On Friday 1 March, negotiators from the Belgian Presidency of the EU Council and the European Parliament reached a political agreement on new rules for the collection of Advanced Personal Information (API) by air carriers (see EUROPE 13302/13).
More specifically, the European Parliament and the Council have reached agreement on two new European laws reforming the collection and transfer of Advance Passenger Information (API). The two regulations are aimed at strengthening security at the EU’s external borders and reinforcing the prevention and fight against crime by making the collection of API data mandatory and consistent in all Member States, explains the European Parliament in a press release.
The new rules will require airlines to systematically collect and transmit passenger data to the relevant authorities.
The rules will apply to flights arriving in an EU country from a third country and, for law enforcement purposes, also to flights departing from an EU country. In the latter case, Member States that have chosen to apply the existing Passenger Name Record (PNR) rules, which collect more precise data, may choose to apply the rules to selected flights within the EU, on the basis of foreseeable terrorist threats or other objective criteria.
The data collected will include the passenger’s name, date of birth, nationality, passport details and flight information. It will be transmitted automatically via a single router, which will also become the mandatory means of transmitting PNR data.
The collection of API data will not oblige airlines to check travel documents before boarding, for example when travelling within the Schengen area.
The data will be kept for 48 hours, and a further 48 hours if a passenger fails to appear at a scheduled border crossing point or to undertake a journey. MEPs also obtained provisions prohibiting the profiling of individuals. (Original version in French by Solenn Paulic)