[ParlTrack]

Proposal for a directive
Recital 11 a (new)

(11a) The Member States shall bear the costs of collecting, processing and forwarding PNR data.

2011/09/15
Committee: TRAN

Proposal for a directive
Recital 13

(13) PNR data should be transferred by air carriers to a single designated unit (Passenger Information Unit) in the relevant Member State, so as to ensure clarity and reduce costs to ~~air carrier~~Member States.

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Recital 28

(28) This Directive does not affect the possibility for Member States to provide, under their domestic law, for a system of collection and handling of PNR data for purposes other than those specified in this Directive, or from transportation providers other than those specified in the Directive, regarding internal flights subject to compliance with relevant data protection provisions, provided that such domestic law respects the Union acquis. The issue of the collection of PNR data on internal flights should be the subject of specific reflection at a future date.deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Recital 32

(32) In particular, the scope of the Directive is as limited as possible, it allows retention of PNR data for period of time not exceeding ~~5 year~~three months, after which the data must be deleted, the data must be anonymised after a very short period, the collection and use of sensitive data is prohibited. In order to ensure efficiency and a high level of data protection, Member States are required to ensure that an independent national supervisory authority is responsible for advising and monitoring how PNR data are processed. All processing of PNR data must be logged or documented for the purpose of verification of the lawfulness of the data processing, self-monitoring and ensuring proper data integrity and security of the data processing. Member States must also ensure that passengers are clearly and precisely informed about the collection of PNR data and their rights.

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 1 – paragraph 2 a (new)

2a. This Directive does not apply to flights within Europe or to means of transport other than airplanes.

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 4 – paragraph 1 a (new)

1a. The Member States shall bear the costs of collecting, processing and forwarding PNR data.

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 4 – paragraph 2 – point a

(a) carrying out an assessment of the passengers prior to their scheduled arrival or departure from the Member State in order to identify any persons who may be involved in a terrorist offence or serious transnational crime and who require further examination by the competent authorities referred to in Article 5. In carrying out such an assessment, the Passenger Information Unit may process PNR data against pre-determined criteria. Member States shall ensure that any positive match resulting from such automated processing is individually reviewed by non-automated means in order to verify whether the competent authority referred to in Article 5 needs to take action;deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 4 – paragraph 2 – point b

(b) ~~carrying out an assessment of the passengers~~further assessment – which may be carried out prior to their scheduled arrival or departure from the Member State ~~in order to identify any persons who may be involved in a terrorist offence or serious crime and who require further examination by the competent authorities referred to in Article 5~~by the competent authorities referred to in Article 5 – of passengers in respect of whom there are factual grounds for suspicion of involvement in a terrorist offence or serious crime. In carrying out such an assessment the Passenger Information Unit may compare PNR data against relevant databases, including international or national databases or national mirrors of Union databases, where they are established on the basis of Union law, on persons or objects sought or under alert, in accordance with Union, international and national rules applicable to such files. Member States shall ensure that any positive match resulting from such automated processing is individually reviewed by non-automated means in order to verify whether the competent authority referred to in Article 5 needs to take action;

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 4 – paragraph 2 – point d

(d) analysing PNR data for the purpose of updating or creating new criteria for carrying out assessments in order to identify any persons who may be involved in a terrorist offence or serious transnational crime pursuant to point (a).deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 4 – paragraph 3 a (new)

3a. The processing of PNR data may be authorised only by order of a court of a Member State following application by the Passenger Information Unit. Only in the event of danger in delay (‘periculum in mora’) may the Passenger Information Unit authorise such processing.

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 4 – paragraph 4

4. The Passenger Information Unit of a Member State shall transfer the PNR data or the results of the processing of PNR data of the persons identified in accordance with point~~s (a) and~~ (b) of paragraph 2 for further examination to the relevant competent authorities of the same Member State. Such transfers shall only be made on a case-by- case basis.

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 6 – paragraph 1

1. Member States shall adopt the necessary measures to ensure that air carriers transfer (i.e. 'push') the PNR data as defined in Article 2(c) and specified in the Annex, to the extent that such data are already collected by them, to the database of the national Passenger Information Unit of the Member State on the territory of which the international flight will land or from the territory of which the flight will depart. Where the flight is code-shared between one or more air carriers, the obligation to transfer the PNR data of all passengers on the flight shall be on the air carrier that operates the flight. Where the flight has one or more stop-overs at the airports of the Member States, air carriers shall transfer the PNR data to the Passenger Information Units of all the Member States concerned.

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 6 – paragraph 2 – introductory part

2. Air carriers shall transfer PNR data by electronic means using the common protocols and supported data formats to be adopted in accordance with the procedure of Articles 13 and 14 ~~or, in the event of technical failure, by any other appropriate means ensuring an appropriate level of data security~~:

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 6 – paragraph 3

~~3. Member States may permit air carriers to limit the transfer referred to in point (b) of paragraph 2 to updates of the transfer referred to in point (a) of paragraph 2.~~deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 7 – paragraph 1

1. Member States shall ensure that, with regard to persons identified by a Passenger Information Unit in accordance with Article 4(2)~~(a) and~~ (b), the result of the processing of PNR data is transmitted by that Passenger Information Unit to the Passenger Information Units of other Member States where the former Passenger Information Unit considers such transfer to be necessary for the prevention, detection, investigation or prosecution of terrorist offences or serious crime. ~~The Passenger Information Units of the receiving Member States shall transmit such PNR data or the result of the processing of PNR data to their relevant competent authorities.~~

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 7 – paragraph 2

2. The Passenger Information Unit of a Member State shall have the right to request, if necessary, the Passenger Information Unit of any other Member State to provide it with PNR data that are kept in the latter’s database in accordance with Article 9(1), and, if necessary, also the result of the processing of PNR data. The request for such data may be based on any one or a combination of data elements, as deemed necessary by the requesting Passenger Information Unit for a specific case of prevention, detection, investigation or prosecution of terrorist offences or serious crime. Passenger Information Units shall provide the requested data as soon as practicable and shall provide also the result of the processing of PNR data, if it has already been prepared pursuant to Article 4(2)~~(a) and~~ (b).

