Passenger Name Records & Advanced Passenger Information: data privacy concerns identified and resolved

by Charles De Couessin

PNRstoryOver the last decade we have witnessed an optimisation of airport control procedures, including online check-in, eGates, and automated boarding. Despite these innovations, airport security screening itself remains a tedious process, with all passengers undergoing similar controls, whatever their category of risk or whichever travel scheme they are part of. Aviation stakeholders have deplored the fact that travellers’ experiences are negatively impacted during the airport controls, that they have less time to spend in retail areas and that throughput rates can, at times, result in flight delays.

Conferences and working groups have highlighted the shortcomings of a procedure which is unsuited to the anticipated growth in air traffic and does not exploit the data which passengers provide to reservation systems when booking their flights and to operators during the check-in process, whether it be in person, at the airport or via internet.

The 37th ICAO General Assembly (October 2010) recommended that industry and government representatives work on the concept of a new checkpoint based on the exploitation of passengers data to assess their potential risk, with the view to updating Annex 172. IATA and the Airport Council International have formed expert groups to assess how various technologies and procedures could be combined for the provision of a less invasive security check for ‘bona fide’ travellers.

The aviation industry anticipates a need to implement new tools upstream to the airport terminal which is still considered as the ‘the last line of defence’. But, what would be the role of API and PNR programmes in the view of a ‘risk based’ approach which aims to simplify procedures for ‘bona fide’ passengers, while tightening the screening of travellers who have a higher attributed risk?
Does such data represent an isolated piece of a more complex puzzle? And if this is the case, what will be the final outcomes of data processing: alleviating the burden of airport checkpoints or facilitating border crossing procedures? Is it possible to transpose the procedures currently implemented for automating border management processes?

PNRstoryGatesUnder the banner of ‘SmartS’, IATA and ACI are now involved in a new approach which aims to take into account the notion of passengers’ risk. The concept is simple: the majority of passengers are ‘bona fide’ who desire an efficient and comfortable travel experience. Data processing should be carried out upstream to attribute a certain risk level; however, all travellers will undergo a security check which varies depending on a risk indicator.