Catherine Murphy (Kildare North, Social Democrats) | Oireachtas source

There is no doubt that the exchange of passenger data is critically important to the UK, to Ireland and to the wider EU law enforcement communities. So far, the exchange of data has been largely unaffected by Brexit, which was a significant win for the UK. As a third country, the UK must be held to higher standards than it was previously.

In this case, the EU has ruled that the UK data protection system is in line with the GDPR and that the exchange of this kind of data can go ahead. However, we are aware of the rhetoric that has come from Downing Street over the past couple of years. It shows a desire to break with GDPR rules and this will have to be kept under constant review. It could be empty rhetoric but we need to watch it closely. No one wants the UK's national security to be at risk. It is our nearest neighbour. Is there a person in the House that does not have some connection to the UK in terms of family members? However, that does not mean we can accept anything other than the highest degree of compliance with the standards set by the GDPR.

The Commission made a point of excluding data transfers for the purpose of UK immigration control from the adequacy decisions it adopted in November. This is due to the ruling in the UK courts that the Home Office practice of denying people their personal data was out of line with the GDPR. That seems to affect about 60% of people seeking access. I think it is to do with denying people access to their data. It is a high number of cases. Do the transfers of PNR data for the purposes of immigration control continue despite that court ruling or are they on hold until the UK remedies the situation?

The transfer of PNR data relating to international flights has been common practice worldwide since the 9/11 attack. The EU has many agreements with third party countries as a consequence. Recent judgments by the European Court of Justice have shown that the EU is enforcing increasingly high standards for privacy protections, which is welcome and is needed, especially for agreements formed prior to the GDPR coming into effect. Passenger name records include names, addresses, phone numbers, credit card information and meal preferences, a detail that can indicate ethnicity, religious belief or political affiliation. Strong safeguards need to be in place for the exchange and use of the information. There could be an obvious risk of profiling, for example.

It is obvious that this needs our approval and to go ahead, but I would like to hear a response to the point on the UK courts and the non-provision of information which those courts identified.

See this speech in context