The airline passenger data disclosure case and the EU-US debate

Abstract

In the aftermath of the events of 11 September 2001, decisions have been taken unilaterally by US authorities requiring air line companies to provide direct access or transfer of data concerning passengers and cabin crews flying to, from or within the US to certain US administrations. These decisions have been challenged by EU authorities insofar they constitute a violation of EU privacy and personal data protection law which is considered to be of public order. The debate is still pending. This article will comment on this complex and multi-featured discussion opposing two fundamental societal values: on the one hand, the right of the citizens to be protected from terrorism and the obligation of a sovereign State to fight against it and safeguard public security, 1 and on the other hand, the individuals' right to personal data protection and privacy and the obligation of the EU, in the light of international and supranational commitments, to protect them in this arena. After a short presentation of the US decisions and their context, the authors will analyse the EU position, its claim for adequate personal data protection to be ensured by the US authorities and the legal grounds for this position. Finally, a synthetic approach to the adequacy of the US decisions vis-à-vis the EU legal provisions will be proposed.