 Pretty person. Yeah He's an attorney and a right sign. Wild is that's called in dutch and he works for the gels his health shaft for Freiheit's right in Berlin if I'm right good. Give them a welcome applause, please It's early in the morning. We're gonna kick back here Early in the morning only at the congress you can call 12 30 or early in the morning, but it is and and Well, if you've ever sat on a plane and wondered what the person three right and rose behind you is eating whether They're flying alone whether they have Checked in their luggage or only hand luggage and what visa they were using when they were buying their plane ticket then you're probably a Police officer or should join the national police of any EU member state because that is exactly what a national police is in Germany and Austria and other Europeans Member states Europe in member states of the European Union can do thanks to the PNR directive which is the topic of today's talk and We are going to talk and explain to you what the PNR directive and the laws Transposing it into national law are all about why this is problematic and what we can do and when what we are actually doing Against it in order to stop it and Walter will will start off with a few info Yeah, hello So firstly, I would like to introduce her into epicenter works because we have already a history on bringing down Data retention laws, so probably you know us from our fight Against data retention in Europe when we still were called a kaffur at Austria. I'm working for epicenter works on a voluntary basis and I would like to mention my colleague Angelica Aden summer who did the main work on this for epicenter works But she cannot be at Congress this year So flight data It is said I've heard that at any given point in time one million people are on a plane on a plane in the skies flying around the globe as you can see here and Today Although in times of resource exhaustion, we should talk about that anyway. I'm convinced today We are talking about a data protection issue about it a big one and We are talking about passenger name records So what is a passenger name record anyway a passenger name record as you can see here is data set compiled of 19 different data Fields so you can get about up to 60 different data points on one single passenger on one single flight So for instance you have data in there like the first and second name address but also other things metadata more important things like the means of Payment you made the point in time when you book the flight and things like that and a Specific problem about it is that there is also a free text field. So airline employees can enter data there at which we cannot control and Altogether we have a quite big data set of each passenger on each flight So this is common in the airline industry But in 2016 the PNA P&R directive came about So what is the P&R directive? It is a piece of European legislation which was enacted in April 2016 and When we have European legislation It's important to mention that it doesn't come out of the blue out of Brussels, but it is enacted together From the Commission the European Parliament and the Council and the Council are Then the governments of our member states So we have to keep in mind that member states governments have a big say when things like this are enacted and It is a directive and that means that every single member state has to transpose the content of the directive into its national law and This had to be done until the 25th May of 2018 this was the transposition deadline and For instance Austria and Germany made laws to transpose that into their national law So what had they to enact they had to enact laws prescribing that all airlines have to transfer data of all passengers all passenger name records of every flight and They have to be pushed to a national police database so Unlike the telecom data retention. I already mentioned the data is not kept where it Where it is created But it has to be pushed from the private sector from the airlines to police database the databases and the data retention directive prescribes that Every flight leaving or entering the European Union must be covered by that But in addition every single member state also covered flights within the EU So you have we have the full take now flights within the EU as well of as flights leaving or entering the EU and every single record of every single passion passenger of every single flight is in a police database and will be Compared with existing databases for instance of known criminals or of stolen passports and the like and they try to find Matches there and what they are also going to do is Matching with predetermined criteria So they will come up with flight patterns of known perpetrators for instance when they book their flight and so on they will algorithmically try to find Patterns there and then they will compare your flight passenger name records with that data and if you have a similar behavior then previous perpetrator previous criminal for instance, then you are already under suspicion and This data in these databases are stored for five years and Can be further used by different law enforcement agencies So the data is not only compared and then deleted again the storage time is five years and They do something called deep personalization about six months after The data was created, but this is not in any way an anonymization But they just remove some data and it can easily be identified again so the The person the data belongs to can easily be identified for the whole period of five years So you probably asked yourself already first is this effective? Well, this