The terrorist attacks in the USA, Spain and London forced countries all over the world to strengthen their transport security measures but there is not always agreement on how far such measures can go before becoming invasive and over-expensive.


After the 11 September 2001 terrorist attacks, aviation security moved up the political agenda. Whereas, before that, each member state had its own rules on air safety, the EU adopted its first common rules in 2002, with detailed provisions on: access to sensitive areas of airports and aircrafts; passenger screening and baggage handling; control of cargo and mail; staff screening and training, and; classification of weapons and other items prohibited on-board planes or in airports. 

The World Trade Center attack also accelerated work on security measures in other areas, such as maritime transport. Fearing that ships could carry weapons of mass destruction or be used as weapons themselves, International Maritime Organisation (IMO) member governments met in December 2002 to establish obligatory security standards for ships and ports. The Commission integrated these standards into a binding Regulation in March 2004. 

9/11 and subsequent attacks in Madrid, London and other cities, have led to closer co-operation between the EU and the US on transport security, but some of the measures proposed have led to transatlantic disagreements. This is particularly the case for Passenger Name Records (files created by airlines for each passenger when a journey is booked, and stored in the airlines' reservation and departure control databases). 



In September 2005, the Commission proposed amending its 2002 rules and introduced the idea of placing armed air marshals on flights. Parliament and Council supported the suggestion but stressed that placing armed officers on flights must remain subject to approval by states of departure, over-flight and arrival (EurActiv 13 October 2006). 

One year later, following the exposure of a terrorist plot to smuggle liquid explosives onto aircrafts flying from the UK to the US (EurActiv 21/08/06), the EU adopted Community-wide rules limiting the size of hand luggage and the amount of liquid that can be taken on flights (EurActiv 28/09/06). The new rules have applied since 6 November 2006 but MEPs are demanding they be reviewed or even repealed due to the annoyance caused to passengers (EurActiv 06/09/07).

Passenger Name Records:

In order to comply with US anti-terror requirements, the Council signed an agreement with the latter, in May 2004, forcing European airlines to pass on information about passengers on planes flying to or through the US - including credit card details, email addresses, telephone numbers and hotel or car reservations - to US security authorities. 

In September 2004, Parliament appealed to the European Court of Justice for the annulment of the agreement, arguing that it did not provide sufficient privacy protection for European passengers. The ECJ ruled, on 30 May 2006, that the Council decision was not “founded on an appropriate legal basis” and told the EU to renegotiate the deal (EurActiv 31/05/06). A deal was finally reached at the end of June (EurActiv 29/06/07), requiring air carriers to pass on data regarding European passengers to the US Department of Homeland Security. The deal has again been fiercely criticised by MEPs, which say it is no better than the previous one (EurActiv 13/07/07).

A similar scheme for transferring passenger data to European security services came into force in September 2004. 


Transport security costs can be significant and public authorities’ attitude to funding varies widely in member states. In an August 2006 report, the Commission concludes that “the protection of European citizens against terrorist attacks is essentially a state responsibility” and that public financing for such measures does not constitute state aid. 

The report also finds that government aid is unlikely to greatly distort competition because, whichever financing model is used - a centralised one where security is financed mainly by the state, or a decentralised one where security is paid for by airports - the passenger is always ultimately the main ‘funder’ through taxes or airline security charges. It nevertheless recommends more transparency and defining common principles for the funding of security measures to avoid distortions. 

  • Ports and ship security 

Transposition of International Maritime Organisation rules into EU law:

According to the March 2004 regulation on enhancing ship and port facility security, which incorporates maritime security measures adopted in 2002 by the IMO, each ship intending to enter a member state’s port must provide 24-hour advance information concerning ship and cargo safety. 

Strengthening security in European ports:

Ports are not only focal points for shipments of dangerous cargo but also for major chemical and petrochemical production centres and, because they are often situated near cities, terrorist attacks could easily trigger knock-on effects on the surrounding industry and harm people in the neighbouring population. Additional measures on port security were therefore adopted by the Commission in October 2005, requesting that member states draw up port security plans, and entitling the Commission to conduct inspections to verify their effectiveness (EurActiv 10/02/04). 

International cooperation:

The EU co-operates with the US to eliminate potential terrorist threats from maritime container transport in the framework of the Container Security Initiative (CSI) launched in September 2004 (EurActiv 18/11/03). 

