Abstract
In <italic>Ligue des droits humains,</italic> the CJEU declared the EU Directive on Passenger Name Record (PNR) data to be compatible with Articles 7 and 8 CFR. The Court therefore declined to invalidate the PNR Directive, but significantly curtailed almost all of its central tenets. This contribution analyzes what the decision entails for the PNR system. It argues that the German transposition law, the <italic>Fluggastdatengesetz,</italic> can no longer function as a suitable legal basis for the German PNR system since it is in flagrant violation of EU law, as interpreted by the Court. Hence, the German PNR system must be stopped until the <italic>Fluggastdatengesetz</italic> has undergone parliamentary reform. Since <italic>Ligues des droits humains</italic> also represents a landmark decision on predictive policing, this contribution critically dissects how it is significant for the future of European security law beyond the PNR context. In so doing, it focusses firstly on the evolving doctrinal standards for the mass retention of personal data and secondly, on the technology-induced, automated generation of suspicion pertaining to threats to public security. Regarding the first point, the decision is situated in an evolving jurisprudence prescribing a situation-specific reduction of the objective criteria for mass surveillance as put forth in <italic>Digital Rights Ireland.</italic> Regarding the second point, this contribution contrasts the CJEU’s approach – which is characterized by a lack of substantive boundaries, and an abundance of technology-specific procedural guarantees with many delegations to Member States – with the stricter approach taken by the German Constitutional Court. It argues that the current doctrinal framework is insufficient in addressing the rule-of-law concerns raised by the reliance on modern technologies for the purposes of the automated generation of suspicions. Based on the aim of stabilizing relationships of mutual recognition through human interventions, this contribution makes some tentative doctrinal proposals for bridging the gap between automated hits and concrete threats. It then concludes with an outlook to the ETIAS Regulation.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
