Thu. Dec 26th, 2024

Brussels, 1 March 2024

Today, the Belgian presidency of the Council and European Parliament negotiators have provisionally agreed on two regulations that govern the collection and use of air passenger data for border management and law enforcement.

The new rules will improve the handling of advance passenger information (API) data to perform checks on passengers prior to their arrival at the EU’s external borders but also for intra-EU flights in the fight against terrorism and serious crime. They will enhance the fight against serious crime and terrorism within the EU, supplementing the processing of passenger name record (PNR) data.

Advance passenger information (API) contains identification details from the travel document and basic flight information and will be transmitted before and after take-off to authorities at the place of arrival.

A more efficient border management at airports and a strengthened information position for law enforcement authorities about people flying into and within the EU are two important benefits of the advance passenger information regulations we agreed on today.

Annelies Verlinden, Minister of the interior, institutional reform and democratic renewal

Uniform rules for data collection

The two regulations stipulate what API data air carriers must collect and transfer. API data will consist of a closed list of traveller information such as name, date of birth, nationality, type and number of the travel document, seating information and baggage information. In addition, air carriers will be obliged to collect certain flight information, for instance the flight identification number, the airport code and time of departure and arrival.

The collection and transfer of API data in principle only concerns flights that depart from outside of the EU. However, member states may decide to include intra-EU flights. Such a decision will depend on specific law enforcement needs such as a terrorist threat and must in the absence of such threat be supported by a suitably motivated risk assessment.

Better crime fighting and improved border controls

Thanks to the new regulations, law enforcement authorities will be able to combine travellers’ API data and passenger name records (PNR). The PNR is a larger set of air passenger reservation data and contains details about the itinerary of a passenger and information of the flight booking process. When used together, API and PNR are particularly effective to identify high-risk travellers and to confirm the travel pattern of suspected persons.

Also border authorities will benefit from the agreed new rules. Because they will get a more complete view of travellers arriving at airports, border authorities will be able to perform pre-checks before landing, store the data longer than is foreseen today to perform the necessary checks and as a consequence manage their border controls more efficiently.

This will strengthen border security as it should increase the chances of preventing unwanted border crossings. Passengers should benefit from shorter waiting times and smoother passport checks.

Automated data-collection

Airlines will have to collect the API data contained in travel documents by automated means (e.g. through scanning machine-readable passports). Only if an automated collection of traveller data is not possible because of technical reasons can an air carrier collect the data manually (either as part of the online check-in or the check-in at the airport). The possibility to provide data manually during the online check-in will in any case remain available during a transitional period of 2 years. Verification mechanisms will be put in place by the air carriers in order to guarantee the accuracy of the data.

Single router

In order to streamline the transmission of the API data the Council and Parliament decided to put in place a central router. This router, which will be developed by an EU agency, will receive the data collected by the air carriers and then transmit it to the relevant border management and law enforcement authorities. This router will then later also serve for the collection and transmission of PNR data.

Because air carriers will no longer have to send API data to multiple authorities this will enhance the efficiency and reduce costs of the data transfer and reduce the risk of errors and abuses.

Next steps

The agreement that was reached today will have to be confirmed by member states’ representatives (Coreper) before formal adoption in the European Parliament and in the Council.

Assito Kanko (ECR/BE) and Jan-Christoph Oetjen (RENEW/DE) are the European Parliament’s rapporteurs for both files whereas Commissioner Ylva Johansson in charge of home affairs represented the European Commission.

Source – EU Council


EU Commission welcomes political agreement on Advance Passenger Information to facilitate border management and strengthen security

 

Brussels, 1 March 2024

The Commission welcomes today’s political agreement between the European Parliament and the Council on the two Regulations on Advance Passenger Information (API), which upgrades the EU’s 20-year-old legislative framework.

Over a billion passengers enter, leave or travel within the EU every year. The increase in the volume of travel showed the need to harmonise the way API data is collected and shared throughout the EU. The new rules will make the data available more efficiently for border and law enforcement authorities, in full respect of EU data protection standards. It will strengthen the prevention, detection, investigation and prosecution of terrorist offences and serious crime, particularly on travels within the EU.

The Regulations will cover flights within, into and from the EU. In particular, the rules will introduce:

  • Uniform requirements for the collection of API data by carriers, setting a mandatory list of API data to be collected by air carriers from passengers on all flights to from and within the EU.
  • Increased quality API data: air carriers will have to collect data from passengers (family and first name, date of birth, nationality, etc.) using automated means, with manual insertions of the data in exceptional cases. This will increase the efficiency and reliability of the data collection.
  • Mandatory transfer of data to Member States: This will facilitate travel to the Schengen area, as it will reduce the time spent at disembarkation and at the physical border checks and will strengthen the fight against terrorism and serious crime within the EU.
  • More efficient transfer of data by air carriers to Member States, in full compliance with EU data protection rules: A router managed by eu-LISA will replace the current system of multiple connections between air carriers and national authorities. In addition to the transfers of API data through the router included in the Commission’s initial proposals, co-legislators agreed to extend the use of the router to the transfers of Passenger name record (PNR) data. This technical solution is compliant with personal data protection safeguards.
Next steps

The Regulations must now be formally adopted by the European Parliament and the Council before they enter into force, which will happen 20 days after publication in the Official Journal of the EU.

Background

API data is information on passengers which is contained in travel documents and is collected by air carriers during check-in. It is complemented with travel route information. This data contains information which allows to confirm the identity of passengers. The processing of API data provides a tool for border and law enforcement authorities to conduct advance checks of air travellers, so that more resources and time can be allocated to identify travellers to identify high-risk travellers and to confirm the travel pattern of suspected individuals.

In the EU, the API Directive (2004) imposes obligations on air carriers to transmit, upon request, API data to the EU Member State of destination prior to the flight’s take-off. This concerns inbound flights from a third country and aims to improve border control and fight irregular migration.

The revision of the Directive was announced in the Commission Work Programme 2022 and the June 2021 Schengen Communication. The two new Regulations will replace the 2004 Advance Passenger Information Directive, based on the results of the evaluation carried out in 2020.

For More Information

Proposal for a Regulation of the European Parliament and of the Council on the collection and transfer of advance passenger information (API) for facilitating external border checks

Proposal for a Regulation of the European Parliament and of the Council on the collection and transfer of advance passenger information (API) for the prevention, detection, investigation and prosecution of terrorist offences and serious crime

Passenger Data – European Commission (europa.eu)

Quotes

Today’s agreement strengthens our borders. We are implementing a transparent system that safeguards both the EU and our citizens’ data. This means border guards and law enforcement will have clearer insights into everyone arriving on EU-bound flights. With the new Advance Passenger Information rules, we’re tackling security challenges head-on and closing loopholes that criminals exploit.

Ylva Johansson, Commissioner for Home Affairs
Source – EU Commission

Forward to your friends