runs already since last year. So we have some data First I will present to you the data from Austria in Austria we found out that Already until the 30th of September 2019 almost 24 passenger name records were forwarded to the passenger name unit at the Bundeskriminal Amt and 11,900,000 different people were subject to that and Of the of these almost 24 million passenger name records the algorithms the checking against databases already brought up 190,000 matches, so every single match every single Output the algorithm has must be checked by a human employee. So we have Sitting there people who have to check even this is not on not even the data of a year and they have to check 190,000 matches and Only 280 of them are actual hits so if a person checks what the algorithm outputs there then only in 0.15% of the cases The police woman or policeman come to their conclusion. Yeah, this is actually relevant for us and if you do the math this means that only 0.001 percent of all The 24 million passenger name data your data, which is checked actually leads to a hit and We don't even know how many actual False positives remain in these 220. This is only but the police will inspect Afterwards, so we have no numbers or results if they had actual Investigative results on that but what we can say is that there are 21 employees qualified employees working in the passenger name passenger information unit and this costs almost 2 million euros per year and Only for checking the data in the small country of Austria and Bija now will present you the data in German the number the data of the big Neighbor because you said in Germany the numbers are surprisingly similar We also had have numbers up until mid of August 2019 and we have had almost 32 million passenger name records checked Which generated automatic results of matches of about 240,000 which then were checked by 40 police officers and There remained only 910 actual hits so the fail rate was 99.6% and only 0.003 percent of all PNR's checked led to actual hits and even of that number Just as in Austria, we are not sure how many false positives remain We know that there were considerably a considerable amount of false positives We estimate them to be in the hundreds, but the law enforcement did not specify What actually how many false positives remained even among the 910 and one of the results we know is that it led to 57 arrests We don't know for which crimes. We don't know whether these people actually committed a crime whether they were suspected For crime whether they were just on a watch list, but 57 arrests assuming this is these were legitimate This means that 0.0002 percent of all PNR's check led to an arrest And if you try to to transpose this to other situations in life You could go to a to a market to to some To some festival or whatnot and just ask randomly people and you would probably have with a similar probability An arrest in the end at the end of the day So if this holds that this whole PNR processing holds if this effectiveness is the standard that we are Happy with then you can easily take this to all other sorts of walks of life and this is to in our opinion a big problem Because it will lead to a digital surveillance state which is has come quite near with these new tools that the PNR directive Provide what we've now just shown are the the automatic is the the the checks against databases That was the one thing that the PNR directive provides for the other one is the checking against predetermined criteria And this is where the voodoo kind of starts because the idea that you can Merely from the data that is in the PNR in your passenger name record Derived whether you are suspicious or dangerous even is at least in our opinion Pretty much voodoo and it it has serious consequences and it might lead to automatic profiling affecting hundreds of millions of people possibly because everybody is checked when they and when they use a plane every PNR record is Checked against these automatic against these predetermined criteria and not just for crimes such as terrorism or organized crime where you could maybe make a case that There exists such as thing as a pattern of Movements where you can identify a terrorist suspect, but it is also used for crimes such as fraud Or forgery or a cyber crime where I would argue you cannot find a typical cyber criminals flights pattern flight patterns It's just not possible and So but but the PNR directive itself is only the one thing we are fighting this for reasons that go way beyond the PNR Processing so the processing of PNR flight data because it may set a dangerous precedent for other mass surveillance already now PNR Processing is being discussed for buses that cross borders for ships and trains and there are some countries such as Belgium that have already enacted The very much and why stop there might police officer argue why not include rental cars that cross borders Why not at some point include private cars that cross borders? Why not get away with that requirement of crossing borders? Why not have everybody checked all the time maybe via their mobile phones? so when we give way to this sort of data processing with such a low threshold of effectiveness we open the door for all sorts of of Activity that that at least from our point of view is Illegal and the question you were maybe asking yourself or maybe not is this legal We are convinced it is not and luckily We could rely on an illegal opinion that the European Court of Justice ECJ has rendered two and a half years ago and There is one PNR agreement in place between the EU and the USA which has not been challenged yet And another