The European Travel Agents’ and Tour Operators’ Associations (Ectaa) has called on the Spanish government to postpone new regulations which will require travellers to provide extensive personal data in order to visit.
The regulations, officially called Royal Decree 933/2021, are due to be implemented from Monday, December 2, and will require travel firms including hotels to collect data including phone numbers, email addresses, details of family relationships and some payment details.
Ectaa, which represents associations within the EU, and three Spanish travel and tourism associations said the “Big Brother” decree should be “suspended and revised”. They added the rules would require the submission of more than 40 pieces of information for accommodation bookings and more than 60 for car hire contracts.
The decree was created by Spain’s Ministry of the Interior with the aim of improving security and providing the police with more information about those arriving in and travelling through Spain.
However, Ectaa and the travel associations said the rules were “excessive and could violate data protection regulations”, pointing to opposition from the Spanish parliament and senate.
A statement said: “The majority of the Spanish congress approved, on October 23, a proposition demanding that the Spanish government reopen negotiations and postpone its implementation.
“Additionally, on November 20, the Spanish senate also rejected this regulation by a majority vote.
“However, the Spanish government is ignoring the majority approval in parliament and continues to provide no response to the requests for suspension and review of the regulation, maintaining the December 2 deadline for full implementation.”
It added: “The imposition of these new obligations not only represents a serious threat to the privacy of personal data, as it forces travel agencies, tourist accommodations, and car rental companies to collect and transmit to the Ministry of the Interior highly sensitive information, such as financial details, traveller relationships and even travel patterns for three years, but it also exposes citizens to potential risks of misuse of their information in the event of cyberattacks.”
Ectaa and The Corporate Association of Specialized Travel Agencies (ACAVE) said they had contacted the Spanish government and the Spanish Data Protection Agency to ask for a suspension and further clarification of the decree but had received no response.
An Abta spokesperson said: “We are aware of the proposals and have been in contact with the Spanish authorities and will update members once we have received further clarification.”
Photo: Credit: Tatohra/Shutterstock.com