Airlines Mandated To Share International Travellers’ Data With Customs Department: Find Out Why?

Airlines will have to mandatorily provide details of all international passengers to the Customs department for preventing and prosecuting offences under the Customs Act, 1962.

Purpose

The information may be collected for “risk analysis of passengers” for the purpose of “prevention, detection, investigation and prosecution of offences under the Act [Customs Act, 1962].”

In particular, the data could be used to combat offences related to smuggling of contraband such as narcotics, psychotropic substances, gold, arms and ammunition, etc, that directly impact national security

Applies to all international flights

The data can be shared with any law enforcement agency, government departments within or outside India.

Every airline will have to transfer the “passenger name record information” from their reservation system to the database of the Customs department for every international flight departing from or arriving in India.

What data can be shared?

Shareable information includes: 

• PNR (Passenger Name Record) locator code
• Date of reservation
• Date of intended travel
• Frequent flyer and information on other benefits such as free tickets and upgrades
• All available contact information
• Billing information including credit card number, travel agency or agent
• Seat information 
• History of changes to the PNR

Non-compliance penalty

These will have to be shared at least 24 hours before departure

Failure to comply will invite a minimum penalty of ?25,000 and maximum of ?50,000 for every act of non-compliance.

Data disposed after 5 years

Such data will be kept for a maximum period of five years after which it will be disposed of through depersonalisation or anonymisation.

However it can be brought back when used in connection with an identifiable case, threat or risk for the specified purposes.

Data privacy

On the topic of data privacy, the rules say that it should be subject to “the provisions of any law for the time being in force”.

Such data will only be “received, stored, processed and disseminated in a secure system accessible only to the duly authorised officers by establishing robust procedure”.