agreement was supposed to be known or was negotiated between the EU Commission and Canada and the EU Parliament then presented the question to the ECJ whether this an agreement would be violating fundamental rights of the Charter of Fundamental Rights of the European Union and the ECJ concluded that it would In the form that it was proposed to it and breach article 7 and 8 of that charters article 7 is the right to privacy And article 8 is the right to have your data protected your personal data protected And we are of course relying heavily on that on the arguments that that the court developed and Developing them even further because as you can imagine the PNR and the agreement with Canada and the PNR directive are quite similar So what are these arguments that we are? Bringing up and we've shown already that the effectiveness is highly doubtful and this leads us to Concluding that the PNR directive is disproportionate. So it violates human the fundamental rights for several reasons One being a point that we've both raised already that PNR processing indiscriminately affects all passengers And this is a very important point because it makes it shows the difference between PNR processing Under the PNR directive and what was formerly the the data retention of telecommunications data because the latter would require a Specific case something must have must have had happened in order for the law enforcement to ask for the telecommunications data of The McKellan telecommunications provider, but then our PNR data for on flights is checked all the time always Against databases and even more importantly the predetermined criteria, which we of course do not know nothing about And this brings with it especially the last point the the predetermined criteria a high risk of false accusations We've already seen that ninety nine point six percent of database matching automatic database matching is wrongful I'd imagine how how much higher the number would be with with checking against predetermined criteria and That the reason why we expect many false accusations false positives is the so-called base rate fallacy Which basically says that when you're looking for a very small amount of people in a large data set and you have a significant Fail rate you're very likely to produce more false positives Maybe many more false positives than true positive So actual suspects are not suspects of but actual terrorists So for instance when you if you're checking 100 million flight passengers and you're looking for 100 terrorists And you have even a fail rate of zero point one percent Not the ninety nine point six that we're talking about now, but even just zero point one percent This would render this would this would render one hundred thousand flight passengers Subject to to to being suspected terrorists So you would have one hundred thousand false positives one hundred terrorists that let's assume all of them So there they had the positive success rate of a hundred percent now identifying positively as a terrorist suspect Then you will have one hundred thousand false Impositives one hundred people that are correctly suspected, but everybody of course will be treated the same and What I've listed here are just the obvious things as a stigmatization at the airport by interrogation searches of luggage of person people and arrests missing flights and Depending on the country you're in you you may be in much more trouble after that a Second point is that the data has been stored way too long As what has already mentioned five years Why do you need five years of worth of data to check a database entry or against the predetermined criteria? Of course, you don't need it for that because you could do that Immediately after a person has boarded you can perform the check and then you could get rid of the data Deleted after it's being used the reason why they're storing it so long is that law enforcement and intelligence agencies have an interest That goes beyond that checking after boarding They want to keep the data and check it in future criminal investigations in future Looking into a person what where they've traveled and so on and so forth And but that has nothing to do with the original purpose of PNR the PNR directive And what at least everybody here will know and all data storing so data storing is in itself a problem It's in itself a violation of fundamental rights when there's no legitimate reason to do so but also all data storing puts the data stored at risk and as we've mentioned already there's Payment data, especially there's other other sensitive data with whom you've traveled whether you've traveled with light luggage or not Where you have gone to via which place and so on and so forth Another point which is a bit more complicated is that the directive was not sufficiently Differentiate between crimes where automatic profiling could make sense and others. So as I've said there may be a point in saying that the typical terrorists would fly from a to b via C Without checking in luggage using this or that tourist Office and so on and so forth. So maybe just assume that this is the case This no one can can tell me that there's a typical flight pattern of a fraudster where you could ask Define which way a fraudster typically flies and identify in such a person So what the directive would have needed to do if they wanted had wanted to check against predetermined criteria would have been to identify for which crimes exactly and only for these you can use such a a voodoo a miracle weapon and Finally these these are not the only arguments, but the more most important ones We expect that the false positives