Airlines warned about US data rules

It will not be enough for airlines to refer to the new regulations “on the back page of the terms and conditions”, the Data Protection Commissioner’s office said.

Airlines will face the possibility of legal challenges and compensation claims if a passenger is not fully informed exactly what information is being passed over.

Aer Lingus, from next month, will comply with the new regulations, though it will only give out information about passengers flying to the US. Other airlines have given the US authorities the green light to access their entire databases.

Dan Loughrey, corporate affairs manager at Aer Lingus, said the company was working on implementing the regulations and is working with the Data Protection Office to be clear about the legal requirements.

The data protection office said that passengers should also be made aware by the airlines that US data protection laws are not as strong as those in Europe.

The European Commission and US authorities are in discussions about the new regulations, but little progress has been made. The commission wants some agreement that the information will be subject to the more stringent data protection rules, that it will be used solely for security purposes and not passed on to other agencies.

If no agreement is reached by Christmas, data protection agencies in the various EU countries will be asked to take action. An official at the commissioner’s office said the issue was becoming more a political issue rather than just about data protection.

Aisling Reidy, of the Irish Council for Civil Liberties, said airlines have been put in an impossible situation.

“People must know that this information will include credit card details and identify someone as being in a particular religious group,” she said.

“People will have to make up their own mind if they want to take the risk.”