The EC and US government officials played down fears that flights from Europe to the US might be disrupted at the end of September, when an agreement on sharing passengers' private data will expire.
A two-year-old agreement to share more than 30 different items of personal information about passengers flying to the US is illegal, the European Court of Justice ruled yesterday.
"We need continuity," said Franco Frattini, the European commissioner for justice and home affairs during a televised debate among EU and US antiterrorism officials assembled in Washington DC and Brussels. He is "certain" an agreement can be reached to avert a crisis in transatlantic travel.
A US official agreed. "I am confident that we will find a solution that will keep the data flowing and the planes flying," said Stewart Baker, an assistant secretary of state for the US Department of Homeland Security.
But some data-protection lawyers believe the problem won't be so easy to get rid of. "It's not an easy situation," said Chris Kuner, a partner in the Brussels office of law firm Hunton & Williams. "The US government has said this court ruling won't change the rules on passenger data transfers agreed two years ago, but the court decision today throws everything up for re-examination," Kuner said.
The court allowed the passenger-data agreement to continue until 30 September "for reasons of legal certainty", the court said in a statement. The EC must either draft a new agreement in the next four months or allow individual member states to strike bilateral agreements.
Without one of those two solutions, European airlines could be fined by US authorities if they fail to provide the same data after 30 September or by European data protection authorities if they do hand over the information. Worse, passengers on European carriers could face delays of up to six hours while flights into the US are screened.
US authorities have threatened to strip European carriers of the landing rights if they fail to provide the required passenger information in advance. US airlines don't face the same problem because they are not subject to Europe's tough data-protection laws.
The US government doesn't appear ready to tone down its demands for passenger data, leaving European policy makers in a tight spot, Kuner said. "The bottom line is that European airlines, which rely heavily on the revenues from transatlantic flights, risk being shut down or pushed out of business," he said.
Information required by the US includes names, addresses, credit card numbers and travel schedules. The US government insisted that European airlines hand over such information at least 15 minutes before a transatlantic flight departs so that passenger lists can be screened for potential terrorists.
Airlines were caught in the middle of a legal tussle before the agreement between the US and the EU was signed in May 2004, because European data protection laws forbid companies from exporting European citizens' personal data outside the Union, unless the country they export the information to has equivalent data-protection laws. The US is not deemed to have equivalent data-protection rules.