The two leading business-travel organizations this week said they expect a resolution of last week's setback related to an agreement on European Union airlines sharing passenger data with United States Customs and Border Protection, since the ruling by the European Court of Justice that the E.U. Council of Ministers did not have the legal basis to strike the agreement was based on a technicality.
The Court said the E.U.'s Data Protection Directive did not apply to data collected for security purposes, and gave the E.U. until the end of September to alter the data sharing agreement, or face its annulment. E.U. ministers already have begun meetings designed to redraft the deal, which took effect in May 2004.
In the absence of an agreement, passengers could have to deal with excruciatingly long lines and E.U. airlines could face fines or revoked landing rights in the United States; some fear carriers could face legal action in the E.U. on privacy grounds.
"The decision by the European Court of Justice to nullify a two-year-old agreement requiring European carriers to submit 34 fields of passenger name record information of U.S.-bound travelers was based on a technical question of legality as opposed to an issue of privacy," according to a statement attributed to Susan Gurley, executive director of the Association of Corporate Travel Executives. "There is every reason to assume this legal point will be resolved before the September deadline given by the court. Challenges to the privacy aspects of this agreement from European sources have not been significant in the last two years."
"We are confident that a timely and practical solution can be reached by both parties," according to a statement by the National Business Travel Association, "Both sides [have] sufficient time to work out a compromise policy which addresses the privacy concerns of the E.U., while also allowing U.S. officials access to passenger information, which is vital to maintaining robust homeland security. It behooves neither party to allow the September 30 deadline to lapse, subjecting European carriers to large fines and straining relations across the Atlantic."
The Air Transport Association and the Association of European Airlines also said they expect a resolution.
The European Parliament two years ago referred the agreement to the Court after all members of the E.U. Council of Ministers approved it (based on concessions agreed to by the U.S.). The deal stipulates that airlines provide a given flight's passenger data, including names, addresses and credit card information, within 15 minutes of takeoff.
Although the technicality is unrelated to privacy concerns, the Court's decision was endorsed by the American Civil Liberties Union, which stated that it demonstrates how U.S. "Homeland Security officials cannot keep fantasizing that they can create a massive, all-encompassing global system for collecting data on travelers by running roughshod over not only basic privacy protections but also the laws of other nations."
The corporate travel community generally has a more measured perspective. For Oracle Corp. director of global travel programs Ralph Colunga, a balanced approach is warranted.
"There certainly is an awful lot of angst with regard to personal data," Colunga said. "I'm all for safeguarding privacy, but you can take anything to an extreme. Are we taking things to an extreme on security or on data privacy? I hope we find a balance. Part of me says, if you have nothing to hide, why should you worry?"