The European Council has confirmed that an agreement has been reached with the European Parliament on the draft directive on the use of passenger name record data. The directive aims to prevent, detect, investigate and prosecute terrorist attacks and severe crime. Under the directive, flight companies will be under an obligation to transmit passenger data to the relevant Member State regarding flights entering or departing the EU. Member States will also have the right to collect passenger data for intra-EU flights. Data will be stored initially for six months, and then for four and a half years under strict access conditions. The next stage will be for Parliament’s Civil Liberties, Justice and Home Affairs Committee to vote on the text of the directive. It will then be voted on by the European Parliament. The EDPS has urged caution over the scheme because of the potential for large scale data processing of the data of non-suspect passengers.
EDPS statement (PDF)