Short Reads

Belgian Act on Passenger Name Records published

Belgian Act on Passenger Name Records published

Belgian Act on Passenger Name Records published

24.02.2017 BE law

On 25 January 2017, the Belgian Act on the processing of passenger name records (“PNR Act”) was published in the Belgian Official Gazette. The PNR Act implements three EU directives in the Belgian legal order: Directive 2016/681 on the use of passenger name record (PNR) data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime, Directive 2010/65 on reporting formalities for ships arriving in and/or departing from ports of the Member States, and Directive 2004/82 on the obligation of carriers to communicate passenger data.

The PNR Act obliges carriers and travel operators in the different transport sectors to transmit their passenger data to a central database called the “Passenger Database”, so that these data can be analyzed in the framework of terrorism, violent radicalization, and other forms of serious crime. This will allow law enforcement agencies to determine new trends and phenomena and to assess which passengers could be a danger to the public order. Transport companies and travel operators risk fines of up to €600 000 if they do not comply with this obligation.

However, before the PNR Act can enter into force, some implementing measures have yet to be taken. For instance, a new service called the “Passengers Information Unit” has yet to be established within the Federal Public Service Internal Affairs. This Unit will be in charge of the Passenger Database and cooperate with the Passenger Information Units of other member states, with Europol, and with third countries.

The PNR Act takes into account the privacy of the passengers by, amongst other things, (i) imposing the obligation to appoint a data protection officer within the Passenger Information Unit; (ii) strictly determining which categories of data may and may not be processed (i.e., no data relating to racial or ethnic origin, political opinion, religion, health, or sex life), (iii) imposing a maximum data retention period of five years, and (iv) imposing the obligation to de-personalize the data after six months from the registration thereof.  

The date of entry into force of the PNR Act will later be determined in its implementing decisions. In any event, the lawmaker will evaluate this three years after the PNR Act enters into force.

Team

Related news

02.10.2019 EU law
Seminar: Data protection implications of (a no-deal) Brexit

Seminar - On October 2nd at 4 pm, we organize a seminar where we will discus the implications of a (no-deal) Brexit on data protection.  These issues affect all businesses interacting between UK and EEA (including EU) and which send or receive data to and from UK. We will highlight the main challenges both in the case of a hard Brexit on 31 October 2019 and in other scenarios. We will also offer guidelines to help your organisation mitigate the respective risks.

Read more

19.08.2019 EU law
Enable “likes” and bear joint-controllership

Articles - The Court of Justice of the European Union recently ruled, in Case C-40/14 Fashion ID GmbH & Co. KG v Verbraucherzentrale NRW eV,  that a website operator that features “Like” social-media plugin from Facebook likely qualifies as joint-controller with Facebook for its website visitors’ personal data collection and transmission to Facebook.

Read more

28.08.2019 NL law
Masterclass: e-signature and electronic identifiers

Masterclass - Stibbe is organising a Masterclass on 26 September 2019 in Amsterdam on the subject of e-signature and electronic identifiers. This Masterclass will cover the legal framework and focus especially on the numerous possibilities for applying the various electronic signatures in different situations. In addition, we explain the regulations governing electronic identifiers, and the mandatory European recognition they receive.

Read more

Our website uses functional cookies for the functioning of the website and analytic cookies that enable us to generate aggregated visitor data. We also use other cookies, such as third party tracking cookies - please indicate whether you agree to the use of these other cookies:

Privacy – en cookieverklaring