Aviation security


Tighter security measures in airports and planes were adopted to fend off terrorist threats, but airlines warn they could also result in higher costs for passengers at a time when soaring fuel bills are already driving up prices.

After the 11 September 2001 terrorist attacks, aviation security moved up the political agenda. Whereas before then, each member state had its own rules on air safety, the EU adopted its first common rules in 2002, with detailed provisions on: access to sensitive areas of airports and aircrafts; passenger screening and baggage handling; control of cargo and mail; staff screening and training, and; classification of weapons and other items prohibited on board planes or in airports. 

In September 2005, the Commission proposed amending its 2002 rules, introducing changes to rules regarding passenger and baggage screening, aircraft security checks and the recruitment and training of staff. It also suggested introducing, for the first time in EU legislation, rules on in-flight security measures such as access to cockpits, unruly passengers and so-called "sky marshals". The new rules were adopted in March 2008 (EURACTIV 12/03/08). 

Parallel to these legislative developments, the EU also adopted a range of ad hoc, Community-wide measures following the summer 2006 exposure of a terrorist plot to smuggle liquid explosives onto aircraft flying from the UK to the US (EURACTIV 21/08/06). The rules, which were applied as of November 2006, included limits to the amount of liquid that can be taken on flights (EURACTIV 28/09/06). 

The 9/11 attacks also made it necessary for the EU to conclude a new bilateral agreement with the US to comply with fresh US anti-terror requirements regarding the transfer of passenger data to American security services. But the pact, signed in May 2004, was ruled illegal by the European Court of Justice in May 2006. Another deal was concluded in June 2007 (EURACTIV 29/06/07), although it has been fiercely criticised for failing to provide sufficient privacy protection for European passengers (EURACTIV 13/07/07).

Growing number of security measures 

The harmonisation of aviation security measures at European level has largely facilitated travel by ensuring all EU countries apply the same standards and practices. It also serves to guarantee minimum levels of security in all countries. However, member states remain free to apply more stringent security measures provided that they are "relevant, objective, non-discriminatory and proportional to the risk that is being addressed". This, combined with a general increase in security threats, has led to the adoption of a large number of 'ad hoc' security measures, both at national and EU level. 

For example, in November 2006, following the exposure of an alleged terrorist plot to smuggle liquid explosives onto aircraft at London's Heathrow airport in August of that year (EURACTIV 21/08/06), the EU introduced new restrictions on carrying liquids on board. Under the new rules, European air passengers may only carry liquids on board if they are in containers of less than 100ml and held in a transparent, re-sealable plastic bag to be checked by airport security officials. 

The restrictions have been strongly criticised for causing confusion and delays at European airports, while hundreds of tonnes of duty-free goods and thousands of litres of alcohol and perfume are confiscated from misinformed passengers each week (EURACTIV 13/02/0706/09/07). 

A key issue is that larger quantities of liquid are only permitted on the flight if they have been purchased in a duty-free shop within the EU and are carried in a sealed plastic bag. Liquids purchased in duty-free shops outside the EU have to be abandoned at the airport, even if the passenger is only transiting. 

To address this problem, the Commission, in July 2007, adopted a regulation that will allow it to grant exemptions to third countries once it has verified that they apply equivalent aviation security standards. So far, just Singapore and Croatia have been approved. 

Parallel planned measures to limit the size of baggage that EU travellers may take on board aircraft have since been withdrawn for fear of provoking similar chaos at European airports to that caused by the ban on liquids. 

Passenger Name Records – a breach of privacy? 

To comply with US anti-terror requirements, the Council signed an agreement, in May 2004, forcing European airlines to pass on 34 pieces of information about passengers on planes flying to or through the US – including credit card details, email addresses, telephone numbers and hotel and car reservations – to US security authorities. 

In September 2004, the European Parliament appealed to the European Court of Justice for the annulment of the agreement, arguing that it did not provide sufficient privacy protection for European passengers. The ECJ ruled, on 30 May 2006, that the Council decision was not "founded on an appropriate legal basis" and told the EU to renegotiate the deal (EURACTIV 31/05/06). A deal was finally reached at the end of June 2007 (EURACTIV 29/06/07), requiring air carriers to pass on data regarding European passengers to the US Department of Homeland Security. The deal has once again been fiercely criticised by civil rights organisations and MEPs, which say it is no better than the previous one. 

The final compromise allows EU airlines to transfer 19 pieces of information, including names, travel dates, full itinerary, billing data and baggage information, to US counter-terrorist agencies. "Sensitive" PNR data, such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership and data concerning the health or sex life of the individual can also be used for limited periods in "exceptional cases". Data can be retained for three-and-a-half to fifteen years and will be kept for seven years in "active analytical databases," which MEPs fear will lead to a substantial risk of massive profiling, contrary to EU principles (EURACTIV 13/07/07).

In November 2007, the Commission proposed using this scheme as a precedent for the establishment of an 'EU PNR' (EURACTIV 7/11/07). 

US pressure 

Despite clinching a deal with the Commission on the PNR, Washington is now attempting to lure countries like Greece, Hungary and other new member states to hand over extra data on transatlantic passengers and allow armed air marshals on board US carriers flying to and from their territories, in exchange for the same visa-free access that Western EU citizens benefit from. 

Indeed, the US refuses to grant visa-free access on a bloc-wide basis, saying it first has to ensure that each individual country fulfils its stringent security requirements. It has notably already signed bilateral deals with the Czech Republic, Estonia and Latvia, while another 12 EU nations are still excluded from the US Visa Waiver Programme.

