Security Union: New rules on EU Passenger Name Record data

The EU Passenger Name Record (PNR) Directive – a key piece of EU security legislation to better identify travelling terrorists and criminals and trace criminal networks – entered into force on 24 May 2016 and the deadline for implementation by Member States is today. On this occasion the Commissioner for Migration, Home Affairs and Citizenship Dimitris Avramopoulos and Commissioner for the Security Union Julian King issued the following statement:

“Over the past three years, we have been continuously working to deny terrorists and criminals the means to act and to close down the space in which they operate. With the new EU rules on the use of Passenger Name Record (PNR) data, we have taken another step in closing an important security information gap. We have equipped ourselves with yet another tool to identify and stop criminals and terrorists more effectively, building a Europe more resilient to security threats – a Europe that protects.

The EU PNR Directive will help us better identify those who pose a threat and trace their travel patterns.Under the Directive, which should be incorporated into national legislation as of today, Member States are obliged to collect and process the PNR data of passengers on international flights entering or departing from the EU in order to fight terrorism and serious crime, such as trafficking in human beings and drug smuggling. Dangerous individuals who have previously managed to stay under the radar of police and law enforcement should no longer be able to do so. The new rules will not carry any additional burden for passengers, who can rest assured that their PNR data will be used in full respect of the highest data protection standards and fundamental rights.      

We recognise that a great deal of effort has been made by Member States to implement the new rules. Unfortunately, not all of them have completed this work. Whilst we will continue to offer support and guidance to Member States to implement the new rules, as we have done over the past two years, the Commission will not hesitate to use its powers under the Treaty to ensure that sufficient progress is made in due course.

For the PNR framework to be operational and reach its full potential it is crucial that all Member States have their systems up and running. The framework is only as strong as its weakest link. In the fight against terrorism and organised crime, Europe cannot afford weak links.”

Background

On 27 April 2016 the Parliament and the Council adopted the EU Passenger Name Record (PNR) Directive. While some Member States already use PNR data, the way the data is collected and shared varies from one Member State to another. This new EU-wide PNR framework will harmonise and complement different national laws: removing inconsistencies, plugging security information gaps and ensuring the highest data protection standards and full respect of fundamental rights.

The new rules strictly limit the use of PNR data for the purpose of prevention, detection, investigation and prosecution of serious crime and terrorism. Under those rules, each participating Member State is required to set up a legal and technical framework for the transfer, processing and exchange of PNR data provided by airlines. The Commission has actively supported Member States in the implementation process by providing financial assistance, coordinating regular meetings and facilitating the exchange of best practice. In 2017 alone, all Member States received €70 million in EU funding to support PNR-related activities.

The deadline for incorporating the rules into national law is 25 May 2018 at midnight.

For More Information

Factsheet: Security Union – Closing security information gaps – entry into force of new EU rules on Passenger Name Record (PNR) data

DG HOME: Passenger Name Record (PNR)