BETA
Home MEPs Dossiers Committees Subjects Blog About Dumps

Activities of Tineke STRIK related to 2022/0425(COD)

Shadow reports (1)

REPORT on the proposal for a regulation of the European Parliament and of the Council on the collection and transfer of advance passenger information for the prevention, detection, investigation and prosecution of terrorist offences and serious crime, and amending Regulation (EU) 2019/818
2023/12/07
Committee: LIBE
Dossiers: 2022/0425(COD)
Documents: PDF(399 KB) DOC(173 KB)
Authors: [{'name': 'Assita KANKO', 'mepid': 197469}]

Amendments (39)

Amendment 26 #
Tineke STRIK
Proposal for a regulation
Recital 1
(1) The transnational dimension of serious and organised crime and the continuous threat of terrorist attacks on European soil calls for action at Union level to adopt appropriate measures to ensure security within an area of freedom, security and justice without internal borders. Information on air travellers, such as Passenger Name Records (PNR) and in particular Advance Passenger Information (API), is essential in order to identify high-risk travellers, including those who are not otherwise known to law enforcement authorities, and to establish links between members of criminal groups, and countering terrorist activities.
2023/09/06
Committee: LIBE
Amendment 31 #
Tineke STRIK
Proposal for a regulation
Recital 3
(3) Directive (EU) 2016/681 of the European Parliament and of the Council28 lays down rules on the use of PNR data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime. Under that Directive, Member States must adopt the necessary measures to ensure that air carriers transfer PNR data, including any API data collected, to the national Passenger Information Unit (‘PIU’) established under that Directive to the extent that they have already collected such data in the normal course of their business. Consequently, that Directive does not guarantee the collection and transfer of API data in all cases, as air carriers do not have any business purpose to collect a full set of such data. Ensuring that PIUs receive API data together with PNR data is important, since the joint processing of such data is needed for the competent law enforcement authorities of the Member States to be able to effectively prevent, detect, investigate and prosecute terrorist offences and serious crime. In particular, such joint processing allows for the accurate identification of those passengers that may need to be further examined, in accordance with the applicable law, by those authorities. In addition, that Directive does not specify in detail which information constitutes API data. For those reasons, complementary rules should be established requiring air carriers to collect and subsequently transfer a specifically defined set of API data, which requirements should apply to the extent that the air carriers are bound under that Directive to collect and transfer PNR data on the same flightIn addition, that Directive does not specify in detail which information constitutes API data. _________________ 28 Directive (EU) 2016/681 of the European Parliament and of the Council of 27 April 2016 on the use of passenger name record (PNR) data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime (OJ L 119, 4.5.2016, p. 132).
2023/09/06
Committee: LIBE
Amendment 35 #
Tineke STRIK
Proposal for a regulation
Recital 4
(4) It is therefore necessary to establish clearer rules at Union level clear, harmonised and effective rules on the collection and transfer of API data for the purpose of preventing, detecting, investigating and prosecuting terrorist offences and serious crime.
2023/09/06
Committee: LIBE
Amendment 41 #
Tineke STRIK
Proposal for a regulation
Recital 7
(7) In view of the complementary nature of this Regulation in relation to Directive (EU) 2016/681, the obligations of air carriers under this Regulation should apply in respect of all flights for which Member States are to require air carriers to transmit PNR data under Article 1 of Directive (EU) 2016/681, namely flights, including both scheduled and non- scheduled flights, both between Member States and third countries (extra-EU flights), and between several Member States (intra-EU flights) insofar as those flights have been selected in accordance with Directive (EU) 2016/681, irrespective of the place of establishment of the air carriers conducting those flights.
2023/09/06
Committee: LIBE
Amendment 45 #
Tineke STRIK
Proposal for a regulation
Recital 7 a (new)
(7a) This Regulation, however, does not cover the flights as defined in Article 3, point (3), of Directive (EU) 2016/681, namely any scheduled or non-scheduled flight by an air carrier flying from the territory of a Member State and planned to land on the territory of one or more of the other Member States, without any stop-overs in the territory of a third country (intra-EU flights), considering the potentially disproportionate effects that an automatic and indiscriminate collection of data through the router might have on several fundamental rights, including the right to freedom of movement and to data protection.
