Against Mass Surveillance of Air Passengers

By Bijan Moini, 26th March 2020

Passengers walking through an airport

Since 2018, air passengers in the European Union are subject to mass surveillance and algorithmic profiling.


Despite being in violation of the Charter of Fundamental Rights of the European Union (CFR), EU Member States collect, store and analyse comprehensive data on air travel.


The German Society for Civil Rights (Gesellschaft für Freiheitsrechte, GFF) and the Austrian NGO, with the support of DFF, filed a series of strategic lawsuits aimed at reaching the Court of Justice of the European Union (CJEU). A German court has now referred several cases to the CJEU, bringing us closer to toppling the directive that provides the legal basis for mass surveillance of flight passengers.


We are used to being treated differently when traveling by air compared to journeys by, say, train. Flying involves identity checks, manual body searches or even full body scans, and sometimes interviews. Many of the precautionary measures taken at airports today were first introduced by the US in the aftermath of the 9/11 terrorist attacks. However, the measures visible to us as air passengers are only the tip of the iceberg.


…the measures visible to us as air passengers are only the tip of the iceberg

The collection of data on European air travel presents a similarly severe interference in our fundamental rights.


For all passengers of flights to or from the EU, a Passenger Name Record (PNR) is transferred from air carriers to the national police. The basis for all of this is the European PNR Directive (Directive 2016/681). A PNR contains up to 20 data items, including the date of birth, details of accompanying persons as well as payment information or the IP address used for online check-in.


Together with the information on the flight itself, the PNR offers a detailed picture of the passenger. Sound like mass surveillance to you? It sure is.

How Did it Come to This?
The US first introduced mass retention of passenger data in November 2001. Other countries, including Canada and Australia, planned to introduce similar measures. Despite some fierce opposition in the EU Parliament based on data protection concerns, the EU concluded PNR agreements with these countries between 2011 and 2014.

This put mass surveillance of flight passengers on a legal footing. In the case of the PNR agreement between the EU and Canada, however, the CJEU in July 2017 confirmed that the provisions violated European fundamental rights.

In the course of negotiating these agreements, the EU repeatedly discussed introducing its own data retention system for airline travel data.  The PNR Directive was adopted in 2016 and has since been gradually implemented in EU Member States.


Even though the Directive envisages data retention only for flights entering and exiting the EU, all Member States have agreed to an extension clause, according to which data for intra-European flights will be stored, as well.


Dangerous Data Collection


Under the PNR Directive, European government agencies can store PNR data for six months in an identifiable manner (i.e. linked to the real name of the passenger) and then another four and a half years in pseudonymised form.


They automatically check the passenger data against databases on, for example, wanted persons and stolen passports. But more importantly, they can apply algorithms, so-called pre-determined criteria, to the data sets.


These algorithms are supposed to identify “unknown” suspects by, for instance, extrapolating patterns and conclusions from an individual’s flight behavior and other data to ascertain whether they are a suspected or potential offender.


A person for whom such a “hit” occurs can be the target of further clandestine police measures or be interrogated at the airport or even, depending on the national law, detained.


It is widely disputed whether the analysis of such data is an effective means to investigate or prevent terrorism and other serious crime

It is widely disputed whether the analysis of such data is an effective means to investigate or prevent terrorism and other serious crime. Rather, the sheer volume can make analysis more difficult.


In Germany, the Federal Government itself assumes a success rate of only 0.1%, meaning that 99.9 % of all air passengers – about 169,830,000 people, according to the Government’s forecasts – will be unnecessarily subjected to the processing of sensitive data. And this does not even account for the “false positives” within the 0.1 % (i.e. those who have been flagged by the system in error as a person of interest).


Violation of the Charter of Fundamental Rights


In view of the large volume of air traffic today, the processing of passenger data is tantamount to mass surveillance.


It violates the Charter of Fundamental Rights as it disregards both the right to respect for private and family life (Article 7), as well as the right to the protection of personal data (Article 8). The CJEU’s opinion on the EU-Canada PNR agreement clearly confirms this assessment, as does the opinion of the European Data Protection Supervisor.


In view of the large volume of air traffic today, the processing of passenger data is tantamount to mass surveillance

While we are certain to have the stronger legal arguments on our side, we depended on a national court to refer a case to the CJEU and ask it for a preliminary ruling on the validity of the PNR Directive under EU law. We therefore started lawsuits in both Germany and Austria that tackle the respective national law implementing the Directive.


In Germany, GFF took a two-track legal approach. On the one hand, we took administrative action against the Federal Criminal Police Office, which processes passenger data in Germany, and demanded that they delete our plaintiffs’ data. On the other hand, we filed civil lawsuits against the airlines transmitting the data records.


Towards the EU’s Highest Court


In January 2020, the Local Court of Cologne, Germany, submitted to the CJEU the question of whether the PNR Directive violates fundamental rights. Thus we have reached a major milestone in our strategic litigation.


We now hope that the CJEU will, consistent with its own jurisprudence, declare the Directive void and thereby invalidate the legal basis of all national PNR laws.


A judgment is expected to be rendered no sooner than by the end of 2021. This would be a huge success for fundamental human rights, as it would set boundaries for mass surveillance of all our movements (extending the PNR directive to trains, buses and ferries is already being discussed) and, maybe even more importantly, to the use of algorithms when assessing if an otherwise unsuspicious person is to be considered dangerous and to be treated as such (more often than not, wrongfully so).


It would also strengthen European civil society by showing that we can use cross-border strategic litigation as a means to improving the legal protections of hundreds of millions of people at the same time.

Bijan Moini is a litigator with Gesellschaft für Freiheitsrechte and in charge of its digital rights cases.
Image by Toby Yang on Unsplash