PASSENGER DATA SYSTEM Information for air carriers and stakeholders
PASSENGER DATA SYSTEM Information for air carriers and stakeholders GENERAL INFORMATION Cross-border crime, illegal immigration and smuggling are growing problems around the world. An increasing number of states are trying to improve their acquisition of information to detect and prevent these offences. Passenger data submitted by air carriers to the authorities are an important tool. They improve passenger safety and they can be used to allow the authorities to target their resources at the prevention of terrorist offences and serious crime. For this purpose, the European Union has enacted the API Directive (2004/82/EC), the Union Customs Code (UCC) and the PNR Directive (2016/681 EU). WHAT IS THE PASSENGER DATA SYSTEM? MThe passenger data system is a technical tool for the collection of passenger information. It is used by the Police, Customs and the Border Guard in the management of their statutory duties. The passenger data system includes, for example, flight reservation and check-in details that are referred to as Passenger Name Records (PNR data) and Advanced Passenger Information (API data). Air carriers collect and store PNR data on every passenger who has reserved a flight. PNR data include, among other things, the flight reservation date, contact information, baggage information, and the available check-in or boarding information. API data include, for instance, information contained in travel documents (such as name and nationality) and information concerning the flight (such as the flight number and departure time) and the travel itinerary. In accordance with the PNR Directive, advanced passenger information (API) is also part of PNR data in this context. The obligation to communicate PNR data does not affect the API Directive 2004/82/EC, the obligation of carriers to communicate passenger data, the Schengen Borders Code (EU) 2016/399, or the application of national legislation in the field of border control.
JUDICIAL GROUNDS WHICH LEGISLATION IS THE ADOPTION OF THE PASSENGER NAME RECORD SYSTEM BASED ON?SSENGER NAME RECORD BASED ON? On the basis of national legislation, authorities are currently entitled to obtain, in order to perform their duties and maintain their personal data files and non-disclosure provisions notwithstanding, the necessary information from registers to prevent crimes, in the manner agreed with the relevant data controller. ¹ The purpose of the PNR Directive is the prevention of terrorist offences and serious crime, and it provides for the transfer by air carriers of the passenger name record (PNR) data of passengers on extra-eu flights, the processing of the data, the collection of the data, the use and retention of the data by Member States, and the exchange of the data between Member States. Finland will implement the European Union Directive on the use of PNR data as part of its national legislation in 2018. WHAT IS THE PASSENGER DATA SYSTEM NEEDED FOR? The primary purpose of the passenger data system is to provide air carriers and civil aviation authorities with a Single Window- function (the one-stop shop principle ) for the transfer of passenger data required by the PNR Directive and the authorities. The use of passenger data will primarily support the prevention of terrorist offences and serious crime the inspection and control of cross-border passenger and baggage traffic border control duties and the prevention of illegal immigration air carriers by reducing their administrative work more timely direction of t he measures the direction of measures at passengers who are in line with target selection criteria prepared in advance. The secondary purpose is to create a system whereby law enforcement authorities can observe risk factors related to travel requests for passenger data by law enforcement authorities can be answered in a consolidated manner, so that any overlapping requests can be observed. ¹ Police: Act on the Processing of Personal Data by the Police (2003/761), Section 13:16, Customs: Customs Act (1994/1466), Section 28, Border Guard: Act on the Processing of Personal Data by the Border Guard (2005/579), Section 18
WHAT HAS CHANGED? The passenger data system is a system where air carriers send passenger data required by law enforcement authorities for the performance of their statutory duties. Currently, air carriers transmit information about their passengers to the border control authority (the Border Guard)². This obligation pertains to traffic across external EU borders (in practice, all traffic other than that within the Schengen Area). by the Directive will continue to be sent to the border inspection authority. Air carriers transmit the required data to the passenger data system automatically, in accordance with the push method. This procedure is in line with the international trend regarding the exchange of passenger data between air carriers in the aviation industry and public administration (Guideline on PNR Data ICAO 2010, doc9944). The purpose of the disclosure of data is to make border inspections more efficient. The practice will not change in this context. API data specified ² Act on the Processing of Personal Data by the Police (2005/579), Sections 19-20 Finavia
