Part of a new anti-terrorism campaign, a commission proposal would allow member states to collect personal information and keep it for 13 years
As part of a new EU counter-terrorism strategy, Brussels is to propose that member states collect 19 pieces of air passenger data, with the possibility to store it for up to thirteen years.
On Tuesday (6 November), EU home affairs commissioner Franco Frattini will kick off a lengthy legislative process, which at the end should see an EU-wide air passengers name recording scheme (PNR) similar to the controversial US database on European air travellers.
Mr Frattini argues in his paper that "the collection and analysis of PNR data allows the law enforcement authorities to identify high risk passengers and to take appropriate measures" such as secondary screening upon their arrival or a refusal of entry in the destination country.
"Almost all terrorist campaigns are trans-national", he points out.
However, the commission proposal does not foresee a centralised pan-European database, as run the risk of failure due to the vast amount of data received from the 27 individual member states.
Instead, it suggests that each member state sets up a passenger information unit responsible for collecting as well as analysing the PNR data from all carriers operating flights into or from the EU territory.
Member states' law enforcement authorities, entitled to receive and further process the information, should share them if "necessary" for the prevention and fight against terrorist offences and organised crime.
Under the proposal, European law enforcement authorities will gain access to details on the passenger's reservation and travel itinerary - for example name, address, passport data, telephone numbers, travel agent, credit card number, history of changes in the flight schedule, seat preferences.
Sensitive information such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership as well as health and sexual orientation should not be revealed.
EU capitals will be allowed to store all data for five years, however, with the possibility to extend this period for an additional eight years. Only then must member states' passenger information units delete them.
In order to "offer a higher degree of data protection", Brussels suggests that the so-called push method applies when it comes to collecting the data.
They should be transmitted by the carrier to the national authority instead of giving the national agency the right of direct access to the reservation system.
Commissioner Franco Frattini will have to win the unanimous support of all EU capitals if the proposal is to become law.
But the toughest scrutiny is likely to come from the European Parliament, a frequent guardian of civil liberties and data protection, as well as from rights groups.
According to Tony Bunyan from UK liberties group Statewatch "this is yet another measure that places everyone under surveillance and makes everyone a suspect without any meaningful right to know how the data is used, how it is further processed and by whom".
"The underlying rationale for each of the measures is the same - all are needed to tackle terrorism", Mr Bunyan said, referring to the mandatory taking of fingerprints for passports and the mandatory storage of telecommunications data.
"There is little evidence that the gathering of mountain upon mountain of data on the activities of every person in the EU makes a significant contribution. On the other hand, the use of this data for other purposes, now or in the future, will make the EU the most surveilled place in the world", he concluded.