India Customs requires pax PNR data to be handed over
Aug 9, 2022, 6:50 am
#1
Moderator: Lufthansa Miles & More, India based airlines, India, External Miles & Points Resources
Original Poster
Join Date: Dec 2002
Location: MUC
Programs: LH SEN
Posts: 48,182
India Customs requires pax PNR data to be handed over
It seems customs has set up a 'National Customs Targeting Centre-Passenger' and now wants the PNR of every pax travelling to/from India to be transmitted to them within 24h before departure from India (or at departure to India) for analysis.
Content of the dataset:
See attached gazette notification. Fun times... I wonder what will happen if there is a data leak...
Content of the dataset:
List of passenger name record information fields
1. PNR record locator code.
2. Date of reservation/issue of ticket.
3. Date(s) of intended travel.
4. Name(s).
5. Available frequent flyer and benefit information (i.e., free tickets, upgrades, etc.).
6. Other names on PNR, including number of travellers on PNR.
7. All available contact (email, telephone number, mobile number information (including originator
of reservation)).
8. All available payment/billing information (e.g. credit card number).
9. Travel itinerary for specific PNR.
10. Travel agency/travel agent.
11. Code share information (e.g., when one air carrier sells seats on another air carrier's flight).
12. Split/divided information (e.g., when one PNR contains a reference to another PNR).
13. Travel status of passenger (including confirmations and check-in status).
14. Ticketing information, including ticket number, one-way tickets and Automated Ticket Fare
Quote (ATFQ) fields.
15. Baggage information.
16. Seat information, including seat number.
17. General remarks including Other Service Indicated (OSI), Special Service Indicated (SSI) and
Supplemental Service Request (SSR) information.
18. Any collected APIS information (e.g., Advance Passenger Information (API) that is initially
captured by an air carrier within its PNR, such as passport number, date of birth and gender).
19. All historical changes to the PNR listed in numbers 1 to 18.
1. PNR record locator code.
2. Date of reservation/issue of ticket.
3. Date(s) of intended travel.
4. Name(s).
5. Available frequent flyer and benefit information (i.e., free tickets, upgrades, etc.).
6. Other names on PNR, including number of travellers on PNR.
7. All available contact (email, telephone number, mobile number information (including originator
of reservation)).
8. All available payment/billing information (e.g. credit card number).
9. Travel itinerary for specific PNR.
10. Travel agency/travel agent.
11. Code share information (e.g., when one air carrier sells seats on another air carrier's flight).
12. Split/divided information (e.g., when one PNR contains a reference to another PNR).
13. Travel status of passenger (including confirmations and check-in status).
14. Ticketing information, including ticket number, one-way tickets and Automated Ticket Fare
Quote (ATFQ) fields.
15. Baggage information.
16. Seat information, including seat number.
17. General remarks including Other Service Indicated (OSI), Special Service Indicated (SSI) and
Supplemental Service Request (SSR) information.
18. Any collected APIS information (e.g., Advance Passenger Information (API) that is initially
captured by an air carrier within its PNR, such as passport number, date of birth and gender).
19. All historical changes to the PNR listed in numbers 1 to 18.
Aug 10, 2022, 12:54 am
#2
Join Date: Feb 2008
Location: US/TYO/LON
Programs: Marriott Titanium; Hyatt Globalist
Posts: 411
This is absolutely mad, and beyond onerous. Also what business is it of the government to receive: "8. All available payment/billing information (e.g. credit card number)."
I can imagine IATA pushing back on this some.
I can imagine IATA pushing back on this some.
Aug 10, 2022, 2:39 am
#4
Moderator: Lufthansa Miles & More, India based airlines, India, External Miles & Points Resources
Original Poster
Join Date: Dec 2002
Location: MUC
Programs: LH SEN
Posts: 48,182
Nope, they have an API for that for authorities to use: https://www.iata.org/en/publications...toolkit/#tab-3
The CBIC notification clearly references the PNRGOV edifact system, so they clearly know what they are asking for. I suppose the US govt was a pioneer in this kind of data suck post 9/11, now the other govts are following suit. The EU gave massive opposition to their citizens data being used like this and the US had to find a common understanding about it before airlines were allowed to give out such data. Curious if the GoI has even understood this.
The CBIC notification clearly references the PNRGOV edifact system, so they clearly know what they are asking for. I suppose the US govt was a pioneer in this kind of data suck post 9/11, now the other govts are following suit. The EU gave massive opposition to their citizens data being used like this and the US had to find a common understanding about it before airlines were allowed to give out such data. Curious if the GoI has even understood this.
Aug 10, 2022, 5:20 am
#6
Moderator: Lufthansa Miles & More, India based airlines, India, External Miles & Points Resources
Original Poster
Join Date: Dec 2002
Location: MUC
Programs: LH SEN
Posts: 48,182
The EU regulation provides some insight what is given out:
https://home-affairs.ec.europa.eu/po...-record-pnr_en
Since the Indian initiative on this comes from the finance ministry, one can safely assume that this is to check for use of black money. Somebody sponsoring about 100 people to fly to eg Dubai and celebrate a wedding there paid in cash will probably pop up in the datamining the IT dept does. Airline tickets is a piece in the puzzle.
https://home-affairs.ec.europa.eu/po...-record-pnr_en
What kind of information is contained in PNR?
The content of PNR data varies depending on the information given by the passenger and may include, for example:- dates of travel and travel itinerary,
- ticket information,
- contact details like address and phone number,
- travel agent,
- payment information,
- seat number and baggage information.
Why is this useful?
The analysis of PNR data can provide the authorities with important elements from a criminal intelligence point of view, allowing them to detect suspicious travel patterns and identify associates of criminals and terrorists, in particular those previously unknown to law enforcement. Accordingly, the processing of PNR data has become a widely used essential law enforcement tool, in the EU and beyond, to prevent and fight terrorism and other forms of serious crime, such as drugs-related offences, human trafficking, and child sexual exploitation.
Aug 10, 2022, 11:48 am
#7
Suspended
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 102,095
They want to be more like the US with how US DHS/CBP does things. The Indian Home Ministry wants this more than the Finance Ministry, but both are in on it. It’s just customs happens to be part of Finance still in India.
This data will almost certainly be shared with some foreign governments, at least at times; and, the Chinese will get it other ways too. The amount of Indian data already accessible to China is rather amazing already — this will just make life easier for the PRC.
Indian “black money” used to pay for big fat foreign wedding jaunts won’t be generally stopped by this kind of thing. Also, not all card payments shown on India-ticketed PNRs are personal card payments.
The classical tyrannies of ancient times came riding in on the back of the demos. Millenia later, not much has changed in that regard. But now it’s India seeing how that goes and what it means for privacy and other rights in the face of government ”toughs” being “tough” to supposedly oppose civilian thuggery.
The EU countries are on board PNR harvesting for “intelligence” purposes too. The privacy stand they used to have is now a laughing joke too — they did it themselves.
This data will almost certainly be shared with some foreign governments, at least at times; and, the Chinese will get it other ways too. The amount of Indian data already accessible to China is rather amazing already — this will just make life easier for the PRC.
Indian “black money” used to pay for big fat foreign wedding jaunts won’t be generally stopped by this kind of thing. Also, not all card payments shown on India-ticketed PNRs are personal card payments.
The EU countries are on board PNR harvesting for “intelligence” purposes too. The privacy stand they used to have is now a laughing joke too — they did it themselves.
Last edited by GUWonder; Aug 10, 2022 at 12:02 pm