future date.
Amendment 207 #
Proposal for a directive
Recital 29
Recital 29
(29) As a result of the legal and technical differences between national provisions concerning the processing of personal data, including PNR, air carriers and non- carrier economic operators are and will be faced with different requirements regarding the types of information to be transmitted, as well as the conditions under which this information needs to be provided to competent national authorities. These differences may be prejudicial to effective cooperation between the competent national authorities for the purposes of preventing, detecting, investigating and prosecuting terrorist offences or serious crime.
Amendment 222 #
Proposal for a directive
Recital 32
Recital 32
(32) In particular, the scope of the Directive is as limited as possible, it allows retention of PNR data for period of time not exceeding 57 years, after which the data must be permanently deleted, the data must be anonymised after a very short periodmasked out after 6 months, the collection and use of sensitive data is prohibited. In order to ensure efficiency and a high level of data protection, Member States are required toit must be ensured that an independent national supervisory authority isand in particular its Data Protection Officer are responsible for advising and monitoring how PNR data are processed. All processing of PNR data must be logged or documented for the purpose of verification of the lawfulness of the data processing, self-monitoring and ensuring proper data integrity and security of the data processing. Member States must also ensure that passengers are clearly and precisely informed about the collection of PNR data and their rights.
Amendment 227 #
Proposal for a directive
Article 1 – paragraph 1
Article 1 – paragraph 1
1. This Directive provides for the transfer by air carriers of Passenger Name Record data of passengers of international flights to and from the Member Staterelating to passenger flights between EU Member States and third countries, for intra-EU flights and domestic flights, as well as the processing of that data, including its collection, use and retention by the Member States and its exchange between them.
Amendment 231 #
Proposal for a directive
Article 1 – paragraph 1 a (new)
Article 1 – paragraph 1 a (new)
1a. This Directive shall also apply to non- carrier economic operators that gather or store PNR data on passenger flights planned to land on the territory of a Member State originating in a third country or to depart from the territory of a Member States with a final destination in a third country, to intra-EU-flights and to domestic flights;
Amendment 253 #
Proposal for a directive
Article 2 – paragraph 1 – point b a (new)
Article 2 – paragraph 1 – point b a (new)
(ba) 'intra-EU flight' means any scheduled or non-scheduled flight by an air carrier originating in a Member State with a final destination in another Member State, including any transfer of transit flights;
Amendment 254 #
Proposal for a directive
Article 2 – paragraph 1 – point b b (new)
Article 2 – paragraph 1 – point b b (new)
(bb) 'domestic flight' means any scheduled or non-scheduled flight by an air carrier originating in a Member State with a final destination in the same Member State;
Amendment 257 #
Proposal for a directive
Article 2 – paragraph 1 – point c
Article 2 – paragraph 1 – point c
(c) ‘Passenger Name Record’ or 'PNR data' means a record of each passenger’s travel requirements captured and retained electronically by the air carrier or the non-carrier economic operators in its normal course of business which contains information necessary to enable reservations to be processed and controlled by the booking and participating air carriers for each journey booked by or on behalf of any person, whether it is contained in reservation systems, Departure Control Systems (DCS) or equivalent systems providing the same functionalities. Passenger data includes data created by air carriers or non-carrier economic operators for each journey booked by or on behalf of any passenger and contained in carriers' reservation systems, DCS, or equivalent systems providing similar functionality. PNR data consists of the data fields set out in the Annex;
Amendment 260 #
Proposal for a directive
Article 2 – paragraph 1 – point e
Article 2 – paragraph 1 – point e
(e) ‘'reservation systems’' means the air carrier’'s or the non-carrier economic operator's internal inventory system, in which PNR data are collected for the handling of reservations;
Amendment 262 #
Proposal for a directive
Article 2 – paragraph 1 – point e a (new)
Article 2 – paragraph 1 – point e a (new)
(ea) Non-carrier economic operator means an economic operator, such as travel agencies and tour operators, that provides travel-related services, including the bookings of flights for which they collect and process PNR data of passengers;
Amendment 264 #
Proposal for a directive
Article 2 – paragraph 1 – point f
Article 2 – paragraph 1 – point f
(f) ’push method’ means the method whereby air carriers transfer the required PNR dataand non-carrier economic operator transfer their existing PNR data listed in the Annex to this Directive into the database of the authority requesting them;
Amendment 324 #
Proposal for a directive
Article 3 – paragraph 3 a (new)
Article 3 – paragraph 3 a (new)
3a. Each Passenger Information Unit shall appoint an independent Data Protection Officer, who ensures the internal supervision of the Passenger Information Unit's activities and will totally oversee the transfer of PNR data to other competent authorities, to other Member States and Europol. The Data Protection Officer shall report wrong conduct of the data protection requirements set out in this directive
Amendment 333 #
Proposal for a directive
Article 4 – paragraph 1
Article 4 – paragraph 1
1. The PNR data transferred by the air carriers and the non-carrier economic operators, pursuant to Article 6, in relation to international flights which land on or depart from the territory of each Member State shall be collected only by the Passenger Information Unit of the relevant Member State. Should the PNR data transferred by air carriers and non-carrier economic operators include data beyond those listed in the Annex, the Passenger Information Unit shall delete such data immediately upon receipt.
