When former U.S. Homeland Security Secretary Michael Chertoff came to Berlin a couple of years ago to celebrate the ratification of a data-sharing deal between the United States and the European Union, he said a revealing thing. At a press conference in the posh Hotel Adlon he was asked about the threat of European "retaliation" against the new American effort to gather information on foreign visitors since 9/11.
European tourists were already being asked to give up more and more details about themselves, like fingerprints, at U.S. airports, for trying to visit the United States. What if European governments introduced the same restrictions on Americans?
"I wouldn't say taking fingerprints is a restriction," answered Chertoff. "I think it's great if Europeans take more information from all its visitors, not just Americans. ... I don't view this as a question of retaliation."
When it comes to data, of course, the more the merrier: Western governments have assembled massive databases on ordinary people around the world since 9/11 through travel and banking records. The agreement he celebrated at the Hotel Adlon had to do not with fingerprint or DNA data in criminal cases — those agreements came later — but with swapping relatively harmless-sounding "passenger name records" between Europe and the United States.
So what? A passenger name record, or PNR, is what an airline or travel website learns about you when you make a reservation: name, address, payment method, travel dates, destination. It can include your onboard meal. It might add car rental or hotel details, including corporate discounts or an additional name on the hotel bill (i.e., who you slept with). It might reveal a medical condition.
"Travel data," writes Edward Hasbrouck, a journalist who specializes in travel and privacy, "is the largest, most sensitive, most intimately revealing, most heavily computerized and name-identified, and for all these reasons the most significant category of personal information not yet subject, in the USA, to any sector-specific Federal privacy regulations (such as apply to legal, financial, and medical information)."
The Department of Homeland Security can skim PNR data from servers based on American soil, much as it grew accustomed to skimming bank data from SWIFT servers. These bits of information can be valuable en masse, so they find their way to clearinghouse companies like Amadeus or Worldspan. These companies, with servers in the U.S., can then be subpoenaed for information — even if the flights in question only occurred in Europe.
"Particularly in the aggregate," writes Hasbrouck, PNRs can "reveal trade secrets, insider financial information, and information protected by attorney-client, journalistic, and other privileges."
PNRs are to the flow of people what SWIFT bank-transfer data is to the flow of money. The data builds a profile. Combine it with other travel details that the U.S. not only collects, but pressures its European friends to collect — biometric data from a passport; simple information typed by every visa-free tourist into Washington's so-called ESTA website ("Electronic System for Travel Authorization"); and soon, perhaps, body scans — and the profile a government can build is not trivial.
Right now the Department of Homeland Security wants to match this information with no-fly lists to catch terrorists. Maybe a future goal is one of those nifty crime-fighting computer systems from a latter-day James Bond film, where an official can call up photos and a biography of a bad guy with a few finger-swipes. In Berlin, Chertoff said the new data-sharing plans between the U.S. and Europe were part of a larger high-tech project to set up international "tripwires that allow the vast majority of people to pass unimpeded," but catch terrorists as they cross international borders.
But this new hunger for data is staggering when you consider that a passenger needed nothing but a ticket at the airline desk to board a plane in America before 1996, when President Clinton first ordered airlines to ask travelers for positive ID. That started as a temporary measure, but 9/11 made it irrevocable. (In those long-lost days you showed your passport to a border official, but not an airline clerk.)
So one purpose of trans-Atlantic agreements made by Washington and the EU in the wake of 9/11 is to build databases packed with as much information on the public at large as the governments can legally gather. It's why Chertoff said at the Hotel Adlon that he wouldn't mind if European border agents started to fingerprint casual American tourists. It's why the U.S. has been eager to extend "visa-free travel" deals to other countries. And it's why a coming agreement on SWIFT data may give European officials the right to snoop on money transfers within the U.S.
In the latter case, Europeans complained that American officials were using SWIFT data to spy on bank transactions within Europe, not just to and from the United States; so one solution was to forge a "reciprocal" agreement — to share information neither government had an acknowledged right to peek at before. The more, the merrier! Right?