Privacy and Border Controls in the Fight Against Terrorism: A Fundamental Rights Analysis of Passenger Data Sharing

Acknowledgements

Abbreviations

Introduction

1 Putting PNR Data into Context

Privacy and Personal Data Protection in the EU and in the US

Introduction

1 Mapping Privacy and Protection of Personal Data

1.1 Façades of Privacy

1.2 Tracing Privacy from Antiquity to Modernity in the Doctrine

1.3 Protection of Personal Data: Intersection of Technology and Information

2 Privacy and Personal Data Protection Regimes in the EU and in the US

2.1 Privacy and Protection of Personal Data in the EU

2.1.1 Protections under the ECHR

2.1.1.1 Privacy and the ECHR

2.1.1.2 Personal Data Protection and the ECHR

2.1.2 Protections under the Charter

2.1.2.1 Privacy and the Charter

2.1.2.2 Personal Data Protection and the Charter

2.1.2.2.1 The Fundamental Right to Data Protection

2.1.2.2.2 What Qualifies as an Interference with the Fundamental Right of Data Protection?

2.2 Privacy and Protection of Personal Data in the US

2.2.1 Privacy Protection under the Fourth Amendment

2.2.2 Privacy Protection under Federal Statutes

Conclusion

2 Right to Privacy and Right to Protection of Personal Data under the ECHR and the Charter

Introduction

1 Judicial Assessment by the European Court of Human Rights

1.1 Interferences by Measures to Counter Terrorism and Serious Crime

1.1.1 Interception of Electronic Communications

1.1.1.1 Interception of Electronic Communications for National Security Purposes

1.1.1.2 Interception of Electronic Communications in the Context of Prevention and Investigations of Crimes

1.1.2 Information Collection

1.1.2.1 Information Collection for National Security Purposes

1.1.2.2 Information Collection in the Context of Prevention and Investigations of Crimes

1.1.3 Information Transfer

1.2 Compatibility with the Right to Privacy

1.2.1 In Accordance with the Law

1.2.1.1 Foreseeability Requirement for the Telecommunications Interception in the Context of Criminal Investigations

1.2.1.2 Foreseeability Requirement for the Telecommunications Interception for the Interests of National Security

1.2.1.2.1 Foreseeability in Relation to the Nature of Offences

1.2.1.2.2 Foreseeability in Relation to the Target Group

1.2.1.2.3 Foreseeability in Relation to the Procedural Safeguards

1.2.1.3 Foreseeability Requirement for Information Collection

1.2.2 Legitimate Aim

1.2.3 Requirement of Being Necessary in a Democratic Society

1.2.3.1 The ‘Necessity’ Test for Telecommunications Interception

1.2.3.2 The ‘Necessity’ Test for Information Collection

1.2.3.3 The ‘Necessity’ Test for Information Transfer

2 Judicial Assessment of the Court of Justice of the European Union

2.1 Interferences by Measures to Counter Terrorism and Serious Crime

2.2 Nature of the Interference

2.3 Limitations under the Charter

2.3.1 Provided for by Law

2.3.2 The Respect of the Essence of the Rights

2.3.3 Objective of General Interest

2.3.4 Proportionality in View of the Objective

2.3.4.1 The Criterion of Appropriateness

2.3.4.2 The Criterion of Necessity

2.3.4.3 Proportionality in the Narrower Sense

2.3.4.3.1 Retention of Personal Data

2.3.4.3.2 Access to Personal Data

2.3.4.3.3 Use of Personal Data

2.3.4.3.4 Transfer of Personal Data

2.3.4.4 Proportionality with Respect to Data Security

2.3.4.5 Proportionality with Respect to the Rights of Individuals

2.3.4.6 Proportionality with Respect to the Oversight Mechanism

Conclusion

3 Birth of PNR Data and the EU–US PNR Agreement

Introduction

1 Genesis of PNR Data

2 PNR Data and Counter-Terrorism: The History behind the EU–US PNR Agreement

3 The EU–US PNR Agreement

3.1 Legal Basis of the EU–US PNR Agreement

3.2 Terms of the EU–US PNR Agreement

3.2.1 Scope of the EU–US PNR Agreement

3.2.2 Purpose of the EU–US PNR Agreement

3.2.3 PNR Data Transfers under the EU-US PNR Agreement

3.2.3.1 Method of Transfer

3.2.3.2 Categories of pnr Data to be Transferred

3.2.3.3 Sensitive Data

3.2.4 Retention Period

3.2.5 Recipients of PNR Data

3.2.6 Data Security

3.2.7 Rights of Individuals

3.2.7.1 Access

3.2.7.2 Rectification

3.2.7.3 Redress

3.2.7.4 Information

3.2.8 Oversight Mechanism

3.2.9 Review of the EU–US PNR Agreement

Conclusion

4 From Theory to Practice

What Is the Added Value of PNR Data?

