EU’s PNR Directive Tightens Security for Travelers

The European Parliament and Council PNR (Passenger Name Record) Directive, being adopted across the EU, will require travelers to provide detailed personal information ahead of travel, while airlines will be obliged to transfer to member states the PNR data they have collected.

In this direction, EU members must set up entities responsible for the storage and processing of PNR data, called Passenger Information Units by May 2018.

More specifically, the PNR Directive foresees that air carriers must transfer PNR data to EU states; EU members must set up “Passenger Information Units” responsible for collecting, storing and processing the PNR data received from the airline as well as comparing the data against relevant law enforcement databases; EU counties must name the authorities which can request or receive PNR data; PNR data or the result of its processing can be exchanged between EU states and Europol.

The directive applies to extra-EU flights but EU states can decide to apply it to intra-EU flights, or to select intra-EU flights, subject to a notification to the Commission.

PNR data must be deleted after five years. The processing of data that could reveal a person’s race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sexual life or sexual orientation is prohibited.

Meanwhile, travelers will be required to provide the following information under the PNR Directive:
– Full name
– Address and contact information including phone number and e-mail address
– Date of booking / issue of ticket
– Scheduled date (s) of travel
– All payment details including billing address
– Travel agent / travel agent who issued the ticket
– Passenger’s travel history including booking confirmations, ticket checks, passenger arrival information, or ticket last-minute purchase
– Information on unaccompanied minors under 18 including name and sex of minor, age, language or languages spoken, name and contact details of the guardian on departure and relationship with the minor, name and contact details of guardian arrival and relationship with the minor, departure and arrival agent
– Ticket information including ticket number, date of issue, single-pass tickets and Automated Ticket Fare Quote
– Seating number and relevant data
– Shared code data
– All baggage information

The directive is aimed at preventing, detecting and investigating terrorism and other forms of crime including drugs and human trafficking, child sexual exploitation, among others.