2023/09/06
Committee: LIBE
Amendment 48 #
Tineke STRIK
Proposal for a regulation
Recital 8
(8) Accordingly, given that Directive (EU) 2016/681 does not cover domestic flights, that is, flights that depart and land on the territory of the same Member State without any stop-over in the territory of another Member State or a third country, and in view of the transnational dimension of the terrorist offences and the serious crime covered by this Regulation, such flights should not be covered by this Regulation either. This Regulation should not be understood as affecting the possibility for Member States to provide, under their national law and in compliance with Union law, for obligations on air carriers to collect and transfer API data on such domestic flights.
2023/09/06
Committee: LIBE
Amendment 50 #
Tineke STRIK
Proposal for a regulation
Recital 10
(10) In particular, the items of information that jointly constitute the API data to be collected and subsequently transferred under this Regulation should be those listed clearly and exhaustively in Regulation (EU) API [border management], covering both information relating to each passenger and information on the flight of that traveller. Under this Regulation, such flight information should cover information on the border crossing point of entry into the territory of the Member State concerned only where applicable, that is, not when the API data relate to intra-EU flightspassenger.
2023/09/06
Committee: LIBE
Amendment 61 #
Tineke STRIK
Proposal for a regulation
Recital 12
(12) In order to ensure the joint processing of API data and PNR data to effectively fight terrorism and serious crime in the Union and at the same time minimise the interference with passengers’ fundamental rights protected under the Charter, the PIUs should be the competent authorities in the Member States that are entrusted to receive, and subsequently further process and protect, API data collected and transferred under this Regulation. In this regard, it is important to ensure that the application of the system is limited to terrorist offences and serious crime having an objective link, even if only an indirect one, with the carriage of passengers by air. In the interest of efficiency and to minimise any security risks, the router, as designed, developed, hosted and technically maintained by the European Union Agency for the Operational Management of Large- Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA) in accordance with Regulation (EU) [API border management], should transmit the API data, collected and transferred to it by the air carriers under this Regulation, to the relevant PIUs. Given the necessary level of protection of API data constituting personal data, including to ensure the confidentiality of the information concerned, the API data should be transmitted by the router to the relevant PIUs in an automated manner.
2023/09/06
Committee: LIBE
Amendment 71 #
Tineke STRIK
Proposal for a regulation
Recital 14
(14) As regards intra-EU flights, in line with the case law of the Court of Justice of the European Union (CJEU), in order to avoid unduly interfering with the relevant fundamental rights protected under the Charter and to ensure compliance with the requirements of Union law on the free movement of persons and the abolition of internal border controls, a selective approach should be provided for. In view of the importance of ensuring that API data can be processed together with PNR data, that approach should be aligned with that of Directive (EU) 2016/681. For those reasons, API data on those flights should only be transmitted from the router to the relevant PIUs, where the Member States have selected the flights concerned in application of Article 2 of Directive (EU) 2016/681. As recalled by the CJEU, the selection entails Member States targeting the obligations in question only at, inter alia, certain routes, travel patterns or airports, subject to the regular review of that selection.deleted
2023/09/06
Committee: LIBE
Amendment 75 #
Tineke STRIK
Proposal for a regulation
Recital 15
(15) In order to enable the application of that selective approach under this Regulation in respect of intra-EU flights, the Member States should be required to draw up and submit to eu-LISA the lists of the flights they selected, so that eu- LISA can ensure that only for those flights API data is transmitted from the router to the relevant PIUs and that the API data on other intra-EU flights is immediately and permanently deleted.
2023/09/06
Committee: LIBE
Amendment 79 #
Tineke STRIK
Proposal for a regulation
Recital 16
(16) In order not to endanger the effectiveness of the system that relies on the collection and transfer of API data set up by this Regulation, and of PNR data under the system set up by Directive (EU) 2016/681, for the purpose of preventing, detecting, investigating and prosecuting terrorist offences and serious crime, in particular by creating the risk of circumvention, information on which intra-EU flights the Member States selected should be treated in a confidential manner. For that reason, such information should not be shared with the air carriers and they should therefore be required to collect API data on all flights covered by this Regulation, including all intra-EU flights, and then transfer it to the router, where the necessary selection should be enacted. Moreover, by collecting API data on all intra-EU flights, passengers are not made aware on which selected intra-EU flights API data, and hence also PNR data, is transmitted to PIUs in accordance with Member States’ assessment. That approach also ensures that any changes relating to that selection can be implemented swiftly and effectively, without imposing any undue economic and operational burdens on the air carriers.deleted
2023/09/06
Committee: LIBE
Amendment 86 #
Tineke STRIK
Proposal for a regulation
Recital 17 a (new)
(17a) Taking into account the right of passengers to be informed of the processing of their personal data, Member States should ensure that passengers are provided with accurate information that is easily accessible and easy to understand about the collection of API data, their transfer to the PIU and their rights as data subjects.
