Passenger Name Records

As forecast in our latest blog on the topic (available here), the European Parliament today voted into law a new General Data Protection Regulation (“GDPR”) that will replace the EU’s all-encompassing Data Protection Directive as of mid-2018.

Today’s vote brings to a close a legislative process that has lasted nearly five years; the law’s

The Article 29 Working Party, comprising data protection authorities from each of the EU Member States and the European Data Protection Supervisor, has reiterated concerns about aspects of Passenger Name Record (PNR) agreements between the EU and the US, Canada and Australia. Under the agreements, airlines must allow authorities in the US, Canada and Australia

The European Commission has proposed a Passenger Name Record Directive that would require airlines to provide EU Member States with data on passengers arriving from, or departing to, countries outside the EU.  Under the proposal, copies of such PNR data held on an airline’s reservation system would be transferred to a dedicated “Passenger Information Unit&rdquo