Keeping our borders safe

Annex 9 and Passenger Data Exchange Systems

The pandemic has had an impact on every area of aviation.  Throughout the response, the importance of Annex 9 Facilitation and ICAO’s Facilitation Programmes has been underlined, given that they address the varied, but interrelated, interests of Member States, aircraft and airport operators, and customers in a coordinated manner, while working towards achieving more efficient and orderly air transportation. Facilitation contends with external challenges that include threats to security, illegal migration, travel document fraud, narcotics trafficking, and the spread of contagious disease.

States of the ICAO European and North Atlantic (EUR/NAT) Regions expressed the need to organize a regional FAL implementation seminar to inform and update States about the latest developments of Annex 9 and current key issues while offering an exchange of best practices between States, global and regional organizations, and the industry.

Cornelia Ludorf, Regional Officer of Aviation Security and Facilitation at ICAO EUR/NAT

In close cooperation with ICAO Headquarters, the EUR/NAT Office conducted the seminar from 20 to 23 April as a virtual event. It was held in English and Russian languages to offer easy participation to all States in the region. A total of 200 participants from 33 States and 7 international and regional organizations, as well as industry, attended. The seminar discussed a wide range of key issues related to Annex 9, including amendments 27 and 28, and upcoming events such as the 12th Meeting of the Facilitation Panel and the High-Level COVID-19 Conference with one stream focused on safety and the second stream on Facilitation and its role in supporting the management of the pandemic and lessons learned.

Emphasis was also given to developments in the area of electronic machine-readable travel documents, visible digital seal (VDS) and its application for testing and vaccination certificates during the COVID-19 pandemic, as well as the ICAO Public Key Directory and Master List and their importance for border control. Finally, two days were dedicated to Chapter 9 of Annex 9, Passenger Data Exchange Systems, namely Advance Passenger Information (API), Passenger Name Record (PNR) and the importance of a Single Window concept with a highlight on the implementation requirements for States. The seminar material is available on the ICAO EUR/NAT official webpage.

This edition of the EUR/NAT Newsletter will also spotlight API, PNR and the single window concept. The following articles will familiarize you with the concept and requirements (ICAO) and share experience and lessons learned from the perspective of States which have already implemented API and/or PNR and work with a single-window concept (the Netherlands and the United Kingdom). IATA will provide information regarding the role of air carriers when it comes to API /PNR data transfer and show how important close cooperation between States and industry is to enable the success of API/PNR implementation. Finally, the United Nations Countering Terrorist Travel Programme (UN CTTP) explains their support available for States that need help in implementing API and PNR.

Recent Amendments to ICAO Annex 9

Recent amendments to Annex 9 have included multiple revisions to the ICAO Standards and Recommended Practices (SARPs) related to Advance Passenger Information (API) Passenger Name Record (PNR) data systems:

Cristopher Hornek is a consultant for the ICAO Facilitation Section.

Recommended Practices (SARPs) related to Advance Passenger Information (API) Passenger Name Record (PNR) data systems.

These revisions included:

  • creating a new and separate Annex 9 chapter entitled Passenger Data Exchange Systems, including various interrelated sections pertaining to different aspects of passenger data;
  • establishing an API system as a requirement and strengthening adherence to the API Guidelines;
  • developing a robust set of SARPs for PNR implementation;
  • incorporating the Passenger Data Single Window (PDSW) facility;
  • encouraging States to implement interactive API (iAPI);
  • defining how Electronic Travel Systems (ETS) can be used in conjunction with iAPI; and
  • including a standard on API data quality related to multiple travel documents.

Passenger Data Single Window

The Passenger Data Single Window (PDSW) is a facility that allows parties involved in passenger transport by air to lodge standardized passenger information (i.e., API, iAPI and/or PNR) through a single data entry point to fulfill all regulatory requirements relating to the entry and/or exit of passengers that may be imposed by various agencies of the Contracting State. The implementation of a Single Window facility allows States to process data more efficiently, both in terms of maximizing facilitation benefits and securing border integrity.

The Single Window standard 9.1 requires States to establish only one entry point for the respective API/iAPI and PNR messages. This would mean, for example, that API/iAPI messages could be sent to one single window facility managed by one agency, while PNR data could be sent to a separately managed single window facility.

However, some States have chosen to process both API/iAPI and PNR messages in one Single Window facility, to capitalize on facilitation and border integrity benefits derived from processing all passenger data sets in one facility. This fulfills the PDSW standard, as well as the accompanying Recommended Practice 9.1.1.