Introduction

1 The Main Database for PNR Data: Automated Targeting System

1.1 Automated Targeting System and Data-Processing Techniques

1.1.1 An Overview of the Types of Data-Processing Techniques

1.1.2 Automated Targeting System and Data-Processing Techniques

1.2 Automated Targeting System Data Sources

2 System under which PNR Data Are Used

2.1 Processing of the PNR Data

2.1.1 Comparison

2.1.2 Risk Assessment

2.2 Users of the System

2.3 Access to PNR Data

2.4 Sharing PNR Data with Other US Agencies

2.5 Sharing PNR Data Internationally

3 Expertise of Automated Targeting System Users

Conclusion

5 Evaluation of the EU-US PNR Agreement with the European and EU Legal Framework for Privacy and Personal Data Protection

Introduction

1 Evaluation of the PNR Agreement with the Right to Privacy and Personal Data Protection

1.1 Attracting the Protection of the Right to Privacy and Data Protection

1.2 Nature of the Interference by the pnr Agreement

2 Justification of the Interference by the PNR Agreement

2.1 The Legal Ground

2.2 The Respect of Essence of the Rights

2.3 Objective of General Interest

2.4 Proportionality in View of the Objective 174
2.4.1 Appropriateness of the pnr Agreement with Respect to Counter-Terrorism

2.4.2 Necessity of the PNR Agreement with Respect to Counter-Terrorism

2.4.3 Proportionality in the Narrower Sense

2.4.3.1 Purposes of PNR Data Processing

2.4.3.2 Rules on the Transfer of PNR Data

2.4.3.2.1 Method of Transfer

2.4.3.2.2 Categories of PNR Data to be Transferred

2.4.3.3 Rules on the Use of PNR Data

2.4.3.3.1 Real-Time Use of pnr Data upon Arrival

2.4.3.3.2 Historical Use of pnr Data: From Arrival until After Departure

2.4.3.4 Rules on the Retention of pnr Data

2.4.3.5 Rules on Access to PNR Data

2.4.3.6 Onward Transfer of PNR Data

2.4.4 Proportionality with Respect to Rules on Data Security

2.4.5 Proportionality with Respect to Rights of Individuals

2.4.6 Proportionality with Respect to Oversight Mechanism

Conclusion

6 The Border

A Crossroads for Terrorists and Criminals?

Introduction

1 The Border as the Reach of Criminal Jurisdiction

1.1 Substantive Cross-Border Crimes: Borrowing a Criminology Lexicon

1.1.1 EU Law and Cross-Border Crimes

1.1.2 US Law and Cross-Border Crimes

1.1.3 Conclusive Remarks on Cross-Border Crimes

1.2 Terrorism: Co-operation against an Unidentified Legal Phenomenon

1.2.1 Terrorism under EU Law

1.2.2 Terrorism under US Law

1.2.3 Conclusive Remarks on the Definition of Terrorism

1.3 Enforcement against Cross-Border Criminality and Terrorism: EU–US Mutual Legal Assistance Agreement

2 The Border as the Making of States and Citizens

2.1 Containment of Cross-Border Crimes and Terrorism through Border Controls

2.1.1 EU Border Control: Wrapping Free Movement around Security Interests

2.1.2 US Border Control: The Coming of Homeland Security

2.1.3 Conclusive Remarks on Border Controls and Terrorism

2.2 Securing Borders through Virtual Identities

Conclusion

Conclusion

1 The EU-US PNR Agreement: The Story of a Cooperation Out of a Conflict of Laws

2 In Search of a Suspicion Requirement

3 Substantive Assessment of the EU-US PNR Agreement

4 Further Questions on the EU-US PNR Agreement as Part of Border Management

Bibliography

Index