4. The United Kingdom competent authority shall promptly inform the Specialised Committee on Law Enforcement and Judicial Cooperation of any significant incident of accidental, unlawful or unauthorised access, processing or loss of PNR data.
5. The United Kingdom shall ensure that any breach of data security, in particular any breach leading to accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, or any unlawful forms of processing, are subject to effective and dissuasive corrective measures which may include sanctions.
Article 550. Transparency and Notification of Passengers
1. The United Kingdom competent authority shall make the following available on its website:
(a) a list of the legistion authorising the collection of PNR data;
(b) the purposes for the collection of PNR data;
(c) the manner of protecting PNR data;
(d) the manner and extent to which PNR data may be disclosed;
(e) information regarding the rights of access, correction, notation and redress; and
(f) contact information for inquiries.
2. The Parties shall work with interested third parties, such as the aviation and air travel industry, to promote transparency at the time of booking regarding the purpose of the collection, processing and use of PNR data, and regarding how to request access, correction and redress. Air carriers shall provide passengers with clear and meaningful information in relation to the transfer of PNR data under this Title, including the details of the recipient authority, the purpose of the transfer and the right to request from the recipient authority, access to and correction of the personal data of the passenger that has been transferred.
3. Where PNR data retained in accordance with Article 552 has been used subject to the conditions set out in Article 553 or has been disclosed in accordance with Article 555 or Article 556, the United Kingdom shall notify the passengers concerned in writing, individually and within a reasonable time once such notification is no longer liable to jeopardise the investigations by the public authorities concerned to the extent that the relevant contact information of the passengers is available or can be retrieved, taking into account reasonable efforts. The notification shall include information on how the natural person concerned can seek administrative or judicial redress.
Article 551. Automated Processing of PNR Data
1. The United Kingdom competent authority shall ensure that any automated processing of PNR data is based on non-discriminatory, specific and reliable pre-established models and criteria to enable it to:
(a) arrive at results targeting natural persons who might be under a reasonable suspicion of involvement or participation in terrorism or serious crime; or
(b) in exceptional circumstances, protect the vital interests of any natural person as set out in Article 544(2).
2. The United Kingdom competent authority shall ensure that the databases against which PNR data are compared are reliable, up to date and limited to those databases it uses in relation to the purposes set out in Article 544,
3. The United Kingdom shall not take any decision adversely affecting a natural person in a significant manner solely on the basis of automated processing of PNR data.
Article 552. Retention of PNR Data
1. The United Kingdom shall not retain PNR data for more than five years from the date that it receives the PNR data.
2. No hater than six months affer the transfer of the PNR data referred to in paragraph 1, all PNR data shall be depersonalised by masking out the following data elements which could serve to identify directly the passenger to whom the PNR data relate or any other natural person:
(a) names, including the names of other passengers on the PNR and number of passengers on the PNR travelling together;
(b) addresses, telephone numbers and electronic contact information of the passenger, the persons who made the flight reservation for the passenger, persons through whom the air passenger may be contacted and persons who are to be informed in the event of an emergency,
(c) all available payment and billing information, to the extent that it contains any information which could serve to identify a natural person;
(d) frequent flyer information;
(e) other supplementary information (OSD, special service information (SSI) and special service request (SSR) information, to the extent that they contain any information which could serve to identify a natural person; and
(f) any advance passenger information (API) data that have been collected.
3. The United Kingdom competent authority may unmask PNR data only if it is necessary to carry out investigations for the purposes set out in Article 544, Such unmasked PNR data shall be accessible only to a limited number of specifically authorised officials.
4. Notwithstanding paragraph 1, the United Kingdom shall delete the PNR data of passengers after their departure from the country unless a risk assessment indicates the need to retain such PNR data. In order to establish that need, the United Kingdom shall identify objective evidence from which it may be inferred that certain passengers present the existence of a risk in terms of the fight against terrorism and serious crime.
5. For the purposes of paragraph 4, unless information is available on the exact date of departure, the date of departure should be considered as the last day of the period of maximum lawful stay in the United Kingdom of the passenger concerned.
6. The use of the data retained under this Article is subject to the conditions id down in Article 553.
7. An independent administrative body in the United Kingdom shall assess on a yearly basis the approach applied by the United Kingdom competent authority as regards the need to retain PNR data pursuant to paragraph 4.