Amendment 344 #
Proposal for a directive
Article 4 – paragraph 2 – point a
Article 4 – paragraph 2 – point a
(a) carrying out an assessment of the passengers prior to their scheduled arrival or departure from the Member State in order to identify any persons who may be involved in a terrorist offence or serious transnational crime and who require further examination by the competent authorities referred to in Article 5 as well as Europol. In carrying out such an assessment, the Passenger Information Unit may process PNR data against pre-determined criteria in accordance with this Directive, and may compare PNR data against relevant databases, including international or national databases or national mirrors of Union databases, where they are established on the basis of Union law, on persons or objects sought or under alert, in accordance with Union, international and national rules applicable to such files. Member States shall ensure that any positive match resulting from such automated processing is individually reviewed by non-automated means in order to verify whether the competent authority referred to in Article 5 needs to take action;
Amendment 365 #
Proposal for a directive
Article 4 – paragraph 2 – point c
Article 4 – paragraph 2 – point c
(c) responding, on a case-by-case basis based on sufficient evidence, to duly reasoned requests from competent authorities or Europol to provide PNR data and process PNR data in specific cases for the purpose of prevention, detection, investigation and prosecution of a terrorist offence or serious crime listed in Article 2.1 (i) or the prevention of an immediate and serious threat to public security, and to provide the competent authorities with the results of such processing; and
Amendment 411 #
Proposal for a directive
Article 5 – paragraph 1
Article 5 – paragraph 1
1. Each Member State shall adopt a list of the competent authorities entitled to request or receive masked out PNR data or the result of the processing of PNR data from the Passenger Information Units in order to examine that information further or take appropriate action for the specific purpose of preventing, detecting, investigating and prosecuting terrorist offences and serious crime or the prevention of immediate and serious threats to public security. Europol shall be entitled to request or receive PNR data or the result of the processing of PNR data from the Passenger Information Units of the Member States within the limits of its mandate and when necessary for the performance of its tasks.
Amendment 446 #
Proposal for a directive
Article 6 – paragraph 1
Article 6 – paragraph 1
1. Member States shall adopt the necessary measures to ensure that air carriers and non-carrier economic operators transfer ('push') the PNR data as defined in Article 2(c) and specified in the Annex, to the extent that such data are already collected by them, to the database of the national Passenger Information Unit of the Member State on the territory of which the international flight will land or from the territory of which the flight will depart. Where the flight is code-shared between one or more air carriers, the obligation to transfer the PNR data of all passengers on the flight shall be on the air carrier and the non-carrier economic operator that operates the flight. Where the flight has one or more stop-overs at the airports of the Member States, air carriers and the non-carrier economic operators shall transfer the PNR data to the Passenger Information Units of all the Member States concerned.
Amendment 457 #
Proposal for a directive
Article 6 – paragraph 2 – introductory part
Article 6 – paragraph 2 – introductory part
2. Air carriers and non-carrier economic operator shall transfer PNR data by electronic means using the common protocols and supported data formats to be adopted in accordance with the procedure of Articles 13 and 14 or, in the event of technical failure, by any other appropriate means ensuring an appropriate level of data security:
Amendment 469 #
Proposal for a directive
Article 6 – paragraph 3
Article 6 – paragraph 3
3. Member States may permit air carriers and non-carrier economic operators to limit the transfer referred to in point (b) of paragraph 2 to updates of the transfer referred to in point (a) of paragraph 2.
Amendment 476 #
Proposal for a directive
Article 6 – paragraph 4
Article 6 – paragraph 4
4. On a case-by-case basis, upon request from a Passenger Information Unit in accordance with national law, air carriers and non-carrier economic operator shall transfer PNR data where access earlier than that mentioned in point (a) of paragraph 2 is necessary to assist in responding to a specific and actual threat related to terrorist offences or serious crime.
Amendment 485 #
Proposal for a directive
Article 7 – paragraph 1
Article 7 – paragraph 1
1. Member States shall ensure that, with regard to persons identified by a Passenger Information Unit in accordance with Article 4(2)(a) and (b), the result of the processing of PNR data is transmitted by that Passenger Information Unit to the Passenger Information Units of other Member States where the former Passenger Information Unit considersand to Europol where any elements indicate such a transfer to be necessaryhelpful for the prevention, detection, investigation or prosecution of terrorist offences or serious crime or the prevention of immediate and serious threats to public security. The Passenger Information Units of the receiving Member States shallmay transmit such PNR data or the result of the processing of PNR data to their relevant competent authorities through using their Passenger Information Unit and using Europol's existing Secure Information Exchange Network Application (SIENA).
Amendment 536 #
Proposal for a directive
Article 7 – paragraph 6 a (new)
Article 7 – paragraph 6 a (new)
6a. Passenger Information Units shall establish the possibility for Europol to request access to PNR data.
