and then just print and send>

Subject: Complaint on Passenger Name Record transmission to US Dear Mr. ... / Ms. ..., On I flew to the United States with on the flight and ticket number . As I have recently read in the press, European airline companies disclose Passenger Name Record data to United States authorities without obtaining passengers' explicit consent, and would, therefore, violate the European Data Protection Directive 95/46/EC. Such PNR data includes, e.g., my name, address, telephone number, date of birth, credit card number and meal choice. did not request that I consent for the disclosure of this data, nor did that airline company inform me that my data would be disclosed to United States authorities. I can certainly understand that United States authorities collect data such as my name as it is probably necessary to customs and immigration agencies for security purposes. However, I can hardly understand why such information, such as the credit card I used to purchase my ticket and my choice of meal are necessary for United States authorities and why that information was transferred without my knowledge and consent. I object to the transfer of PNR data and believe that this transfer lacks legal basis and violates the main data quality principles of the European Data Protection Directive. The Joint Statement of the EU commission and the United States Customs on the PNR transmission (17 March 2003) mentions that the data can be used "for enforcement purposes" and that it can be retained as long as it is "required for the purpose for which it was stored". These definitions lack the protections required by European Data Protection Directive 95/46/EC for transfer of personal data to third countries. I also object to the non-specific character of the data transfer. According to EU law and the European Convention on Human Rights, data collected by private companies for commercial purposes cannot be used for law enforcement purposes without judicial approval based upon the showing of a demonstrable need and should be specific to a traveller. Under EU privacy regulations, the transfer of personal data to third countries that do not have laws adequately protecting individuals’ privacy is prohibited, unless the individual consents to the transfer of his/her data. Most passengers, when they book a flight to the USA, are not even notified that their data is directly sent to US law enforcement authorities. European travellers, therefore, do not have any possibility to object to the transfer. I have sent a letter to asking them for my customer file and which data they have transferred to the United States authorities. I also request that you inquire about 's processing activities and whether the transfer of my personal data is in compliance with data protection laws, especially article 25 of the European Data Protection Directive 95/46/EC and the applicable provisions of national law. Sincerely yours,