8. Notwithstanding paragraphs 1, 2 and 4, the United Kingdom may retain PNR data required for any specific action, review, investigation, enforcement action, judicial proceeding, prosecution, or enforcement of penalties, until concluded.
9. The United Kingdom shall delete the PNR data at the end of the PNR data retention period.
10. Paragraph 11 applies due to the special circumstances that prevent the United Kingdom from making the technical adjustments necessary to transform the PNR processing systems which the United Kingdom operated whilst Union law applied to it into systems which would enable PNR data to be deleted in accordance with paragraph 4.
11. The United Kingdom may derogate from paragraph 4 on a temporary basis for an interim period, the duration of which is provided for in paragraph 13, pending the implementation by the United Kingdom of technical adjustments as soon as possible. During the interim period, the United Kingdom competent authority shall prevent the use of the PNR data that is to be deleted in accordance with paragraph 4 by applying the following additional safeguards to that PNR data:
(a) the PNR data shall be accessible only to a limited number of authorised officials and only where necessary to determine whether the PNR data should be deleted in accordance with paragraph 4;
(b) the request to use the PNR data shall be refused in cases where the data is to be deleted in accordance with paragraph 4, and no further access shall be granted to that data where the documentation referred to in point (d) of this paragraph indicates that an earlier request for use has been refused;
(c) deletion of the PNR data shall be ensured as soon as possible using best efforts, taking into account the special circumstances referred to in paragraph 10; and
(d) the following shall be documented in accordance with Article 554, and such documentation shall be made available to the independent administrative body referred to in paragraph 7 of this Article:
(i) any requests to use the PNR data;
(ii) the date and time of the access to the PNR data for the purpose of assessing whether deletion of the PNR data was required;
(iii) that the request to use the PNR data was refused on the basis that the PNR data should have been deleted under paragraph 4, including the date and time of the refusal; and
(iv) the date and time of the deletion of the PNR data in accordance with point (c) of this paragraph.
12. The United Kingdom shall provide to the Specialised Committee on Law Enforcement and Judicial Cooperation, nine months after the entry into force of this Agreement and again a year later if the interim period is extended for a further year:
(i) a report from the independent administrative body referred to in paragraph 7 of this Article, which shall include the opinion of the United Kingdom supervisory authority referred to in Article 525(3) as to whether the safeguards provided for in paragraph 11 of this Article have been effectively applied; and
(ii) the assessment of the United Kingdom of whether the special circumstances referred to in paragraph 10 of this Article persist, together with a description of the efforts made to transform the PNR processing systems of the United Kingdom into systems which would enable PNR data to be deleted in accordance with paragraph 4 of this Article.
13. The Specialised Committee on Law Enforcement and Judicial Cooperation shall meet within one year of the entry into force of this Agreement to consider the report and assessment provided under paragraph 12. Where the special circumstances referred to in paragraph 10 persist, the Partnership Council shall extend the interim period referred to in paragraph 11 for one year. The Partnership Council shall extend the interim period for one further final year, under the same conditions and following the same procedure as for the first extension where, in addition, substantial progress has been made, although it has not yet been possible to transform the United Kingdom PNR processing systems into systems which would enable PNR data to be deleted in accordance with paragraph 4.
14, If the United Kingdom considers that a refusal by the Partnership Council to grant either of those extensions was not justified, it may suspend this Title with one month's notice.
15. On the third anniversary of the date of entry into force of this Agreement, paragraphs 10 to 14 shall cease to apply.
Article 553. Conditions for the Use of PNR Data
1. The United Kingdom competent authority may use PNR data retained in accordance with Article 552 for purposes other than security and border control checks, including any disclosure under Article 555 and Article 556, only where new circumstances based on objective grounds indicate that the PNR data of one or more passengers might make an effective contribution to the attainment of the purposes set out in Article 544.