Advance Passenger Information (API) systems

A large portion of the impetus for changes to API provisions resulting in Amendment 26 to Annex 9 was due to UN Security Council resolution (UNSCR) 2178 (2014).
This resulted in the two new Annex 9 Standards in relation to API systems, namely:

  • Standard 9.7 which requires each State to establish an API system. This standard relates to the implementation of a batch API; and
  • Standard 9.8 which requires that every API system be supported by appropriate legal authority and be consistent with internationally recognized standards for API.

Amendment 26 also added a new Recommended Practice encouraging States to consider introducing interactive API systems.

In the ICAO EUR/NAT region API systems have been implemented by 30 States, with one of those States also having implemented interactive API.

Passenger Name Record (PNR) data

A PNR in the air transport industry is the generic name given to records created by aircraft operators or their authorized agents for each journey booked by or on behalf of any passenger. Over the years, the number of States requesting aircraft operators to transfer PNR data to them for law enforcement and border security purposes to fight terrorism and serious crime has risen considerably. In 2017 the United Nations Security Council adopted resolution 2396 which, inter alia, urged ICAO to work with its Member States to establish a standard for the collection, use, processing, and protection of PNR data.

As a result, the ICAO Council adopted Amendment 28 to Annex 9 which includes 11 Standards and six Recommended Practices related to PNR data legal and administrative frameworks, adherence to technical specifications, law enforcement use, and most critically, data protection and privacy measures. Standard 9.24 sets the baseline commitment for States to develop the capability to collect use, process and protect PNR data.

The last three PNR standards in Chapter 9 of Annex 9 – Facilitation address mean to resolve the conflicts of laws surrounding PNR data transfer. As outlined in Standard 9.24, the suite of PNR standards are meant to be implemented as a package, in the sense that a State’s legal and administrative framework shall be consistent with all of the PNR standards in ICAO Annex 9. This concept supports the idea that the PNR Standards have also been designed to function as a global PNR framework to which all States shall align themselves.

In the ICAO EUR/NAT region, PNR data programmes have been implemented by 29 States.

Advance Passenger Information (API) in the Netherlands: Experiences from a State’s Perspective

In order to improve border controls and prevent illegal immigration airline companies are obliged to provide the authorities responsible for border control with certain personal details from all incoming passengers and cabin crew arriving from outside the Schengen and European Union area. In the Netherlands, the body responsible for guarding national borders is the Royal Netherlands Marechausee, henceforth referred to as KMar. The Netherlands implements and adheres amongst others to the requirement in the European Directive on the obligation of carriers to communicate passenger data (Directive 2004/82/EG).

Emine Kaya is API Policy Lead of Migration Policy at the Ministry of Justice and Security of the Netherlands.

The requirement concerning personal information has been transposed into the Dutch Vreemdelingenwet 2000 (Alien act). KMar receives personal details from an individual’s travel document, and these details are supplemented by information concerning the flight and the booking process. These details are known as Advance Passenger Information (API). In this context, ‘advance’ refers to the moment at which these details must be provided, namely, at the end of the boarding process.

Based on the API data, the KMar can evaluate the individuals on board a flight by checking whether any of the individuals appear in any of the various international and national detection databases, or on watchlists or match with a profile based on their personal and flight details.

This evaluation of individuals based on API data is carried out by the API Center, a component of the Targeting Center Borders. In situations where the API Center establishes that a hit has indeed been identified, it then sends instructions to the operational organization that an intervention must take place.

KMar can take action in a timely fashion due to the API data and the analysis of those data. KMar employees who are involved with border controls on a daily basis emphasize the worth and utility of API. The use of API contributes to more effective border control:

  • First of all, there is more time to compare passenger data based on databases and risk indicators as the data are available from the moment when the airplane departs. Furthermore, there is more time and opportunity to consult in the case of a so-called “hit”.
  • Secondly, the API centre can report irregularities and risks that are not examined at a border post. The API centre can, for instance, see if a passenger travels using an irregular route, or whether a passenger is accompanied by surprising or unusual travellers. These sorts of irregularities may be an indication of a heightened risk of illegal immigration, and can constitute a reason for asking the passenger pointed questions when they arrive in the Netherlands.
  • Thirdly, the API data provide added value as the control procedures at the borders are improved and made quicker as passenger details are available for examination beforehand. The controls and the entry points can be used only for the identification of passengers and the validity of their travel documents. This improves the flow of travellers and prevents long lines and waiting at the entry points, and this is an important added value for airlines and passengers. Without API, the KMar would have to compare the details of all passengers to detection databases and lists at and after the arrival of passengers in the Netherlands.

See below the table where API figures are given:

To conclude, the use of API data, as part of a broader package of European and international measures, is to strengthen the borders. These measures arise in large part due to the pointed
increase in the number of passengers entering Europe from third countries, and this trend is expected to be continued. The combination of having more passengers, as well as higher safety requirements, has triggered the search for possibilities as to checking and processing large flows of passengers, without having to make concessions regarding safety requirements and in respecting the rights of the passengers.

