Privacy International defends the right to privacy across the world, and fights surveillance and other intrusions into private life by governments and corporations. Read more »



Far too many efforts to combat terrorism have focused on the use of sensitive personal information and mass surveillance - techniques that have been demonstrated to deliver limited benefits and that create substantial negative outcomes. Much of the responsibility for this approach to anti-terror policy belongs to the U.S. Government. The EU however is not exempt from this type of policy, however. For a number of years the European Union and its Member States have been implementing expansive data surveillance policies that in many ways mimic U.S. policies and in some particular ways go well beyond what is considered acceptable in the U.S.

We noticed a resurgence of this trend after the security alert in August 2006 upon the arrests in Britain that broke up a suspected plot to target transatlantic air travel. Immediately across Europe we saw a surge of commentary from the media, experts, and policy-makers on the need for positive profiling of passengers and expanded surveillance techniques to detect terrorists. This led eventually to reduced protections over passenger data protections to the U.S., renewed calls from U.S. authorities for extended access to this data, and calls within the EU to accelerate policy-making to ensure that EU authorities are granted powers to access and process passenger data.

Nearly everyone presumed that positive profiling actually existed, was operational, and was a reasonable response to increased concerns about security. In fact, the very definition of 'profiling' is unknown and its practical application is quite limited. Technologically it is not only impractical to implement but it is also politically unpalatable.

Contrary to the understanding of some in Europe, the United States government currently does not have in place a system for the systematic examination of air travellers' personal data on domestic flights. As Europeans well know, the U.S. government requires passenger name records (PNR) for each passenger for flights into and over the United States. But it does not do this on domestic flights.

The United States does have in place a rudimentary system called Computer-Aided Passenger Pre-Screening System (CAPPS). This system, which is administered not by the government but by the airlines, examines a few basic attributes of passenger reservations, such as whether the passenger paid cash and bought a one-way ticket (though not all the factors are public). This system has been in place since the 1990s, but is considered rudimentary and inadequate by the government.

The absence of a positive profiling system in the United States is not through lack of intent. Since 2002, the Bush Administration has been pushing for the creation of a new system for such profiling. However, implementation is still highly uncertain, and for very good reasons.

This report looks into the challenges encountered by the Bush Administration in its efforts to establish a mass-surveillance scheme. These challenges are a mix of technological, political, legal, and social influences that have prevented the development of a profiling scheme. We wonder why, despite the internal policy struggles in the U.S., these policies seem to be re-appearing as uncontroversial elsewhere.

As the European Union and its Member States implement schemes for mass surveillance of movement and at borders, policy-makers must learn from prior mistakes in judgement rather than merely replicating them.