2. Use of PNR data by the United Kingdom competent authority in accordance with paragraph 1 shall be subject to prior review by a court or by an independent administrative body in the United Kingdom based on a reasoned request by the United Kingdom competent authority submitted within the domestic legal framework of procedures for the prevention, detection or prosecution of crime, except:
(a) in cases of validly established urgency, or
(b) for the purpose of verifying the reliability and currency of the pre-established modeb and criteria on which the automated processing of PNR data s based, or of defining new models and criteria for such processing,
Article 554. Logging and Documenting of PNR Data Processing
The United Kingdom competent authority shall log and document all processing of PNR data. It shall only use such logging or documentation to:
(a) selfmonitor and to verify the lawfulness of data processing;
(b) ensure proper data integrity;
(c) ensure the security of data processing, and
(d) ensure oversight.
Article 555. Discbsure Within the United Kingdom
1. The United Kingdom competent authority shall not disclose PNR data to other public authorities in the United Kingdom unless the following conditions are met:
(a) the PNR data is disclosed to public authorities whose functions are directly related to the purposes set out in Article 544;
(b) the PNR datas disclosed only on a case-by-case basis;
(c) the disclosure is necessary, in the particular circumstances, for the purposes set out in Article 544;
(d) only the mmimum amount of PNR data necessary is disclosed;
(e) the receiving public authority affords protection equivalent to the safeguards described in this Title; and
(f) the receiving public authority does not disclose the PNR data to another entity unless the disclosure is authorised by the United Kingdom competent authority in accordance with the conditions laid down in this paragraph.
2. When transferring analytical information containing PNR data obtained under this Title, the safeguards set out in this Article shall apply.
Article 556. Disclosure Outside the United Kingdom
1. The United Kingdom shall ensure that the United Kingdom competent authority does not disclose PNR data to public authorities in third countries unless all the following conditions are met:
(a) the PNR data is disclosed to public authorities whose functions are directly related to the purposes set out in Article 544;
(b) the PNR data is disclosed only on a case-by-case basis;
(c) the PNR data is disclosed only if necessary for the purposes set out in Article 544;
(d) only the mmimum amount of PNR data necessary is disclosed; and
(e) the third country to which the PNR data is disclosed has either concluded an agreement with the Union that provides for the protection of personal data comparable to this Agreement or is subject to a decision of the European Commission pursuant to Union law that finds that the third country ensures an adequate level of data protection within the meaning of Union law.
2. As an exception to pont (e) of paragraph 1, the United Kingdom competent authority may transfer PNR data to a third country if
(a) the head of that authority, or a senior official specifically mandated by the head, considers that the disclosure is necessary for the prevention and investigation ofa serious and imminent threat to public security or to protect the vital interests of any natural person; and
(b) the third country provides a written assurance, pursuant to an arrangement, agreement or otherwise, that the information shall be protected in Ie with the safeguards applicable under United Kingdom law to the processing of PNR data received from the Union, including those set out in this Title.
3. A transfer in accordance with paragraph 2 of this Article shall be documented. Such documentation shall be made available to the supervisory authority referred to in Article 525) on request, including the date and time of the transfer, information about the receiving authority, the justification for the transfer and the PNR data transferred.
4. If in accordance with paragraph 1 or 2, the United Kingdom competent authority discloses PNR data collected under this Title that originates in a Member State, the United Kingdom competent authority shall notify the authorities of that Member State of the disclosure at the earliest appropriate opportunity. The United Kingdom shall make that notification in accordance with agreements or arrangements on law enforcement or information sharing between the United Kingdom and that Member State.
5. When transferring analytical information containing PNR data obtained under this Title, the safeguards set out in this Article shall apply.
Article 557. Method of Transfer
Air carriers shall transfer PNR data to the United Kingdom competent authority exclusively on the basis of the "push method", a method by which air carriers transfer PNR data into the database of the United Kingdom competent authority, and in accordance with the following procedures to be observed by air carriers, by which they:
(a) transfer PNR data by electronic means in compliance with the technical requirements of the United Kingdom competent authority or, in the case of a technical failure, by any other appropriate means ensuring an appropriate level of data security;
(b) transfer PNR data using a mutually accepted messaging format, and
(c) transfer PNR data in a secure manner using common protocols as required by the United Kingdom competent authority.
Article 558. Frequency of TransferÂ
1. The United Kingdom competent authority shall require air carriers to transfer the PNR data:
(a) initially from no earlier than 96 hours before the scheduled flight service departure time; and
(b) a maximum number of five times as specified by the United Kingdom competent authority.
