During a signing ceremony, Homeland Security Secretary Tom Ridge, European Union Ambassador Gunter Burghardt and Irish Ambassador Noel Fahey, representing the EU presidency, said the agreement is key to guarding against terrorism.
"A global enemy requires a global response," Ridge said. "It is an essential security measure that allows us to link information about known terrorists and serious criminals."
The deal, which takes effect immediately and is to last 3-1/2 years, gives U.S. authorities access to information about passengers on flights flying to or from the 25 European Union countries. The information will be checked against U.S. databases to determine if any travelers are terrorist threats.
U.S. officials already have had access to the information under an interim program that began in March 2003, but many in Europe said that agreement did not provide adequate privacy protection. Supporters of the deal signed on Friday say it protects privacy because it limits the information that can be transferred. It also restricts use of the information to combating terrorism and serious crimes, and allows U.S. officials to keep it for only 3-1/2 years.
David Sobel, general counsel for the Electronic Privacy Information Center, a critic of the agreement, said none of the assurances are binding.
"There is so much secrecy surrounding the government's handling of passenger data that it will be virtually impossible to monitor the use of the information," Sobel said.
The agreement gives European airlines the certainty that they're not violating U.S. or European laws by sharing their passenger data. The airlines had been caught in the middle between Congress--which ordered them to turn over data for flights to, from or through the United States--and the EU, which prohibits such transfers under its data protection laws.
The data--called passenger name records--include credit-card numbers and contact information such as phone numbers and addresses. Some sensitive items, such as meal requests that could indicate a passenger's race or religion, will either not be transferred or will be filtered out by U.S. authorities, the officials said.
The European Parliament voted narrowly last month to challenge the agreement at the European Court of Justice, arguing it violated EU law by giving U.S. officials access to personal information without sufficient privacy protection. But that complaint was voided May 17 when the European Union voted to approve the agreement as written.
Homeland Security Assistant Secretary Stewart Verdery acknowledged the European Parliament could still mount a challenge at the Court of Justice.
"We don't know that they would do that," Verdery said. "We believe that the agreement would withstand a legal challenge."
The agreement also allows the U.S. government to use the data as part of an anti-terrorism program that would use personal information to assign threat levels to all airline passengers.
The program, called the Computer-Assisted Passenger Prescreening System, or CAPPS II, has been delayed because some U.S. airlines refuse to turn over passenger data for testing. Several airlines--including Northwest, JetBlue and American--have been criticized for sharing such data with the government in the aftermath of the Sept. 11 terror attacks without the knowledge of passengers.
U.S. officials said in March they would issue a security directive "in a few months" that would force airlines to turn over the data. On Friday, though, Verdery said he "wouldn't want to give a time frame" on when the order would be issued.
"There have been a number of cases where we've found terrorists or significant criminal violations due to this," Verdery said.