The European Commission and US government officials sought to minimise fears that flights from Europe to the US might be disrupted at the end of September when an illegal deal to share passengers' private data expires.
A two-year-old agreement to share more than 30 different items of personal information about passengers flying to the IS is illegal, the European Court of Justice ruled on Tuesday.
"We need continuity," said Franco Frattini, the European commissioner for justice and home affairs during a televised debate among EU and US anti-terrorism officials assembled in Washington and Brussels. He is "certain" an agreement can be reached to avert a crisis in transatlantic travel.
But some data protection lawyers believe the problem won't be so easy to get rid of. "It's not an easy situation," said Chris Kuner, a partner in the Brussels office of law firm Hunton & Williams. "The US government has said this court ruling won't change the rules on passenger data transfers agreed two years ago, but the court decision today throws everything up for reexamination," Kuner said.
The court allowed the passenger data agreement to continue until September 30 "for reasons of legal certainty," the court said in a statement. The European Commission must either draft a new agreement in the next four months or allow individual member states to strike bilateral agreements.
Without one of those two solutions, European airlines could be fined by US authorities if they fail to provide the same data after September 30 or by European data protection authorities if they do hand over the information. Passengers on European carriers could face delays of up to six hours while flights into the US are screened.
US authorities have also threatened to strip European carriers of the landing rights if they fail to provide the required passenger information in advance. US airlines don't face the same problem because they are not subject to Europe's tough data protection laws.
The US government doesn't appear ready to tone down its demands for passenger data, leaving European policy makers in a tight spot, Kuner said. "The bottom line is that European airlines, which rely heavily on the revenues from transatlantic flights, risk being shut down or pushed out of business," he said.
Information required by the US includes names, addresses, credit card numbers and travel schedules. That government insists that European airlines hand over such information at least 15 minutes before a transatlantic flight departs so that passenger lists can be screened for potential terrorists.
Airlines were caught in the middle of a legal tussle before the agreement was signed in May 2004, because European data protection laws forbid companies from exporting European citizens' personal data outside the Union, unless the country they export the information to has equivalent data protection laws. The US does not possess equivalent data protection rules.