Processing of Advance Passenger Information (API) and Passenger Name Record (PNR) Data: Implementation in the United Kingdom
Tom Dyson is a Senior Policy Advisor for the Home Office.

Processing passenger data by the UK began in 2005 with API, PNR data from 2013 and interactive API from 2015. Ordinarily, the UK would now be processing iAPI and PNR data for more than 230M passengers annually, carried by more than 150 airlines operating more than 5,600 routes.

Passenger and crew data are received from carriers through a Data Single Window and provided once – but made available to competent authorities through the UK’s multi-agency Passenger Information Unit, the National Border Targeting Centre which comprises officers from the Border Force, Counter-Terrorism Policing and the National Crime Agency.

Data is required in a standard format, consistent with the WCO/IATA PAXLST Implementation Guide (for API) and ICAO Doc 9944 (for PNR).
Imposing requirements on carriers for standard data elements in a standard message format is critically important to manage impact on the carriers and their system providers – especially as the number of countries requiring data grows in response to UN Security Council Resolutions 2178 (2014) and 2396 (2017).

Initially, the UK’s basic requirement for API was for information in advance of arrival in the UK. Threats to aviation security from onboard attacks led the UK to introduce a No Fly Scheme and to require API in advance of departure to the UK.

The effectiveness of any passenger data processing system depends on carriers’ compliance with requirements to transfer the right data at the right time. The UK continuously monitors the transfer of data from carriers to ensure expected data is received for processing and to establish in real-time whether a data transfer has been missed or a flight has been delayed or cancelled.

Simon Watkin MBE is a Senior Policy Manager at Home Office.

The UK has a dedicated Data Acquisition and Quality Team using sophisticated analytics to monitor data received and to investigate data issues with carriers. The Team monitors requirements for the data to be:

  • Timely – is data received when required from the carrier?
  • Complete – are all mandatory data fields completed?
  • Clean – is the data correctly formatted in conformance with the PAXLST and PNRGOV standards?
  • Accurate – does the travel document information in API match the data in each travellers’ document and is the service information correct?

API is required to be completed and to be accurate. By contrast, PNR data is a business record required to be disclosed – it is only as accurate as the carrier requires for its business.

To ensure compliance with API and PNR requirements, the UK operates a financial penalty regime – but this is reserved for repeated or willful non-compliance. The UK approach to carrier engagement has consistently been collaborative and constructive engagement to resolve data issues without recourse to financial penalties. Processing of passenger data is something the UK does with the aviation industry, not to the aviation industry.

Passenger Data Programs – Key Principles and the Role of Carriers
Nuria Fermoso is the European Regional Manager of Passenger Experience and Facilitation for Europe at IATA.

The air transport industry is committed to jointly work with Governments to maintain the integrity of national borders while removing persisting inefficiencies in passenger checks, according to standard passenger data programmes (i.e., Advanced Passenger Information, API/interactive Advanced Passenger Information iAPI and/or Passenger Name Record, PNR). To this end, a set of key principles should guide authorities and other stakeholders in the development of passenger data programs: harmonization, efficiency, and cooperation.

Harmonization is vital on the legal and technical fronts. The existence of a proper legal framework considering possible data privacy elements is a must for carriers before positively responding to new programs.

Furthermore, the usage of standard data format and commonly used communication protocols is of the essence. Adherence to internationally agreed-upon standards facilitates swift and efficient implementation of border requirements, enhances interoperability, and leverages the automation of passenger-related processes.

Regarding efficiency, a cornerstone of this principle is the implementation of the Passenger Data Single Window, for a coherent and unified framework for data transfer. It allows airlines to submit standardized passenger data through a single data entry point within a state. Likewise, attention should be given to aspects such as the data elements to be required and the frequency of submission. Adhering to international guidelines while minimizing repetitive transmission is essential.

Lastly, the principle of collaboration between government agencies and transport stakeholders should be always pursued before adopting new legislation or rolling out a new programme. Engaging early with carriers, providing them with technical specifications and with flexibility according to the airlines’ varying business models & system capabilities, is paramount.

UN Countering Terrorist Travel Programme
Simon Deignan is a Programme Management Officer at the UN Countering Terrorist Travel Programme.

The Countering Terrorist Travel Programme, a flagship global initiative of the UN Office of Counter-Terrorism, assists beneficiary Member States in building their capabilities to detect and counter terrorists and serious criminals by using Advance Passenger Information (API) and Passenger Name Record (PNR) to improve the use of international databases with known and suspected terrorists and criminals, such as with INTERPOL, and enhance international information exchange, in accordance with Security Council resolutions 2178 (2014), 2396 (2017), and 2482 (2019) and relevant privacy laws.