2. The United Kingdom competent authority shall permit air carriers to limit the transfer referred to in point (b) of paragraph 1 to updates of the PNR data transferred as referred to in point (a) of that paragraph.
3. The United Kingdom competent authority shall inform air carriers of the specified times for the transfers.
4. In specific cases where there is an indication that additional access to PNR data is necessary to respond to a specific threat related to the purposes set out in Article 544, the United Kingdom competent authority may require an air carrier to provide PNR data prior to, between or after the scheduled transfers, In exercising that discretion, the United Kingdom competent authority shall act judiciously and proportionately, and shall use the method of transfer described in Article 557.
Article 559. Cooperation
The United Kingdom competent authority and the PIUs of the Member States shall cooperate to pursue the coherence of their PNR data processing regimes in a manner that further enhances the security of individuals in the United Kingdom, the Union and elsewhere.
Article 560. Non-derogation.
This Title shall not be construed as derogating from any obligation between the United Kingdom and Member States or third countries to make or respond to a request under a mutual assistance instrument.
Article 561. Consultation and Review
1. The Parties shall advise each other of any measure that is to be enacted that may affect this Title.
2. When carrying out joint reviews of this Title as referred to in Article 691(1), the Parties shall pay particular attention to the necessity and proportionality of processing and retaining PNR data for each of the purposes set out in Article 544, The joint reviews shall also include an examination of how the United Kingdom competent authority has ensured that the pre-established models, criteria and databases referred to in Article 551 are reliable, relevant and current, taking into account statistical data.
Article 562. Suspension of Cooperation Under this Title
1. In the event that either Party considers that the continued operation of this Title is no longer appropriate, it may notify the other Party accordingly of its intention to suspend the application of this Title. Following such notification, the Parties shall engage in consultations.
2. Where within 6 months of that notification the Parties have not reached a resolution, either Party may decide to suspend the application of this Title for a period of up to 6 months, Before the end of that period, the Parties may agree an extension of the suspension for an additional period of up to 6 months. If by the end of the suspension period the Parties have not reached a resolution with respect to this Title, this Title shall cease to apply on the first day of the month following the expiry of the suspension period, unless the notifying Party informs the other Party that it wishes to withdraw the notification. In that case, the provisions of this Title shall be reinstated.
3. If this Title is suspended under this Article, the Specialised Committee on Law Enforcement and Judicial Cooperation shall meet to decide what steps are needed to ensure that any cooperation initiated under this Title that is affected by the suspension is concluded in an appropriate manner. In any event, with regard to all personal data obtained through cooperation under this Title before the provisions concerned by the suspension provisionally cease to apply, the Parties shall ensure that the level of protection under which the personal data were transferred is maintained after the suspension takes effect.
Title IV. COOPERATION ON OPERATIONAL INFORMATION
Article 563. Cooperation on Operational Information
1, The objective of this Title is for the Parties to ensure that the competent authorities of the United Kingdom and of the Member States are able to, subject to the conditions of their domestic law and within the scope of their powers, and to the extent that this is not provided for in other Titles of this Part, assist each other through the provision of relevant information for the purposes of:
(a) the prevention, investigation, detection or prosecution of criminal offences;
(b) the execution of criminal penalties;
(c) safeguarding against, and the prevention of, threats to public safety; and
(d) the prevention and combating of money laundering and the financing of terrorism.
2. For the purposes of this Title, a "competent authority" means a domestic police, customs or other authority that is competent under domestic law to undertake activities for the purposes set out in paragraph 1.
3. Information, including information on wanted and missing persons as well as objects, may be requested by a competent authority of the United Kingdom or of a Member State, or provided spontaneously to a competent authority of the United Kingdom or ofa Member State. Information may be provided in response to a request or spontaneously, subject to the conditions of the domestic law which applies to the providmg competent authority and within the scope of its powers.
4. Information may be requested and provided to the extent that the conditions of the domestic law which applies to the requesting or providing competent authority do not stipulate that the request or provision of information has to be made or channelled via judicial authorities.
5. In urgent cases, the providing competent authority shall respond to a request, or provide information spontaneously, as soon as possible.
