The European Commission has launched formal infringement proceedings against Spain over its controversial tourist registration system.
Brussels believes parts of the rules may breach European data protection laws.
The move is a major development for Spain’s tourism industry. Hotels, travel agencies and other businesses have criticised the regulations since they were introduced.
The EU formally notified the Spanish government on 4 June. The letter marks the first stage of a potential legal process.
Why Brussels is concerned
The dispute centres on Royal Decree 933/2021.
The law requires accommodation providers, car hire companies, travel agencies and booking platforms to collect and store extensive information about travellers.
According to the European Commission, some of the requirements may go beyond what is necessary for public security.
Brussels has raised concerns about:
- The amount of personal data collected
- The inclusion of payment information
- Data being stored for up to three years
- Access to the information by public authorities
The Commission is also examining whether the rules comply with the EU principle of data minimisation.
Under this principle, organisations should only collect information that is strictly necessary.
Tourism industry welcomes the decision
Spain’s hotel and travel sectors have welcomed the Commission’s intervention.
The Spanish Confederation of Hotels and Tourist Accommodation (CEHAT) says it has raised concerns about the system for years.
The organisation argues that the rules create unnecessary administration for businesses. It also says they increase cybersecurity risks.
Meanwhile, the Business Federation of Territorial Associations of Spanish Travel Agencies (FETAVE) has also welcomed the decision.
FETAVE is currently integrating with UNAV. The organisation says Brussels has now raised many of the same concerns it highlighted in 2023.
Industry representatives argue that companies must store large amounts of sensitive customer information. They say this increases costs and creates additional security risks.
Long-running controversy
The regulations have faced criticism since they were approved.
Tourism organisations say the government introduced the rules without fully considering how the industry operates.
They also argue that the system collects information from millions of travellers regardless of whether there is a specific security risk.
As a result, critics believe the requirements go further than necessary.
What happens next?
Spain now has two months to respond to the Commission’s observations.
If Brussels is not satisfied with the reply, the case could move to the next stage of the infringement process.
The dispute could eventually reach the Court of Justice of the European Union.
For now, the procedure remains at an early stage.
However, the opening of formal proceedings places Spain’s tourist registration system under increased European scrutiny.
What does this mean for travellers?
For now, nothing changes for visitors to Spain.
Hotels, holiday accommodation providers, car hire companies and travel agencies must continue collecting the required information.
The current rules remain in force.
However, the Commission’s intervention raises fresh questions about the future of Spain’s traveller registration system.
Both the tourism industry and the Spanish government will now be watching closely as the legal process unfolds.
Let Bridging the Gap help you navigate through more Costa Blanca Red Tape.