Amendment 539 #
Proposal for a directive
Article 7 – paragraph 6 b (new)
Article 7 – paragraph 6 b (new)
6b. Member States shall ensure that their Passenger Information Unit's, in order to fulfil their tasks as laid down in Article 4(2)(c), co-operate in the application of state-of-the-art technologies through Europol using technologies that shall allow Passenger and Europol to combine their data with that of other Passenger Information Unit's by ensuring full protection of personal data with the aim of analysing the data pursuant to Article 4(2)(c).
Amendment 545 #
Proposal for a directive
Article 8 – paragraph 1 – introductory part
Article 8 – paragraph 1 – introductory part
A Member State may transfer PNR data and the results of the processing of PNR data to a third country, only on a case-by- case basis and in duly reasoned request based on sufficient evidence and if:
Amendment 554 #
Proposal for a directive
Article 8 – paragraph 1 – point a
Article 8 – paragraph 1 – point a
(a) the conditions laid down in Article 13 of Council Framework Decision 2008/977/JHA are fulfilled,transfer is necessary for the prevention, investigation, detection or prosecution of criminal offences, the prevention of immediate and serious threats to public security or the execution of criminal penalties;
Amendment 562 #
Proposal for a directive
Article 8 – paragraph 1 – point a b (new)
Article 8 – paragraph 1 – point a b (new)
(ab) the Member State from which the data were obtained has given its consent to transfer in compliance with its national law;
Amendment 565 #
Proposal for a directive
Article 8 – paragraph 1 – point a c (new)
Article 8 – paragraph 1 – point a c (new)
(ac) the third country or international body concerned ensures an adequate level of protection for the intended data processing;
Amendment 612 #
Proposal for a directive
Article 9 – paragraph 1
Article 9 – paragraph 1
1. Member States shall ensure that the PNR data provided by the air carriers and non- carrier economic operators to the Passenger Information Unit are retained in a database at the Passenger Information Unit for a period of 30 day6 months after their transfer to the Passenger Information Unit of the first Member State on whose territory the international flight is landing or departing.
Amendment 628 #
Proposal for a directive
Article 9 – paragraph 2 – subparagraph 1
Article 9 – paragraph 2 – subparagraph 1
Upon expiry of the period of 30 day6 months after the transfer of the PNR data to the Passenger Information Unit referred to in paragraph 1, the data shall be retained at the Passenger Information Unit for a further period of fiseven years. During this period, all data elements which could serve to identify the passenger to whom PNR data relate shall be masked out. Such anonymisedmasked out PNR data shall be accessible only to a limited number of personnel of the Passenger Information Unit specifically authorised to carry out analysis of PNR data and develop assessment criteria according to Article 4(2)(d). Access to the full PNR data shall be permitted only by the Head of the Passenger Information Unit for the purposes of Article 4(2)(c) and where it could be reasonably believed that it is necessary to carry out an investigation and in response to a specific and actual threat or risk or a specific investigation or prosecution.
Amendment 659 #
Proposal for a directive
Article 9 – paragraph 3
Article 9 – paragraph 3
3. Member States shall ensure that the PNR data are deleted permanently upon expiry of the period specified in paragraph 2. This obligation shall be without prejudice to cases where specific PNR data have been transferred to a competent authority and are used in the context of specific criminal investigations or prosecutions, in which case the retention of such data by the competent authority shall be regulated by the national law of the Member State.
Amendment 675 #
Proposal for a directive
Article 10 – title
Article 10 – title
Penalties against air carriers and non- carrier economic operators
Amendment 679 #
Proposal for a directive
Article 10 – paragraph 1
Article 10 – paragraph 1
Member States shall ensure, in conformity with their national law, that dissuasive, effective and proportionate penalties, including financial penalties, are provided for against air carriers and non-carrier economic operators which, do not transmit the data required under this Directive, to the extent that they are already collected by the them, or do not do so in the required format or otherwise infringe the national provisions adopted pursuant to this Directive.
Amendment 689 #
Proposal for a directive
Article 11 – paragraph 2
Article 11 – paragraph 2
2. Each Member State shall provide that the provisions adopted under national law in implementation of Articles 21 and 22 of the Council Framework Decision 2008/977/JHA regarding confidentiality of processing and data security shall also apply to all processing of personal data pursuant to this Directive. Air carriers which collect contact details for passengers who have booked their flights through a travel agency or other travel intermediary shall be prohibited from using those data for marketing purposes.
Amendment 704 #
Proposal for a directive
Article 11 – paragraph 4 a (new)
Article 11 – paragraph 4 a (new)
4a. Those persons who operate security controls, who access and analyse the PNR data, and who operate the data logs, must be security cleared and security trained.
Amendment 713 #
Proposal for a directive
Article 11 – paragraph 6
Article 11 – paragraph 6
6. Any transfer of PNR data by Passenger Information Units and competent authorities to private parties in Member States or in third countries shall be prohibited. Any wrong conduct should be sanctioned.