  • Intermodal Transport:

As an addition to legislation on air, maritime and port security, the Commission proposed, in February 2006, a Regulation on enhancing the security of the entire supply chain. It established minimum European standards that freight operators should abide by in exchange for receiving a “secure operator” status from national authorities. 

But transport operators and business associations protested that the scheme would simply increase costs massively, potentially crippling small businesses, while bringing only minor security benefits (EurActiv 04/09/06). The Dutch MEP in charge of steering the proposal through Parliament, Jeanine Hennis-Plasschaert (ALDE) took up these concerns and asked Transport Commissioner Jacques Barrot to withdraw the draft Regulation. The commissioner decided, in December 2006, to freeze the proposal. 

  • Urban Transport:

The attacks on commuter trains in Madrid on 11 March 2004 (191 killed) and on the Underground and a bus in London on 7 July 2005 (52 killed) also brought to the attention of EU politicians how vulnerable our public-transport systems are. The Commission has started consultations with the public transport sector on how to factor in security constraints from the start of the planning and design stages of installations and networks. 


The Association of European Airlines (AEA) and the Airports Council International Europe (ACI) both warn against “the ever-increasing cost of aviation security”, which now represents up to 25% of operating costs in European airports. They believe that “countering the threat of terrorism is a national security duty” and that government must therefore help finance the costs linked to protecting the general public, as it does in the US. This, they say, is also essential to ensure a level playing field for Europe’s aviation industry both within and outside of the EU. 

They also stress that security measures must remain risk-based, saying: “What passengers do not want is political actionism which does nothing to enhance the already high security levels.” 

Regarding the transfer of passenger data, the AEA states that passenger data requests are a financial burden while “posing a risk to quality customer service” and raising “legitimate data-protection and data-privacy concerns”. 

Maurice Wessling, president of European Digital Rights (EDRI) said: "The transfer of passenger data lacks any legal basis and violates EU data protection laws. There are very little safeguards against abuse. If European travellers are unfairly stopped and searched at airports, or even barred access to the US, they will find it impossible to find out which data has been the cause of these restrictions."

The European Seaports Organisation’s (ESPO)  main concern is keeping ports accessible under the new security rules and how to finance these measures. “The estimation of overall security costs is very high and the great disparity of funding approaches between member states may entail distortions of competition,” it stated. 

The International Road Transport Union (IRU) believes that enhancing supply-chain security is important but doubts that the scheme which had been proposed by the Commission would have achieve this aim. Bertil Dahlin, president of the IRU Goods Transport Liaison Committee, said: “Hauliers are faced with a plethora of rules and regulations on security and they are completely lost in the jungle of requirements... It seems that the proposal for a draft EU Regulation will do little more than only add to the confusion.” 

European business organisations EUROCHAMBRES  (Association of European Chambers of Commerce and Industry), EuroCommerce  (which represents the retail, wholesale and international trade sectors in Europe), UEAPME  (European Association of Craft, Small and Medium-sized Enterprises)  and ESBA (the European Small Business Alliance) were particularly concerned about the financial implications of the proposal, which they said would generate disproportionate administrative burdens and compliance costs for European businesses.

Tina Sommer, president of the ESBA added that, although the scheme was voluntary, it would have put smaller companies, which could not afford to fulfill the conditions required to obtain a secure operator status, at a disadvantage. "The proposal could cost SMEs across all sectors €55 billion without any clear benefits," she said.

However, the Confederation of Organisations in Road Transport Enforcement (CORTE) said it regretted that the Commission’s initiative was not reconsidered before being frozen. Secretary General Dr. Thierry Granturco explained that, in the past, the public had been sensitised to the importance of security in the aviation and maritime areas through a number of incidents. "Waiting for precedent cases in road transport before action is taken can be a risky approach," he warned, adding: “Introducing security standards for road transport operators is a logical step, closing the circle of protective provisions in the transport chain that have been accepted by businesses in the past.” 


  • 6 Nov. 2006: Tighter EU-wide aviation security rules on hand luggage and taking liquids on board planes entered into force.
  • 29 June 2007: EU and US negotiators concluded a deal on the transfer of air passenger data.
  • 23 July 2007:  European foreign ministers approved the PNR deal.