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 8 – paragraph 1 – introductory part

A Member State may transfer PNR data and the results of the processing of PNR data to a third country only on the basis of an international agreement, only on a case-by- case basis and if:

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 8 – paragraph 1 – point c

(c) the third country ~~agrees to transfer the data to another third country~~guarantees that it will use the data only where it is necessary for the purposes of this Directive specified in Article 1(2) ~~and only wi~~. Transfer by the th~~e express~~ird country to au th~~orisation of the Member Sta~~ird country is not permitted.

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 9 – paragraph 2 – subparagraph 1

Upon expiry of the period of 30 days after the transfer of the PNR data to the Passenger Information Unit referred to in paragraph 1, the data shall be retained at the Passenger Information Unit for a further period of ~~five year~~two months. During this period, all data elements which could serve to identify the passenger to whom PNR data relate shall be masked out. Such anonymised PNR data shall be accessible only to a limited number of personnel of the Passenger Information Unit specifically authorised to carry out analysis of PNR data and develop assessment criteria according to Article 4(2)(d). Access to the full PNR data shall be permitted only by the Head of the Passenger Information Unit for the purposes of Article 4(2)(c) and where it could be reasonably believed that it is necessary to carry out an investigation and in response to a specific and actual threat or risk or a specific investigation or prosecution.

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 9 – paragraph 4

4. The result of matching referred to in Article 4(2)~~(a) and~~ (b) shall be kept by the Passenger Information Unit only as long as necessary to inform the competent authorities of a positive match. Where the result of an automated matching operation has, further to individual review by non- automated means, proven to be negative, ~~it shall, however, be stored so as to avoid future ‘false’ positive matches for a maximum period of three years unless the underlying data have not yet been deleted in accordance with paragraph 3~~the data shall be deleted from the database at the latest at the e~~xpiry~~nd of the ~~five years, in which case the log shall be kept until the underlying data are delete~~three-month retention period.

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 11 – paragraph 4 a (new)

4 a. A particularly high security standard shall be used for the protection of all data, geared to the latest developments in expert discussions on data protection and constantly updated to include new knowledge and insights. It shall be guaranteed that economic aspects are taken into account as a secondary concern at most when the relevant decisions on the security standards to be applied are taken. In particular, a state of the art encryption process shall be used which: - ensures that data-processing systems cannot be used by unauthorised persons; - ensures that authorised users of a data- processing system can access no data other than those to which their access right refers, and that personal data cannot be read, copied, changed or removed without authorisation when being processed or used and after retention; - ensures that personal data cannot be read, copied, changed or removed without authorisation when being electronically transmitted or during transport or saving to a storage medium, and ensures that it is possible to check and establish to which locations personal data is to be transferred by data transmission facilities. The possibility of retrospectively checking and establishing whether and by whom personal data have been entered in data- processing systems, changed or removed shall be guaranteed. It shall be guaranteed that personal data processed under contract can be processed only in accordance with the contracting entity's instructions. The protection of personal data against accidental destruction or loss shall be guaranteed. The possibility of processing data collected for different purposes separately shall be guaranteed.

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 16 – paragraph 1

Upon the date referred to in Article 15(1), i.e. two years after the entry into force of this Directive, Member States shall ensure that the PNR data of at least 30% of all flights referred to in Article 6(1) are collected. Until two years after the date referred to in Article 15, Member States shall ensure that the PNR data from at least 60 % of all flights referred to in Article 6(1) are collected. Member States shall ensure that from four years after the date referred to in Article 15, the PNR data from all flights referred to in Article 6(1) are collected.

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Article 17 – paragraph 1 – point a

a) review the feasibility and necessity of including internal flights in the scope of this Directive, in the light of the experience gained by those Member States that collect PNR data with regard to internal flights. The Commission shall submit a report to the European Parliament and the Council within two years after the date mentioned in Article 15(1);deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Annex 1 – point 1

~~(1) PNR record locator~~deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Annex 1 – point 2

~~(2) Date of reservation/issue of ticket~~deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Annex 1 – point 3

~~(3) Date(s) of intended travel~~deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Annex 1 – point 4

~~(4) Name(s)~~deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Annex 1 – point 5

~~(5) Address and contact information (telephone number, e-mail address)~~deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Annex 1 – point 6

~~(6) All forms of payment information, including billing address~~deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Annex 1 – point 7

~~(7) Complete travel itinerary for specific PNR~~deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Annex 1 – point 8

~~(8) Frequent flyer information~~deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Annex 1 – point 9

~~(9) Travel agency/travel agent~~deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Annex 1 – point 10

~~(10) Travel status of passenger, including confirmations, check-in status, no show or go show information~~deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Annex 1 – point 11

~~(11) Split/divided PNR information~~deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Annex 1 – point 12

(12) General remarks (including all available information on unaccompanied minors under 18 years, such as name and gender of the minor, age, language(s) spoken, name and contact details of guardian on departure and relationship to the minor, name and contact details of guardian on arrival and relationship to the minor, departure and arrival agent)deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Annex 1 – point 13

~~(13) Ticketing field information, including ticket number, date of ticket issuance and one-way tickets, Automated Ticket Fare Quote fields~~deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Annex 1 – point 14

~~(14) Seat number and other seat information~~deleted

2011/09/15
Committee: TRAN

Ismail ERTUG

Proposal for a directive
Annex 1 – point 15

~~(15) Code share information~~deleted