PRIVACY PROTECTION When air carriers transmit the data automatically to law enforcement authorities, this will reduce the number of written requests sent by the authorities to the air carriers. Passenger data is stored for 24 hours from the arrival of the flight at the destination. Data for longer periods of time still have to be requested directly from air carriers. This is about to change because, when the PNR Directive is brought into force nationwide, PNR data can be stored in the database of the PIU for a period of five years after it has been transmitted to the Member State. Within six months of the receipt of PNR data, all passenger identification details must be depersonalised through the masking out of data elements. WHICH DEPARTURE AND ARRIVAL COUNTRIES REQUIRE PASSENGER DATA? According to the PNR Directive, air carriers must transmit data on all flights that have departed from outside of the European Union and land at an airport in Finland, and on all flights departing from Finnish airports to an airport outside of the European Union. When the PNR Directive is implemented into national legislation, the Member State may decide whether to implement this PNR Directive for intra-eu flights or to select intra-eu flights only. HOW WILL PASSENGERS PRIVACY PROTECTION BE GUARANTEED? Law enforcement authorities process passenger data in accordance with laws on the protection of personal data. A specific person in charge of privacy protection has been appointed for the processing of passenger data to ensure the provision of advice and supervision related to the matter. This individual will act as a centralised contact person in matters related to the processing of PNR data of individual data subjects by law enforcement authorities. According to the Personal Data Act, a data controller must prepare a description of the file. The passenger is entitled to know what data regarding him or her is being stored in the passenger name record, and to check that the register contains no personal data regarding him or her. Everyone is also entitled to demand that any errors be corrected and that data stored unlawfully be removed. All enquiries concerning PNR data should be submitted to the National Police Board, which acts as the data controller of the passenger name record. HOW ARE PASSENGERS INFORMED OF THE TRANSMISSION OF PASSENGER DATA? Air carriers must inform passengers of the fact that passenger data is transmitted to the authorities. Also, the Police website contains comprehensive information about the nature and purpose of use of the data collected.
Arriving and departing flights SAFE AND SMOOTH Passenger data helps law enforcemen authorities can use passenger data wh who have been denied entry to the co 1. RESERVATION 2. CHECK-IN 3. Passenger information RESERVATION When you reserve a flight, the tour operator stores certain information about you, such as your address and flight details. Airlines shall transmit this data to the passenger data system for the police when the case involves extra-eu flights. An EU Member State may also decide to apply the PNR Directive to intra-eu flights. The data is transmitted, via an encrypted connection, 24 hours before your flight departs. CHECK-IN After you have checked in, the airline transmits more details, such as your ticket and seat number and baggage information. This data is used to find risk targets among an enormous flow of passengers, for example. DEPARTURE Immediately after departed, up-to-d about passengers passenger data sy enforcement auth details are used fo immigration, amo
AIR TRAVEL t authorities prevent terrorist offences and serious crime. Competent en looking for individuals who are related to a criminal process or untry. This is how we make your journey both safe and smooth. 4. 5. DEPARTURE FLIGHT DEBOARDING AN AIRCRAFT AND CONTINUING THE JOURNEY Boarder Guard Customs Police a flight has ate information is sent to the stem for law orities. These r preventing illegal ng other things. FLIGHT During a flight, the authorities automatically analyse data on the passengers. This may result in the apprehension of persons wanted by the authorities. On the basis of this data, law enforcement authorities can make targeted additional inspections to investigate any suspected criminal activity. DEBOARDING AN AIRCRAFT AND CONTINUING THE JOURNEY After a flight has landed, targeted inspections of individuals and their baggage are carried out. This enables smoother arrival at the destination, so you can continue with your journey in a safe and efficient manner. With the support of the European Commission s Special Programme on Prevention of and Fight against Crime (ISEC) Directorate-General for Migration and Home Affairs
TECHNOLOGY AND PROCESSES HOW DO AIRLINES SEND THE INFORMA- TION TO THE PASSENGER DATA SYSTEM? Lentoliikenteen harjoittajat toimittavat tarvittavat PNR- ja API-tiedot matkustajatietojärjestelmään suojatun yhteyden välityksellä, mahdollisesti kolmannen osapuolen avulla. Tiedonsiirrossa noudatetaan Kansainvälisen siviili-ilmailujärjestö ICAO:n, Maailman tullijärjestö WCO:n ja Kansainvälisen ilmakuljetusliiton IATA:n standardeja. HOW IS THE CONNECTION BETWEEN AIR CARRIERS AND THE PASSENGER NAME RECORD ESTABLISHED? For the transmission of PNR data, an initial meeting will be arranged between law enforcement authorities, experts and air carriers. During the meeting, the (technical) consequences and legislative foundation of the transmission of data will be carefully reviewed. After this, a joint plan will be drawn up for the construction of a technical connection. Next, several test runs will be made to ensure that the correct data is transmitted and received, safely and in the appropriate format. The actual implementation of the connection will only take place after this. From the moment of implementation, passenger information collected by air carriers will be automatically transmitted to the passenger data system. The National Police Board and the relevant air carrier will draw up either an agreement or a Memorandum of Understanding (MOU) that specifies the various procedures. The technical implementation and operational administration of the passenger data system are the responsibility of the Border Guard. CAN AIR CARRIERS USE AN INTERMEDIARY FOR THE TRANSMISSION OF DATA? Air carriers can use an intermediary, such as the supplier of their reservation service or another service provider, for the transmission of data. Similarly, an intermediary operator who transmit data but does not store it can be used on the passenger data system s side. The transmission of data requested is always the air carrier s responsibility. Law enforcement authorities are preparing a specific Internet application for the transmission of data for small air carriers that cannot submit data according to the PADIS, EDIFACT or PNRGOV standard.