The matter has frustrated the EU, which has accused the US of attempting to undermine the Union's common visa policy and force individual countries to agree to additional security measures that are in violation of EU rules on aviation security and data protection (EurAcitv 13/03/08). 

The Commission said it would propose retaliatory measures – e.g. temporary restoration of the visa requirement for US nationals holding diplomatic and service/official passports – as of 1 January 2009 if no progress is achieved on including additional EU member states in its visa waiver programme by then. 

Rising costs for airlines 

European airlines and airports have lashed out at the high costs incurred by the ever-increasing security measures they have to comply with. Indeed, transport security costs can be significant and public authorities' attitude to funding varies widely across member states, which can lead to distortions in competition between airports and air carriers in different countries. 

In an August 2006 report, the Commission noted that "the protection of European citizens against terrorist attacks is essentially a state responsibility" and that public financing for such measures does not constitute state aid. MEPs also insisted that governments be made to take on at least some security costs to avoid distortions of competition and ensure that security measures are carried out to the highest standard in all airports – rather than at the lowest cost. 

But the idea was rejected by member states and, in the end, the final legislative text on new EU aviation security measures generally avoids the question of cost. It leaves governments the freedom to determine "in which circumstances and to what extent the costs of security measures should be borne by the state, the airport entities, air carriers, and other responsible agencies or users" (EURACTIV 12/03/08). 

Nevertheless, the Commission has been asked to produce, before 31 December 2008, a common formula for calculating these costs to improve their transparency. It is also invited to propose steps to ensure that any additional security charges imposed on passengers are used exclusively to meet security costs. 

Unfair competition? 

Airlines also say EU legislation on security is unbalanced and unfair towards the aviation sector compared with other transport modes such as trains and coaches, which are not under the same kind of pressure, despite the Madrid and London bombings. 

They have called for the PNR system to be applied to all modes of transport so as to avoid discrimination and competitive distortions. 

European Parliament Transport Committee Chairman and rapporteur on aviation security Paolo Costa said new aviation security rules adopted in March 2008 responded to the "primary concern […] of reinforcing air travellers' security without imposing additional costs or useless controls on them". 

Socialist MEP Saïd El Khadraoui welcomed the introduction of a provision that allows passengers and baggage arriving from third countries with equivalent safety standards to the EU to be exempted from additional checks. It "could notably reduce the impact of regulations on liquids," he pointed out. 

European airline and airport associations AEA and ACI Europe are also particularly supportive of such a 'One-Stop Security' concept, which will allow the EU to recognise third-country security standards and avoid multiplication of controls for transfer passengers. "A passenger who has been given the green light in Tokyo or Tel Aviv should not have to join another security queue when they transfer flights at Frankfurt, at inconvenience to themselves and the others in the queue," insisted AEA Secretary General Ulrich Schulte-Strathaus, highlighting the important costs of duplications.

ACI Europe Director General Olivier Jankovec agreed: "Let's not forget that for European airports, security alone now represents up to 35% of their operating costs."

The two associations underline the fact that security costs should not in fact be borne by airlines. "Security of citizens cannot be the responsibility – financially or otherwise - of airlines. This should remain the exclusive task of national authorities," they insist. 

This also goes for the transfer of passenger data, which a growing number of governments have been requesting since the 9/11 attacks. Airlines say providing all the different authorities with access to passenger data has burdened them with growing financial costs and inconsistent legal requirements. "Moreover these requests, by ignoring the rapid evolution of the airline industry towards paperless travel and one-stop checking/boarding that seek to ease travel, are imposing additional constraints on airlines' customers," they say, insisting that costs associated with data collection systems and data transmission should be fully borne by the requesting authorities. 

Asides from the costs related to the transfer of passenger data, Sophie in 't Veld, the Dutch Liberal MEP who was rapporteur on the EU-US PNR agreement, has expressed concern that while the collection and storage of personal data from aviation lists was said to be for "security reasons", it was being used for immigration and other purposes, and retained for 15 years, which may not be proportionate to the risks and the results. She called on the Commission not to override civil liberties in its pursuit of terrorists: "We should not forget that it is not only lives that we are trying to protect from terrorists but our democracy too." 

A grouping of 65 consumer organisations in America and Europe, represented by the TransAtlantic Consumer Dialogue (TACD), fully acknowledges the need for sound security measures to ensure aviation safety, but believes that passenger profiling and monitoring programmes constitute a privacy risk for passengers flying from the EU. These should thus be subject to reasonable safeguards so that the privacy rights of consumers are not violated and air travelers are not subjected to "unnecessary and intrusive profiling and searching". "We believe that it is vitally important to explore alternative approaches to air travel safety that are less intrusive and more likely to protect the security of travellers." 

Tony Bunyan, editor of Statewatch, a group devoted to monitoring civil liberties in Europe, said the PNR represents "yet another measure that places everyone under surveillance and makes everyone a 'suspect' without any meaningful right to know how the data is used, how it is further processed and by whom." 

  • 27 Nov. 2008: EU ministers due to issue a resolution on Commission proposals for an EU PNR. 
  • 3 Dec. 2008: European Parliament to vote on the EU PNR plan. 
  • 31 Dec. 2008: Commission has been asked to produce, before 31 December 2008, a common formula for calculating these costs to improve their transparency. 

Subscribe to our newsletters