especially will lead to discrimination is against minorities One example that the German national police the Bundeskriminalamt has given us for a predetermined criteria. We are are Young men flying from airports from the south of Turkey to a major European city So they're thinking about a former IS fighters IS terrorists and as you can easily imagine What kind of people will be sitting in in a plane that's coming from the south of Turkey to Germany or to Any other European country? Of course this will affect disproportionately affect minorities and It is already now highly Intransparent what how these these predetermined criteria are developed and Imagine a near future where law enforcement will Naturally try to involve artificial intelligence in finding patterns in the raw data of Flight movements of PNR of the treasure they are now hoarding with a five-year worth of data and At the latest at that point in time it will be impossible for us to understand why A certain Criterion was defined and how how to challenge it when you're in the position to be arrested at the airport for instance So what can we do and that's where we come in the the two organizations that that we are we are no typical Advocacy organizations, but we do the strategic litigation because unfortunately, you know advocacy worked on the PNR directive it came into force pretty much as the as national law enforcement wanted it to be and so there's one instance one authority at That in in in Europe in Germany in Europe the European Union the courts which can which can ideally Dismiss of the reasons of the motivations of law enforcement to have such a Directive in force and can try to objectively assess whether this is actually legal and should remain enforced a enforce or not and We did this through litigation both in Germany and in Austria and both are Having the same goal which is to present to the European Court of Justice the question whether the P&I directive and any National law that is transposing the P&I directive is in violation of the Charter fundamental rights Why do we have to go? Why is the ECJ important because when you have a national law that Directly transposes a European law and a directive and then only the ECJ can declare such a law void There's no way for for instance in Germany the Federal Constitutional Court the Bundesverfassungsgericht To to say that this law should not be applied any longer and this question must be presented to the ECJ So how could we get to the ECJ? This actually was a process that took us quite a bit of time It's been two years in the making a year ago We launched six different complaints of six six different plaintiffs that are flying all over Europe that we booked flights for them That led them to a European member states a European Union member states and to states outside of the European Union And we sent the court the complaints to three different courts One two two complaints were directed against the German national police and went to the administrative court in Wiesbaden And four others were directed against the airplane airlines So we try to diversify as much as possible in order to find a judge that would agree with us that this is problematic and this needs checking and We are optimistic that Either the court in Wiesbaden or the court in Cologne will soon present these very questions to the court whether The German transposition law and the PNR directive itself are violating fundamental rights of the European Of the chart of the European Union so as Bijan already mentioned our aim is to Bring our case as quick as possible to the European Court of Justice So we had different options and in Austria. We went a third way We brought a case before the Austrian data protection authority against the flukas daten central central stelle in Bundeskriminal am so passenger name unit and We we brought several different cases and we also found out the different smaller things Which we are on but the main thing is that this case already went as planned to the Bundesverwaltungsgericht so the the federal administrative court in Austria and From there we hope that is also soon forwarded to the European Court of Justice and in theoretically it Would be enough if one case Hits the European Court of Justice, but practically it's of course very important to have different strategies Because there are different speeds and and so on so That's why we also should mention another case the the Belgian case. So this Belgian human rights organization. They also Brought the case before Belgian court in this case. It was directly the Belgian constitutional court So they had a direct way to the constitutional court unlike our cases in Austria where this or in Germany where this was not possible and therefore the Belgian constitutional court already referred the easy the this case to the European Court of Justice and We are hoping that our case will be soon or cases or at least some of them will soon be joined with this case at the European Court of Justice and then decided together So to sum up we have actually a Very infringing piece of legislation the PNR directive PNR the processing as Bijan Explained to us in more detail is extremely intrusive in All flight passengers fundamental rights. It violates Fundamental rights Especially because it is already enough is it is also ineffective and disproportionate So we we heard about these different things the base rate fallacy that it is Ineffective and disproportionate because it is not really possible to find Specific suspects in such amount of data with without having a lot a real lot of false positives So other arguments are that it is data