Skip to main content

Advertisement

Log in

When Big Data Meet Securitization. Algorithmic Regulation with Passenger Name Records

  • Original Article
  • Published:
European Journal for Security Research Aims and scope Submit manuscript

    We’re sorry, something doesn't seem to be working properly.

    Please try refreshing the page. If that doesn't work, please contact support so we can address the problem.

Abstract

This contribution deals with big data as a resource for state regulation. The academic interest in the specificities of contemporary technology-based regulation has generated the concept of “algorithmic regulation” (Yeung, Regulat Govern 347(6):1–19, 2017), which yet needs to be refined empirically. This article sets out to analyze the use of passenger name records (PNR) for security governance as a form of algorithmic regulation. It scrutinizes the political debate about the establishment of the use of PNR for security governance in Germany. Along the three phases of the regulatory process (standard setting, monitoring and enforcement), the study sheds light on how Yeung’s taxonomy helps to critically analyze the choices that lead to a specific type of algorithmic regulation. The analysis also unveils the major controversies of the debate (for example about individual rights) and addresses aspects that were left out of the debate (such as the problem of unwanted discrimination through machine learning). The analysis shows how these issues shaped the specific model of PNR-based governance. The German case also raises awareness for the symbolic function of big data in regulation—a dimension that should be taken into account by the concept of algorithmic regulation. The final discussion points out that research about algorithmic regulation is challenged by systemic opacity, which poses conceptual and political problems. The articles ends with a reflection upon the power of the (seemingly unchallenged) promise of big data that lends itself as a resource for securitization strategies.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Similar content being viewed by others

Notes

  1. Boyd and Crawford define big data as a “cultural, technological, and scholarly phenomenon” made up of the interplay of algorithmic analysis of large datasets—in order to identify patterns and make economic, social, technical, and legal claims (Boyd and Crawford 2012).

  2. Once collected, data can only be used for the purpose that was defined at the moment of consent.

  3. Any collection of personal data has to be restricted to the data that is absolutely necessary for the relevant purpose.

  4. No personal data can be collected and processed without the direct consent of the data subject.

  5. These areas are, among others: cybernetics, critical data studies, critical algorithm studies, critical software studies, critical security studies, surveillance studies, privacy research, and policy research.

  6. Data transmission will start immediately once the law comes into effect in April 2017 and proceeds in steps until May 2018. Any failure by airlines and travel agencies to transmit passenger data will be subject to a fine.

  7. The author made many unsuccessful attempts to gather non-public information from the government and security agencies about the political process that led to the PNR bill and about details of the data collection, analysis and use. This opacity was justified with security reasons.

  8. This list of “competent authorities” is required by the EU Directive in Art. 7.

  9. The EU Directive includes a review that the EU Commission has to submit to the EU Parliament in 2020. The report should among other include a review of the necessity and proportionality of the collection and processing of PNR data for the purposes declared in the Directive. Whereas the report has to take into consideration the experiences made in the Member States, there is no specification concerning the methodology of the evaluation (EU 2016/681 Art. 19).

  10. Other than in the German Federal anti-discrimination law, “gender” and “disabilities” are not mentioned as criteria that cannot be used  for differential treatment.

  11. Only SITA, a company that provides IT and telecommunication services to the air transport industry and has experience with building PNR systems, points out that the deletion of specific data is technically challenging and would delay the project (Knetsch 2017).

  12. The bill lists 203 new posts in the Federal Criminal Police, 371 in the Federal Office of Administration, 27 at the Federal Information Technology Center, 23 at the Federal Police, and 4 at the Federal Commissioner for Data Protection and Freedom of Information (Deutscher Bundestag 2017a).

References

Primary Sources

  • Arzt C (2017) Stellungnahme zur Anhörung des Innenausschusses des Deutschen Bundestages zum Entwurf eines Gesetzes über die Verarbeitung von Fluggastdaten zur Umsetzung der Richtlinie (EU)

  • Deutscher Bundestag (2017a) Entwurf eines Gesetzes über die Verarbeitung von Fluggastdaten zur Umsetzung der Richtlinie (EU) 2016/681: (Fluggastdatengesetz – FlugDaG)

  • Deutscher Bundestag (2017b) Entwurf eines Gesetzes über die Verarbeitung von Fluggastdaten zur Umsetzung der Richtlinie (EU) 2016/681 (Fluggastdatengesetz – FlugDaG)

  • Deutscher Bundestag (2017c) Plenarprotokoll 225. Sitzung: 1. Lesung zu PNR-Gesetz

  • Deutscher Bundestag (2017d) Plenarprotokoll 231. Sitzung: 2. Lesung zu PNR-Gesetz

  • Bundestag Deutscher (2017) Wortprotokoll der der 114. Sitzung des Innenausschusses, Öffentliche Anhörung zu PNR-Gesetz

    Google Scholar 

  • Die Bundesregierung (2017) Konsequenzen nach Anschlag in Berlin. https://www.bundesregierung.de/Content/DE/Artikel/2017/01/2017-01-10-de-maiziere-maas-sicherheitspolitik-nach-berlinanschlag.html. Accessed 17 July 2017

  • European Court of Justice (2017) Opinion 1/15 of the court (Grand Chamber). ECLI:EU:C:2017:592

  • European Parliament (2016) EU Passenger Name Record (PNR) directive: an overview. http://www.europarl.europa.eu/news/en/news-room/20150123BKG12902/eu-passenger-name-record-(pnr)-directive-an-overview. Accessed 12. Dec 2016

  • Knetsch M (2017) Stellungnahme zum Entwurf eines Gesetzes über die Verarbeitung von Fluggastdaten zur Umsetzung der Richtline (EU) 2016/681 {Fluggastdatengesetz - FlugDaG)

  • Münch H (2017) Anhörung des Präsidenten des Bundeskriminalamtes Holger Münch vor dem Innenausschuss des Bundestages am 24. April 2017 zum Entwurf eines Fluggastdatengesetzes (FlugDaG): Stellungnahme

  • Sander A (2017) Stellungnahme des Digitale Gesellschaft e. V. zum Entwurf eines Gesetzes über die Verarbeitung von Fluggastdaten zur Umsetzung der Richtlinie (EU) 2016/681

  • Voßhoff A (2017) Stellungnahme zum Entwurf eines Gesetzes über die Verarbeitung von Fluggastdaten zur Umsetzung der Richtlinie (EU) 2016/681 (Fluggastdatengesetz-FlugDaG)

  • Wildfang A (2017) Stellungnahme des Deutschen Richterbundes zum Referentenentwurf eines Gesetzes über die Verarbeitung von Fluggastdaten zur Umsetzung der Richtlinie (EU) 2016/681 (Fluggastdatengesetz—FlugDaG)

  • Wollenschläger F (2017) Stellungnahme zum Entwurf eines Gesetzes über die Verarbeitung von Fluggastdaten zur Umsetzung der Richtlinie (EU) 2016/681 (Fluggastdatengesetz—FlugDaG) (BT-Drs. 18/11501)

Download references

Acknowledgements

My thanks go to Eva Korte and Björn Mohr for their valuable research assistance and to two anonymous reviewers for their excellent comments.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Lena Ulbricht.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Ulbricht, L. When Big Data Meet Securitization. Algorithmic Regulation with Passenger Name Records. Eur J Secur Res 3, 139–161 (2018). https://doi.org/10.1007/s41125-018-0030-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41125-018-0030-3

Keywords

Navigation