Illegal EU Data-Sharing Deal With The U.S. Shows Transparency Not Always Enough
Despite detailing every element of the information sharing with U.S. border officials, EU courts strike it down.
The European Court of Justice on May 30 annulled a 2-year-old agreement between U.S and European officials for sharing data on airline passengers flying into the United States. The deal shows that as the U.S. government takes heat for using subpoenas to get data from Internet companies, even carefully crafted arrangements can land in trouble.
The court ruled illegal a 2004 agreement requiring European Union airlines to send information about each passenger from computer reservation systems to U.S. Customs and Border Protection within 15 minutes after a flight departs for the United States. European Commission lawyers have until Sept. 30 to draft a new data-sharing agreement, or leave airlines hanging with conflicting government demands.
It also shows the different ways businesses respond to government requests for data. Some airlines complied, others didn't, which forced the EU to decide whether cooperation is mandatory. Though the European Parliament initially dubbed the agreement adequate, Parliament ultimately brought its data-protection concerns to the court.
The 2004 pact was very specific on what information U.S. border officials could have, when, and for how long. Passenger name data could be used only to fight terrorism and other serious crimes. Data couldn't be kept more than three years and six months, unless it was involved in an investigation. No other agencies could get direct access to Customs and Border Protection databases. It allowed Customs and Border Protection to pull passenger information from EU air carrier reservation systems only until the carriers could implement a system to push the data themselves. The agency was required to implement an automated system to filter out sensitive information, from race and religion to union membership and health histories.
Still, the data-sharing deal has been found illegal. Transparency isn't always enough.
The Business of Going DigitalDigital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Join InformationWeek’s Lorna Garey and Mike Healey, president of Yeoman Technology Group, an engineering and research firm focused on maximizing technology investments, to discuss the right way to go digital.