The European Parliament has approved a controversial deal to share airline passengers' personal data with US authorities, replacing a potentially illegal agreement that has been in force since 2007.
The European Union has approved a pact on the exchange of air passenger data with the US.
"The EU-US Passenger Name Record (PNR) agreement was adopted with 409 votes in favour, 226 against and 33 abstentions," the European Parliament said in a statement on Friday.
The deal will see European air carriers automatically transfer all airline passengers' data to the US authorities. The Passenger Name Record (PNR) data includes name, address, passport details, names of fellow travellers, financial details, contact information, and general remarks. Data including flights and hotel reservations, known as 'Advance Passenger Information' (API), is also shared.
The US authorities will keep personal data for 15 years, after which identifying data will be deleted, according to a European Parliament statement. Data will be kept in an 'active' database for five years, after which it will be moved to a 'dormant' database for 10 years that has "stricter access controls", according to the European Parliament.
German Green MEP Jan Philipp Albrecht, who had pushed for the agreement to be referred to the European Court of Justice, told ZDNet UK on Friday that the only avenue left for a legal challenge of the agreement was for an affected individual to bring a complaint through national courts, and the European Court of Justice.
"The political decision is made," said Albrecht, who added that individuals would have to challenge the agreement on the grounds of proportionality.
The US and other authorities use the information to maintain "no-fly" and "inhibited" lists. Wikileaks founder Julian Assange's human rights lawyer Jennifer Robinson was stopped from boarding a Virgin flight on Wednesday due to being on an "inhibited" list, according to The Guardian.