6. A competent authority of the requesting State may, in accordance with relevant domestic law, at the time of making the request or at a later point in time, seek consent from the providing State for the information to be used for evidential purposes in proceedings before a judicial authority. The providing State may, subject to the conditions set out in Title VIII and the conditions of the domestic law which applies to it, consent to the information being used for evidential purposes before a judicial authority in the requesting State. Equally, where information is provided spontaneously, the providing State may consent to the information being used for evidential purposes in proceedings before a judicial authority in the receiving State. Where consent is not given under this paragraph, the information received shall not be used for evidential purposes in proceedings before a judicial authority.
7. The providing competent authority may, under relevant domestic law, impose conditions on the use of the information provided.
8. A competent authority may provide under this Title any type of information which it holds, subject to the conditions of the domestic law which applies to it and within the scope of its powers. This may include information from other sources, only if onward transfer of that information is permitted in the framework under which it was obtained by the providing competent authority,
9. Information may be provided under this Title via any appropriate communication channel, including the secure communication line for the purpose of provision of information through Europol,
10, This Article shall not affect the operation or conclusion of bilateral agreements between the United Kingdom and Member States, provided that the Member States act in compliance with Union law. It shall also not affect any other powers which are available to the competent authorities of the United Kingdom or of the Member States under applicable domestic or international law to provide assistance through the sharing of information for the purposes set out in paragraph 1.
Title V. COOPERATION WITH EUROPOL
Article 564. Objective
The objective of this Title is to establish cooperative relations between Europol and the competent authorities of the United Kingdom in order to support and strengthen the action by the Member States and the United Kingdom, as well as their mutual cooperation in preventing and combating serious crime, terrorism and forms of crime which affect a common interest covered by a Union policy, as referred to in Article 566.
Article 565. Definitions
For the purposes of this Title, the following definitions apply:
(a) "Europol" means the European Union Agency for Law Enforcement Cooperation, set up under Regulation (EU) 2016/794 of the European Parliament and of the Council (1) (the "Europol Regulation");
(b) "competent authority" means, for the Union, Europol and, for the United Kingdom, a domestic law enforcement authority responsible under domestic law for preventing and combating criminal offences.
Article 566. Forms of Crime
1. The cooperation established under this Title relates to the forms of crime within Europols competence, as listed in Annex 41, including related criminal offences.
2. Related criminal offences are criminal offences committed in order to procure the means of committing the forms of crime referred to in paragraph 1, criminal offences committed in order to facilitate or carry out such crimes, and criminal offences committed to ensure impunity for such crimes.
3. Where the ist of forms of crime for which Europol is competent under Union law is changed, the Specialised Committee on Law Enforcement and Judicial Cooperation may, upon a proposal from the Union, amend Annex 41 accordingly from the date when the change to Europols competence enters into effect.
Article 567. Scope of Cooperation
The cooperation may, in addition to the exchange of personal data under the conditions kid down in this Title and in accordance with the tasks of Europol as outlined in the Europol Regulation, in particular include:
(a) the exchange of information such as specialist knowledge;
(b) general situation reports;
(c) results of strategic analysis;
(d) information on criminal investigation procedures;
(e) information on crime prevention methods;
(f) participation in traming activities; and
(g) the provision of advice and support in individual criminal investigations as well as operational cooperation.
Article 568. National Contact Point and Liaison Officers
1. The United Kingdom shall designate a national contact point to act as the central point of contact between Europol and the competent authorities of the United Kingdom.
2. The exchange of information between Europol and the competent authorities of the United Kingdom shall take place between Europol and the national contact point referred to in paragraph 1. This does not preclude, however, direct exchanges of information between Europol and the competent authorities of the United Kingdom, if considered appropriate by both Europol and the relevant competent authorities.
3. The national contact point shall also be the central point of contact in respect of review, correction and deletion of personal data.
4. To facilitate the cooperation established under this Title, the United Kingdom shall second one or more liaison officers to Europol, Europol may second one or more liaison officers to the United Kingdom.
5. The United Kingdom shall ensure that its liaison officers have speedy and, where technically possible, direct access to the relevant domestic databases of the United Kingdom that are necessary for them to fulfil their tasks.
6. The number of Ixison officers, the details of their tasks, their rights and obligations and the costs involved shall be governed by working arrangements concluded between Europol and the competent authorities of the United Kingdom as referred to in Article 577.