Air passenger data: Council and European Parliament reach provisional agreement to increase security and enhance border management

Today, the Belgian presidency of the Council and European Parliament negotiators have provisionally agreed on two regulations that govern the collection and use of air passenger data for border management and law enforcement.

The new rules will improve the handling of advance passenger information (API) data to perform checks on passengers prior to their arrival at the EU’s external borders but also for intra-EU flights in the fight against terrorism and serious crime. They will enhance the fight against serious crime and terrorism within the EU, supplementing the processing of passenger name record (PNR) data.

Advance passenger information (API) contains identification details from the travel document and basic flight information and will be transmitted before and after take-off to authorities at the place of arrival.

« A more efficient border management at airports and a strengthened information position for law enforcement authorities about people flying into and within the EU are two important benefits of the advance passenger information regulations we agreed on today. »
Annelies Verlinden, Minister of the interior, institutional reform and democratic renewal Uniform rules for data collection

The two regulations stipulate what API data air carriers must collect and transfer. API data will consist of a closed list of traveller information such as name, date of birth, nationality, type and number of the travel document, seating information and baggage information. In addition, air carriers will be obliged to collect certain flight information, for instance the flight identification number, the airport code and time of departure and arrival.

The collection and transfer of API data in principle only concerns flights that depart from outside of the EU. However, member states may decide to include intra-EU flights. Such a decision will depend on specific law enforcement needs such as a terrorist threat and must in the absence of such threat be supported by a suitably motivated risk assessment.
Better crime fighting and improved border controls

Thanks to the new regulations, law enforcement authorities will be able to combine travellers’ API data and passenger name records (PNR). The PNR is a larger set of air passenger reservation data and contains details about the itinerary of a passenger and information of the flight booking process. When used together, API and PNR are particularly effective to identify high-risk travellers and to confirm the travel pattern of suspected persons.

Also border authorities will benefit from the agreed new rules. Because they will get a more complete view of travellers arriving at airports, border authorities will be able to perform pre-checks before landing, store the data longer than is foreseen today to perform the necessary checks and as a consequence manage their border controls more efficiently.

This will strengthen border security as it should increase the chances of preventing unwanted border crossings. Passengers should benefit from shorter waiting times and smoother passport checks.
Automated data-collection

Airlines will have to collect the API data contained in travel documents by automated means (e.g. through scanning machine-readable passports). Only if an automated collection of traveller data is not possible because of technical reasons can an air carrier collect the data manually (either as part of the online check-in or the check-in at the airport). The possibility to provide data manually during the online check-in will in any case remain available during a transitional period of 2 years. Verification mechanisms will be put in place by the air carriers in order to guarantee the accuracy of the data.
Single router

In order to streamline the transmission of the API data the Council and Parliament decided to put in place a central router. This router, which will be developed by an EU agency, will receive the data collected by the air carriers and then transmit it to the relevant border management and law enforcement authorities. This router will then later also serve for the collection and transmission of PNR data.

Because air carriers will no longer have to send API data to multiple authorities this will enhance the efficiency and reduce costs of the data transfer and reduce the risk of errors and abuses.
Next steps

The agreement that was reached today will have to be confirmed by member states’ representatives (Coreper) before formal adoption in the European Parliament and in the Council.

Assito Kanko (ECR/BE) and Jan-Christoph Oetjen (RENEW/DE) are the European Parliament’s rapporteurs for both files whereas Commissioner Ylva Johansson in charge of home affairs represented the European Commission. Source: European Commission