retention in the first place so also already the retention of the data of people like you and me is a big problem and unlawful and This general suspicion it leads to so everybody becomes a Suspect and can become practically a suspect can get problems Practically from that let's legislation without being a criminal and Yeah, we have strong arguments as we showed you already the case of the Canada PNR Directive the PNR Agreement with Canada is very similar in practice to the PNR directive So the arguments already held before the European Court of Justice so actually it's a shame that this was not stopped earlier and civil rights organizations as we are have to do that and That's what we do and and that's also why we depend on donations. So That's also important to stress that our work people having people full employed to do things like that costs some money and That's where you can find us so we have a campaign website no PNR. EU in German and English and You can find us of course on our website and Both websites and find ways how to join us how to support us and also still today You can meet us at our assembly in the CCL building the about freedom assembly Where both the gesellschafts for Freiheitsrechte and epicenter works have their desk and you can ask all the question But first ask all your questions now. Thank you Thank you Walter and the Jan for this very clarifying statements, I Supposed there are quite some questions here in the audience Only I'm looking at someone who's grabbing a microphone now I see the signal angel. Yes, the mic is not on Can someone help him signal angel needs a mic. Yes It's almost there Brains are working. Hello. Yeah. Okay. Thank you Is there a cheap method to spam false entries for example by booking flight under a false name and then canceling the flights? Well, I think it's it's difficult to I I didn't get the very first words. Sorry Yes, the very first one was is there a cheap method to spams to spam false entries? Yeah, theoretically, I don't think that anything could speak against that. Yeah But the problem is that you would need to cancel very late because I think the first time they push the data The airlines are pushing the data to the national police is 48 hours before the before boarding So that might come become a bit expensive I Would want to make a general remark also on that. Of course here especially here Thoughts like that how to hack the system are very important and can help but our general approach is To take legal action to protect all people at the same way and not only those who who are able to protect themselves or Hacked the system or whatever. So That's the reason why we both go this general way To bring that down completely An other question here. Yes, sorry, sir Yes, please Is this one? Okay What do you expect as a result of your litigation if you are successful in court? will Do you expect the courts to strike down the directive entirely or do you expect another? another legislative process to do the same thing again or to fix quote-unquote the the directive in Very small ways just to to drag out this battle and continue the practice. What do you think the effects will be? And Well, we think that the the European Court of Justice if it follows our argument our reasoning it should say it will strike down the Pni directive entirely because the way it is set up is fundamentally not in In accordance with what it earlier ruled so far unless it will change its its entire history of ruling on data retention And so on and so forth and but of course we will expect the Member States to push for another legislation that may be similar but not the exact same thing So I am I can imagine something of a of the sort of data retention or telecommunications as it were With airlines retaining the data and keeping it for a shorter period of time and only giving it out When there is a specific request with where there's a specific reason for law enforcement to ask for the data I could imagine such a thing coming up again And then we would need to check whether this is illegal or not and and maybe go through the whole procedure as well But it's it would be an immense success if the PNR directive as it stands would be void declared void Thank you Someone else has a question. I see person here. Yeah microphone one, please Hello, yeah, okay So you had the argument that there are a lot of false positives when they checked a peanut a peanut data Do we have any information how long it takes for them to react on the peanut data if they get a positive hit? So maybe they on react after the person has landed and already was in the country And they claim that they can act immediately, but we can't know that for sure So the the fact that they have 57 arrests at the airports signals that at least in some respect This is true But we cannot know for sure how much how quickly they they they can react and keep in mind This is only the start so so far in Germany or up until the point where this the data that I presented for Germany Came about there were only nine airlines. I think that were linked to the system So expect there to be much more data coming in and once they start with a predetermined criteria thing This will multiply probably even so I Cannot imagine unless they they they they have this new Thing with with hundreds of people involved that they can act immediately in each and every case Yeah, thank you There is a question again on the internet. Yes Yes, how come you haven't tried voiding the local add-on provisions that is p&r for intra EU flights That is the most likely against Schengen provisions And we have addressed that as well. We have picked