2023/09/06
Committee: LIBE
Amendment 103 #
Tineke STRIK
Proposal for a regulation
Article 1 – paragraph 1 – introductory part
For the purpose of preventing, detecting, investigating and prosecuting terrorist offences and serious crime within the meaning of Article 6(2) of Directive (EU) 2016/681, this Regulation lays down the rules on:
2023/09/06
Committee: LIBE
Amendment 105 #
Tineke STRIK
Proposal for a regulation
Article 1 – paragraph 1 – point a
(a) the collection by air carriers of advance passenger information data (‘API data’) on extra EU flights and selected intra EU flights;
2023/09/06
Committee: LIBE
Amendment 108 #
Tineke STRIK
Proposal for a regulation
Article 1 – paragraph 1 – point c
(c) the transmission from the router to the Passenger Information Units (‘PIUs’) of the API data on extra-EU flights and selected intra-EU flights.
2023/09/06
Committee: LIBE
Amendment 111 #
Tineke STRIK
Proposal for a regulation
Article 1 – paragraph 1 a (new)
This Regulation is without prejudice to Regulation (EU) 2016/679 [GDPR], Regulation (EU) 2018/1725 [EUDPR] and Directive (EU) 2016/680 [LED].
2023/09/06
Committee: LIBE
Amendment 113 #
Tineke STRIK
Proposal for a regulation
Article 2 – paragraph 1
This Regulation applies to air carriers conducting scheduled or non-scheduled extra-EU flights or intra-EU flights.
2023/09/06
Committee: LIBE
Amendment 114 #
Tineke STRIK
(c) ‘intra-EU flight’ means any flight as defined in Article 3, point (3), of Directive (EU) 2016/681;deleted
2023/09/06
Committee: LIBE
Amendment 118 #
Tineke STRIK
Proposal for a regulation
Article 3 – paragraph 1 – point d
(d) ‘scheduled flight’ means a commercial flight as defined in Article 3, point (e), of Regulation (EU) [API border management];
2023/09/06
Committee: LIBE
Amendment 119 #
Tineke STRIK
Proposal for a regulation
Article 3 – paragraph 1 – point e
(e) ‘non-scheduled flight’ means a commercial flight as defined in Article 3, point (f), of Regulation (EU) [API border management];
2023/09/06
Committee: LIBE
Amendment 121 #
Tineke STRIK
Proposal for a regulation
Article 3 – paragraph 1 – point h
(h) ‘traveller’ means any person as defined in Article 3, point (i), of Regulation (EU) [API border management];deleted
2023/09/06
Committee: LIBE
Amendment 133 #
Tineke STRIK
Proposal for a regulation
Article 4 – paragraph 1
1. Air carriers shall collect API data of travellpassengers on the flights referred to in Article 2, for the purpose of transferring that API data to the router in accordance with paragraph 6. Where the flight is code- shared between one or more air carriers, the obligation to transfer the API data shall be on the air carrier that operates the flight.
2023/09/06
Committee: LIBE
Amendment 141 #
Tineke STRIK
Proposal for a regulation
Article 4 – paragraph 3 – subparagraph 1
Air carriers shall collect the API data referred to Article 4(2), points (a) to (d), of Regulation (EU) [API border management] using automated means to collect the machine-readable data of the travel document of the travellpassenger concerned. They shall do so in accordance with the detailed technical requirements and operational rules referred to in paragraph 5, wheronce such rules have been adopted and are applicable.
2023/09/06
Committee: LIBE
Amendment 149 #
Tineke STRIK
Proposal for a regulation
Article 4 – paragraph 6
6. Air carriers shall transfer the encrypted API data collected pursuant to paragraph 1 to the router, by electronic means. They shall do so in accordance with the detailed rules referred to in paragraph 9, wheronce such rules have been adopted and are applicable.