SIGNIFICANCE FOR AIR CARRIERS HOW DO AIR CARRIERS BENEFIT FROM THE PASSENGER NAME RECORD? Air carriers connected to the system can transmit the required information to one system (single window). The number of information requests sent directly to air carriers is expected to decrease, which will save time and money. The privacy protection of air passengers is secured, because airlines do not know whose personal data a law enforcement authority processes. ARE AIR CARRIERS UNDER AN OBLIGATION TO COLLECT PASSENGER DATA? Air carriers can only requested to submit such PNR data as they have already collected when the passenger reservation and check-in were made. ARE AIR CARRIERS RESPONSIBLE FOR INCORRECT OR INCOMPLETE DATA? Air carriers are under a statutory obligation to transmit, upon request, all PNR data at their disposal to the authority specified in the law. Air carriers are not responsible for the accuracy of the data they send. However, air carriers are responsible for ensuring that the data has been sent in the correct format. The Police may obligate air carriers to transmit passenger data within the relevant deadline. The Police can impose a conditional fine to enforce compliance.
WHEN, AND HOW OFTEN, SHOULD AIR CARRIERS TRANSMIT ( PUSH ) THE DATA REQUESTED? The transmission of passenger data occurs in the following manner: API data: A one-time transmission on flights arriving in Finland within 15 minutes of off blocks, i.e. the moment when the aircraft begins to taxi from the gate. If the air carrier finds it easier to transmit the data on two occasions, once after the check-in and the second time after the aircraft has left the gate, this is also permitted. DO AIR CARRIERS INCUR COSTS FROM THE TRANSMISSION OF PASSENGER DATA? Airlines may incur costs from the submission of passenger data, for example, if a third party is used to transmit messages on behalf of the airline. The level of costs depends on several factors, such as the number of flights operated by an airline to and from Finland (and the ensuing number of messages). Airlines are responsible for costs arising from the transmission of passenger data. However, airlines are expected to generate savings as the number of direct requests for data received by them will decrease. PNR data For flights arriving in Finland and departing from here, 24 hours before the flight departs and 15 minutes after the departure.
WILL AN INTERACTIVE API SYSTEM (IAPI) BE ADOPTED IN THE FUTURE? At the moment, the features of the passenger data system do not include an interactive API system where the airline could ensure, before departure, whether it could take a certain passenger on a flight. This feature may be included in the system in the future. IS THE CARRIER RESPONSIBLE FOR RETURNING PASSENGERS? The implementation of the PNR Directive does not change an air carrier s obligation, under the Aliens Act, to check documents or the obligation to return third-country nationals related to arrival in the country. These obligations are still related to traffic across external borders only. If a passenger is refused entry to the country and deported at the border (either on the basis of passenger data transmitted by an air carrier or for another reason), the air carrier is obliged to transport the passenger back to the country of departure and to pay for the costs arising from this. Finavia
FURTHER INFORMATION police.fi/passengerinformation tulli.fi raja.fi With the support of the European Commission s Special Programme on Prevention of and Fight against Crime (ISEC) Directorate-General for Migration and Home Affairs 2016