intra EU flights also We've not just picked flights that go extra EU but We've also made the point about the the violation of Schengen criteria But that is not so much that is not the focus of our argument because there are in our opinion much stronger ones Because with Schengen you would need to argue that it's practically impossible to to enter the country without Being held up and you're not being held up in in a physical form at least not in in general generally and so this argument is a bit more difficult than having an actual border checking of people But but we're making this point, of course and but we rely on other points that we think is our stronger okay please microphone number one, please Is there also data being collected on flights inside a country? So for example from Munich to Berlin? Not yet not under the directive and theoretically of course that the German Legislator or any other legislator could decide to include that as well, but not so far Number two, please microphone I was wondering how much false negatives are in there Do you know that like of these big databases if I don't act like a normal Terrorists or something then I am we don't we don't know unfortunately not yet And I think it would be very interesting especially for the predetermined criteria to see how many they miss But yeah, no not nothing yet. Yeah, and there is no undo button I think no no undo that's always the thing that I that I'm worried about You know, then you have an announcement about Francis data that go out and then you can't have an undo So what do we do then? It's always up new Yeah, you can keep this for five years now But who says it's there for five years and what kind of interpretation you get out of it for five after five years You can't know in which database you will be transferred in the meantime Because law enforcement can ask the data of that very data set for that data and the PNR data set and put it in another Data set because they have whatever reason then to do so and then these are again enlarged and enlarged And then you will find another reason why they should remain in there for a longer time So it's yeah, that's why we're fighting this now and hoping to to change the future. I do see your chances actually A Long-term or short-term the chances to get to that point is we are very convinced that we will be successful Because otherwise we wouldn't have started this This is one of our principles We only do things that we are convinced of being able to win and we think we will win this and what will come out of it referring to I think the second the second question earlier and what will be happening in the future with other than Legislation, I can't know but one argument the police is always making or in private at least to me or is that they're saying Well people will get used to it and it won't be in five or ten years Nobody's gonna be wondering about things like this and this is exactly what we are working against that this never becomes normal Because if this becomes normal as I've argued before Meets an applause. Yes If it becomes normal as I've argued before it is easy to extend it to all sorts of life ways of life and walks of life And this then would be in a surveying state Par excellence very we're very close there. So we need to support them really hard There is one last question. I suggest. No, there was two questions number two Does the PNR directive apply only for regular scheduled flights? So does it also apply for private flights general aviation business flights, etc? Good question? I don't know actually I look into that and write me come come here later, and I'll check and give you an answer Then there is one at number one. I Just wanted to ask a question in response to the idea that this is becoming very normal Because one thing that I think has become very normal that hasn't been mentioned explicitly is the idea that people can be Essentially put on a watch list as being a potential criminal in the absence of a crime You know, and we have these terrorist watch lists all over the world now That is now the new normal and I think that's very problematic and can you just maybe talk about Do we do you see a future where we can actually get back to you know only? Arresting or investigating people Because of probable cause for example, well, I hope that this will be our future But about that point that very point I'm not too optimistic to be honest I'm optimistic about one other one another thing that is that these instruments that are now being created Will prove to be highly ineffective as we've so now seen now already with the checking against databases That is already a lot of work and very tedious work that with the idea that you can Define criteria for people that that are legitimately to be suspected of Committing a crime in the future. I think it will prove at least for the next few decades to be quite impossible And this is I don't know if this came along across Sufficiently, but this is really the core issue that we have with the PNR directive They are claiming that they can find Suspects of crimes of future crimes Imagine not not someone that has committed a crime or that will definitely commit a crime that that can Reasonably be suspected of committing a crime in the future and then act upon that and that is really a huge step into Yeah, what I called voodoo about the the expectation that you can take data and and prevent crime a minority report Times yeah to the power of five. I don't know Sit back and relax. Thank you B. John and thank you Walter for this fantastic lecture Please support them at no P and R and dot you go to their booth as well