2023/09/06
Committee: LIBE
Amendment 152 #
Tineke STRIK
Proposal for a regulation
Article 4 – paragraph 7
7. Air carriers shall transfer the API data both at the moment of check-in and immediately after flight closure, that is, once the travellpassengers have boarded the aircraft in preparation for departure and it is no longer possible for travellpassengers to board or to leave the aircraft.
2023/09/06
Committee: LIBE
Amendment 154 #
Tineke STRIK
Proposal for a regulation
Article 4 – paragraph 7 a (new)
7a. Air carriers shall store, for a time period of 24 hours from the moment of departure of the flight, the API data relating to the passengers that they collected pursuant to paragraph 1. They shall immediately and permanently delete that API data after the expiry of that time period.
2023/09/06
Committee: LIBE
Amendment 155 #
Tineke STRIK
Proposal for a regulation
Article 4 – paragraph 8 – subparagraph 1 – introductory part
Without prejudice to the possibility for air carriers to retain and use the data where necessary for the normal course of their business in compliance with the applicable law, aAir carriers shall immediately either correct, complete or update, or permanently delete, the API data concerned in both of the following situations:
2023/09/06
Committee: LIBE
Amendment 157 #
Tineke STRIK
Proposal for a regulation
Article 4 – paragraph 8 – subparagraph 1 – point a
(a) where they become aware that the API data collected is inaccurate, incomplete or no longer up-to-date or was processed unlawfully, or that the data transferred does not constitute API data;
2023/09/06
Committee: LIBE
Amendment 158 #
Tineke STRIK
Proposal for a regulation
Article 4 – paragraph 8 – subparagraph 1 a (new)
Air carriers shall immediately and permanently delete API data where they become aware that the API data collected was processed unlawfully or that the data transferred does not constitute API data.
2023/09/06
Committee: LIBE
Amendment 160 #
Tineke STRIK
Proposal for a regulation
Article 4 – paragraph 8 – subparagraph 2
Where the air carriers obtain the awareness referred to in point (a) of the first subparagraph or in the second subparagraph of this paragraph after having completed the transfer of the data in accordance with paragraph 6, they shall immediately inform the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA). Upon receiving such information, eu-LISA shall immediately inform the PIUs that received the API data transmitted through the router.
2023/09/06
Committee: LIBE
Amendment 168 #
Tineke STRIK
Proposal for a regulation
Article 5 – paragraph 1 – subparagraph 1
The router shall, immediately and in an automated manner, transmit the API data, transferred to it by air carriers pursuant to Article 4, to the PIUs of the Member State on the territory of which the flight will land or from the territory of which the flight will depart, or to both in the case of intra- EU-flights. Where a flight has one or more stop-overs at the territory of other Member States than the one from which it departed, the router shall transmit the API data to the PIUs of all the Member States concerned.
2023/09/06
Committee: LIBE
Amendment 174 #
Tineke STRIK
Proposal for a regulation
Article 5 – paragraph 1 – subparagraph 3
However, for intra-EU flights, the router shall only transmit the API data to that PIU in respect of the flights included in the list referred to in paragraph 2.deleted
2023/09/06
Committee: LIBE
Amendment 176 #
Tineke STRIK
Proposal for a regulation
Article 5 – paragraph 1 – subparagraph 4
The router shall transmit the API data in accordance with the detailed rules referred to in paragraph 3, wheronce such rules have been adopted and are applicable.
2023/09/06
Committee: LIBE
Amendment 180 #
Tineke STRIK
Proposal for a regulation
Article 5 – paragraph 2
2. Member States that decide to apply Directive (EU) 2016/681 to intra-EU flights in accordance with Article 2 of that Directive shall each establish a list of the intra-EU flights concerned and shall, by the date of application of this Regulation referred to in Article 21, second subparagraph, provide eu-LISA with that list. Those Member States shall, in accordance with Article 2 of that Directive, regularly review and where necessary update those lists and shall immediately provide eu-LISA with any such updated lists. The information contained on those lists shall be treated confidentially.deleted
2023/09/06
Committee: LIBE
Amendment 200 #
Tineke STRIK
Proposal for a regulation
Article 6 a (new)
Article6a Processing of API data received 1. The PIUs shall process API data, transferred to them in accordance with this Regulation, only for the purpose of preventing, detecting, investigating and prosecuting terrorist offences and serious crime within the meaning of Article 6(2) of Directive (EU) 2016/681. 2. The PIUs or other competent authorities shall under no circumstances process API data for the purposes of profiling.
