What's Happening?
The European Commission has launched an infringement procedure against Spain, raising concerns about the country's practices in collecting traveller data. The Commission's issues focus on the excessive
categories of personal data collected, the broad access granted to law enforcement authorities, and the three-year data retention period mandated by Spain's Royal Decree 933/2021. The European hospitality and tourism organization, HOTREC, has expressed support for the Commission's decision, emphasizing the need for data collection measures to adhere to EU principles of necessity, proportionality, and legal certainty. HOTREC has been vocal about the administrative burden these requirements place on accommodation providers and other tourism businesses, advocating for a more balanced approach that respects privacy rights while addressing security concerns.
Why It's Important?
This legal action by the European Commission highlights the ongoing tension between national security measures and privacy rights within the EU. The outcome of this procedure could set a precedent for how EU member states balance these concerns, potentially influencing future legislation and enforcement across the region. For Spain, a negative ruling could necessitate changes to its data collection laws, impacting how tourism and hospitality businesses operate. The case underscores the importance of aligning national laws with EU directives, particularly in areas involving personal data and privacy. The decision could also affect the broader EU tourism industry, as it seeks to maintain a balance between security and privacy in a sector heavily reliant on data collection.