The Secretary-General officially launched the Programme on 7 May 2019. Since then, 39 Member States officially joined the Programme, with approximately 40 more Member States indicating strong interest to do so.

In an “All-of-UN” partnership with the United Nations Counter-Terrorism Executive Directorate (CTED), the United Nations Office on Drugs and Crime (UNODC), the International Civil Aviation Organization (ICAO), the United Nations Office of Information and Communication Technology (UNOICT), and the International Criminal Police Organization (INTERPOL), the Programme comprehensively assists beneficiary Member States in legislative, operational, transport industry engagement, and technical areas. This includes the donation and deployment of the United Nations goTravel software system.

The Programme has been designed in accordance with human rights principles and United Nations policies in this regard, and is co-funded by generous contributions from the Kingdom of the Netherlands, the European Union, the United States of America, the State of Qatar, Australia, Japan, and the Republic of India.

Steven Waterman is the API/PNR Technical Officer in ICAO’s Facilitation Section.

In tandem with awareness-raising activities, CT Travel focuses on arranging and conducting prerequisite assessments of confirmed beneficiary Member States. After determining a state’s existing level of implementation, the Programme produces a roadmap for the Member State that identifies steps for implementation across the areas of work:

  • First, legislative assistance to put in place a legal framework that regulates the collection, processing and protection of data.
  • Second, technical assistance to set up a Passenger Information Unit, including training and drafting standard operating procedures.
  • Third, facilitating air carrier engagement and connectivity, thanks to close cooperation with the transport industry.
  • And fourth, providing technical support to deploy, free of charge, the goTravel software to collect and process passenger data.

Emphasis is shifting to implementation of the four areas of work of the Programme based on the needs of each beneficiary Member State as outlined in the post-assessment roadmaps. A maritime component has been added to the Programme scope to address beneficiary Member States’ need to secure coastlines, formulating recommendations and proposing a framework for each area of work of the Programme and improving future collection and analysis of passenger and crew data.

Additionally, to this national implementation, the Programme offers the formation of regional Informal Working Groups (IWG). IWGs allow states in a region to meet regularly to discuss and address common challenges and interests. This good practice brings a cross-border vision and knowledge of threats while promoting the exchange of information as well as close operational and technical collaboration between PIUs in a region.

The Programme has established the Collaborative Online Platform (COP), a password-restricted forum for Programme partners, beneficiary Member States as well as the various experts involved with the Programme. The COP currently features a wide array of resources and includes a Pool of Experts. The Pool of Experts includes international experts from ministerial/policy, legal and national detection capabilities backgrounds, including those from national competent authorities, who will – on a pro bono basis – help train, mentor and advise beneficiary Member States receiving assistance within the framework of the Programme. In addition, these experts advise, share experiences and lessons learned, and help train the PIUs or competent authorities of the Programme’s beneficiary Member States.

The Programme has finalized an entry-level training course on establishing specific governance elements to ensure institutional commitment and support for PIUs, as well as the generic Terms of Reference for PIUs. This allows the delivery of personalized SOPs for each beneficiary Member State’s PIU.

ICAO EUR/NAT DGCA Meeting – May 2021

The EUR/NAT DGCA/2021-2 meeting was held on 19 May 2021 with the main objective of presenting and discussing the CART Phase III status of implementation in the EUR/NAT Region, provide information on the digitalization of the supply chain (a joint ICAO-UNECE project) and lifting of restriction on air cargo operations (CART Recommendation 16); update the participants on the vaccination and testing certificates as well as on the recent ICAO Global Dialogue on Long-Term Aspirational Goals (LTAGs), and to discuss the preparations for the High-level Conference on COVID-19 (HLCC 2021) to be held on October 2021.

The meeting was chaired by the Director General of the Civil Aviation Authority of Portugal, Mr. Luis Ribeiro, who underlined the progress made in the EUR/NAT Region since the last DGCA meeting.

In her opening address, the ICAO Secretary General, Dr. Fang Liu, highlighted that the sustainability and prosperity of EUR/NAT States‘ economies will rely primarily on the commitment to work together to recover connections to the world, because no State can achieve this on its own. Dr. Liu also informed the meeting on the latest work in ICAO on visible document seals and on the preparation to the ICAO High Level Covid-19 Conference in October 2021.

Since this meeting was likely the last opportunity to address the EUR/NAT States as ICAO Secretary General, Dr. Liu also expressed her tremendous gratitude for the partnership and support of the EUR/NAT States throughout these past 6 years, and acknowledge, once again, the historic and ongoing contributions of the EUR/NAT States to international civil aviation.

airportsAPIaviationaviation securityCOVID-19iAPIPNRsecurity