The United States and the European Union have agreed to expand a security program that shares personal data about millions of US-bound airline passengers a year, potentially including information about a person's race, ethnicity, religion and health, The Washington Post reported Friday.

 

Under the agreement, airlines flying from Europe to the United States are required to provide data related to these matters to U.S. authorities if it exists in their reservation systems. The deal allows Washington to retain and use it only "where the life of a data subject or of others could be imperiled or seriously impaired," such as in a counterterrorism investigation, the report said.

 

According to the deal, which will take effect in August and continue through July 2014, the information that can be used in such exceptional circumstances includes "racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership" and data about an individual's health, traveling partners and sexual orientation.

 

The data now stored includes names, addresses and credit card information as well as telephone and e-mail contacts, itineraries, and hotel and rental car reservations.

 

US customs officials began collecting Passenger Name Record data in 1992 for inbound international flights and enforced the requirement after the 2001 attacks. The government now stores data on nearly all 87 million passengers who arrive in the country by air each year, most of them from Europe, in a master border security database, Homeland Security officials said.

 

The government combines such information with terrorist watch lists, other databases and sophisticated computer algorithms to detect high-risk travelers, in ways that watchdog groups say it has not adequately explained.

 

The agreement announced Thursday extends and expands a 2004 arrangement between the United States and the European Union. That pact was struck down on a technicality in May by Europe's highest court, which gave both sides until July 31 to negotiate a new deal. The United States had threatened to turn back flights otherwise.

 

Under the new accord, Europe allowed the United States to extend how long it can store data -- to 15 years from 3 1/2 years. Beginning in January 2008, airlines will be required to send, or "push," data from their reservation systems to the Homeland Security Department 72 hours before a flight departs, expanding an existing "pull" system in which the department retrieves information from carriers.

 

Although the Homeland Security Department has said it will move passenger information to "dormant" status after seven years and "expects" to erase it after 15 years, it notified the European Union that expiration of data will be subject to "further discussions," the report said.

 

The deal provoked alarm from privacy and civil-liberties groups on both sides of the Atlantic, according to the newspaper.

 

"What Americans should be concerned about is it is now here in black and white: The government will maintain a database of all travelers -- including travelers of US citizenship, including people who are believed to be no risk or threat ... the government will maintain that and data-mine it," Jim Dempsey, policy director for the Center for Democracy and Technology, a Washington-based advocacy group, was quoted as saying.

 

(Xinhua News Agency July 28, 2007)