2023/09/06
Committee: LIBE
Amendment 202 #
Tineke STRIK
Proposal for a regulation
Article 7 a (new)
Article7a Personal data protection audits 1. The competent national data protection authorities referred to in Article 51 of Regulation (EU) 2016/679 shall ensure that an audit of processing operations of API data constituting personal data performed by the PIU’s for the purposes of this Regulation is carried out, in accordance with relevant international auditing standards, at least once every four years. 2. The European Data Protection Supervisor shall ensure that an audit of processing operations of API data constituting personal data performed by eu-LISA for the purposes of this Regulation and Regulation (EU) [API border management] is carried out in accordance with relevant international auditing standards at least once every year. A report of that audit shall be sent to the European Parliament, to the Council, to the Commission, to the Member States and to eu-LISA. eu-LISA shall be given an opportunity to make comments before the reports are adopted. 3. In relation to the processing operations referred to in paragraph 2, upon request, eu-LISA shall supply information requested by the European Data Protection Supervisor, shall grant the European Data Protection Supervisor access to all the documents it requests and to the logs referred to in Article 13(1), and shall allow the European Data Protection Supervisor access to all eu-LISA’s premises at any time.
2023/09/06
Committee: LIBE
Amendment 204 #
Tineke STRIK
Proposal for a regulation
Article 7 b (new)
Article7b Fundamental Rights 1. Collection and processing of personal data in accordance with this Regulation and Regulation (EU) [API border management] by air carriers and competent authorities shall not result in discrimination against persons on the grounds of sex and gender, race, colour, ethnic or social origin, genetic features, language, religion or belief, political or any other opinion, membership of a national minority, property, birth, disability, age or sexual orientation. 2. This Regulation shall fully respect human dignity and the fundamental rights and principles recognised by the Charter of Fundamental Rights of the European Union, including the right to respect for one’s private life, to the protection of personal data and to freedom of movement. 3. Particular attention shall be paid to children, the elderly, persons with a disability and vulnerable persons. The best interests of the child shall be a primary consideration when implementing this Regulation.
2023/09/06
Committee: LIBE
Amendment 234 #
Tineke STRIK
Proposal for a regulation
Article 17 – paragraph 1
The Commission shall, in close cooperation with the PIUs, other relevant Member States’ authorities, the air carriers and relevant Union agencies, in particular the European Data Protection Supervisor and the Fundamental Rights Agency, prepare and make publicly available a practical handbook, containing guidelines, recommendations and best practices for the implementation of this Regulation.
2023/09/06
Committee: LIBE
Amendment 236 #
Tineke STRIK
Proposal for a regulation
Article 18
Regulation (EU) 2019/818
Article 39 – paragraphs 1 and 2
___________ In Article 39, paragraphs 1 and 2 are replaced by the following: ‘1. A central repository for reporting and statistics (CRRS) is established for the purposes of supporting the objectives of the SIS, Eurodac and ECRIS-TCN, in accordance with the respective legal instruments governing those systems, and to provide cross-system statistical data and analytical reporting for policy, operational and data quality purposes. The CRRS shall also support the objectives of Regulation (EU) …/… of the European Parliament and of the Council* [this Regulation].” * Regulation (EU) [number] of the European Parliament and of the Council of xy on [officially adopted title] (OJ L …)” 2. eu-LISA shall establish, implement and host in its technical sites the CRRS containing the data and statistics referred to in Article 74 of Regulation (EU) 2018/1862 and Article 32 of Regulation (EU) 2019/816 logically separated by EU information system. eu-LISA shall also collect the data and statistics from the router referred to in Article 13(1) of Regulation (EU) …/… * [this Regulation ]. Access to the CRRS shall be granted by means of controlled, secured access and specific user profiles, solely for the purpose of reporting and statistics, to the authorities referred to in Article 74 of Regulation (EU) 2018/1862, Article 32 of Regulation (EU) 2019/816 and Article 13(1) of Regulation (EU) …/… * [this Regulation ].Article 18 deleted Amendments to Regulation (EU) 2019/818
2023/09/06
Committee: LIBE
@parltrack
@parltrack@eupolicy.social
[javascript protected email address]
code AGPLv3.0+
data ODBLv1.0
site content CC-By-Sa-3.0

ParlTrack - 2011-2024

© European Union, 2011 – Source: European Parliament
Hosted by AS250.net Foundation