Resolution on the urgent need for global standards for safeguarding
passenger data to be used by governments for law enforcement and border security
purposes
29th International Conference of
Data Protection and Privacy Commissioners
Montreal, Canada
September 25-28, 2007
Proposer: Der Bundesbeauftragte für den Datenschutz
und die Informationsfreiheit (Germany)
Co-sponsors:
Österreichische Datenschutzkommission (Austria)
Office of the Privacy Commissioner of Canada
Office of the Information and Privacy Commissioner of British Columbia
Office of the Information and Privacy Commissioner of Ontario
European Data Protection Supervisor (European Union)
La Commission Nationale de l'Informatique et des Libertés (France)
Landesbeauftragte für Datenschutz und die Informationsfreiheit Nordrhein-
Westfalen (Germany - regional)
Garante per la protezione dei dati personali (Italy)
College Bescherming Persoonsgegevens (Netherlands)
Autoritatea Naţională de Supraveghere a Prelucrării Datelor
cu Caracter Personal (Romania)
Agencia de Protección de Datos (Spain)
Federal Data Commissioner (Switzerland)
Information Commissioner (UK)
The conference recalls:
- the communiqué adopted at its 24th international conference in Cardiff
in 2002;
- the resolution on the transfer of passengers' data adopted at its 25th
international conference in Sydney in 2003; and
- the declaration on the protection of personal data and privacy in a globalised
world adopted at its 27th international conference in Montreux in 2005;
which recognise the balance that needs to be struck between the legitimate
fight against terrorism and international crime, and the data protection and
privacy rights of individuals.
The conference notes that:
- passenger data is increasingly being sought by governments to be used in
the fight against terrorism, illegal immigration, and other crimes without
sufficient regard to the privacy and human rights of passengers;
- some passenger data can be used to make inferences about religion, ethnicity
and other highly sensitive matters;
- many governments around the world are increasingly asking for more and
more data from carriers;
- carriers collect passenger data for commercial purposes and are being asked
to provide it for law enforcement purposes;
- carriers increasingly have to meet many and varied demands for data and
comply with many and varied systems for transferring the data, which creates
uncertainty among carriers and passengers about their rights and obligations,
making it difficult for passengers to understand how their data is being
used and creating risk that carriers may transfer data inappropriately;
- these many and varied demands and systems incur costs for both airlines
and passengers;
- for carriers to meet these demands requires legal and technical consistency;
- some carriers are still not fully complying with their obligations to inform
passengers of the use and disclosure of their data; and
- other global arrangements have been put in place to facilitate international
air travel and there is an urgent need to develop global solutions that facilitate
international travel while respecting the privacy rights of passengers.
The conference reaffirms that:
In the pursuit of global data protection standards for safeguarding
passenger data to be used by governments for law enforcement and border security
purposes, the conference calls for:
Explanatory note
Increasingly, the governments of different countries have sought to use passenger
data as a tool to tackle terrorism, transnational crime and other crimes. This
has led to differences in the data items demanded, the uses of the data, and
the level of safeguards.
The character of international travel is such that a global approach is needed,
and a global solution is urgently required to ensure appropriate levels of
security and to inspire passenger confidence, while providing proportionate
measures that include the necessary data protection and privacy safeguards.
While data protection and privacy concerns are the paramount issues that need
to be addressed in any global solution, it also provides the opportunity for
other legal, technical, financial and efficiency concerns of airlines and passengers
to be taken into account.
Global standards can ensure fairness, consistency, legal certainty and safeguards
for passengers and carriers alike. It is clear that carriers, law enforcement
agencies, international organisations, civil society groups and data protection
and privacy experts all need to be involved to come to this global solution,
and the commitment of the data protection and privacy commissioners in taking
the lead in pressing for such a solution is essential if any progress is to be
made. |