© Richard


The French API-PNR programme

10th October 2018
By Christophe Hypolite, PNR Mission, General Directorate of Customs and Excise, France

The French Advance Passenger Information (API) and Passenger Name Record (PNR) programme generated considerable media coverage in the wake of the tragic events in France in early 2015. The plan to implement an automated passenger information processing system in France, however, dates back much further.

The programme began with publication of the Anti-terrorism Law – Law No.2006-64 of 23 January 2006 on combating terrorism and laying down miscellaneous provisions on security and border controls. This law transposed European Council Directive 2004/82/EC of 29 April 2004, which requires air carriers to communicate data concerning passengers travelling to a European Union (EU) border crossing point.

The European Directive focuses only on passenger data with regard to the API mechanism. The French law extends its scope and makes provision for booking system data – PNR data – to be collected and processed in order to improve border controls and combat illegal immigration and terrorism.

Though the French legislative basis governing these aims has been in place since 2006, the Government nevertheless decided to defer the setting up of the French mechanism following the European Commission (EC) proposal to establish a PNR system regulating the use of such data at European level.

A first draft of the European Council Directive was submitted on 17 November 2007. Since the proposal had not been adopted, it became obsolete on 1 December 2009 – the date the Treaty of Lisbon and a new EU institutional framework came into force. In 2010, the French Government decided that France should have an API and PNR data operating system even though a European PNR Directive had not been adopted.

A truly interministerial project

An interministerial mission formed by the Ministers for the Interior, Defence, Transport and the Budget was set up in 2011. This mission was tasked with assessing the feasibility of the project to create a Passenger Information Unit (PIU) responsible for collecting and processing passenger data on the one hand, and with preparing the corresponding invitations to tender and monitoring the public procurement process on the other. The PNR team was also to take part in the development of the national regulation and set out its reflections within a European framework characterized by the draft European PNR Directive that was still under discussion.

On 3 February 2011, the EC submitted a new Proposal for a Directive of the European Parliament and of the Council on the use of PNR data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime. In so doing, it took note of the procedural changes brought about by the Treaty of Lisbon and the reticence raised by this proposal, particularly with respect to data protection – the period of data retention and the processing of sensitive data in particular.

This PNR proposal fell within the framework of the ‘co-decision procedure,’ according to which the European Parliament and the Council of Ministers of the EU passed legislation as equals. In April 2012, the Justice and Home Affairs (JHA) Council, formed by representatives of EU Member States, reached political consensus on the proposal, which had been widely discussed by the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE).

It was subsequently rejected by the LIBE Committee in spring 2013 and was not re-examined until the renewal of the European Parliament in June 2014. Following the terrorist attacks in Paris in January and under pressure from Member States, the Parliament nevertheless signalled its wish to adopt a text before the end of 2015, though subject to a number of conditions.

Overview of the API/PNR mechanism

In order to allow Member States to establish their PNR programme without waiting for the proposal to be adopted, the EC launched a call for projects in late 2012, supported by a financial package of 50 million euro from the EC’s Prevention of and Fight against Crime (ISEC) fund. Fourteen Member States were awarded funding in September 2013, with 17.8 million euro being allotted to France, i.e. just over half the budget required to develop the mechanism.

This appropriation enabled public procurement procedures that had been launched in May 2013 to be confirmed. Two contracts were thus granted for a period of four years, up to January 2017 – one with a provider of project contracting assistance to ensure administrative support, and the other with a prime contractor to develop the data transmission information technology (IT) system per se.

In the absence of a European regulatory framework, a national legislative mechanism largely based on the draft European Directive was adopted to authorize the creation of this new system: Article 17 of the Military Planning Law for the period 2014-2019, enshrined in Article L232-7 of the Internal Security Code, thus provided for an automated API and PNR data processing system to be set up on an experimental basis until 31 December 2017.

Data is collected for all flights to and from national territory, with the exception of those connecting two points of metropolitan France. Air carriers have an obligation to communicate the data demanded on two occasions – firstly, 48 hours prior to the flight (PNR), and secondly, after flight closure (API and PNR), failing which they will be liable to a maximum fine of 50,000 euro per flight.

Sensitive data will not be processed or kept. Personal data revealing a person’s racial or ethnic origin, religious or philosophical beliefs, political opinion, trade union membership, health or sex life is therefore excluded from this automated processing.

The purposes of the processing of data are the prevention and detection of acts of terrorism, the offences referred to in Article 695-23 of the Code of Criminal Procedure – participation in a criminal organization, trafficking in human beings, illicit trafficking in arms or drugs, etc. – and acts detrimental to the essential interests of the nation.

A French Council of State Decree, adopted subsequent to the opinion issued by the ‘Commission Nationale Informatique et Liberté’ (National Commission for Information Technology and Freedoms – the French data protection authority), was published on 26 September 2014. The Decree lists the government departments authorized to query the PIU responsible for collecting, retaining and analysing data from air carriers.

The departments of the Ministries of Home Affairs, Defence and Customs will not have direct access to the data. They must go through a dedicated platform, the PIU. The latter will validate their requests before initiating the corresponding processing, and must also validate the results before they are transmitted to the requesting departments. API and PNR data will be retained for a maximum of five years, as provided for in the proposal for a European Directive.

The Decree of 26 September 2014 authorizes data to be collected from 1 January 2015. This will be done gradually: four companies – Air France, Delta Airlines, Etihad and Europe Airpost – are helping to prepare the French API-PNR programme. Twenty-six additional air carriers will be connected in 2015. Initially, only non-EU flights will be processed – around 40 million passengers per year out of a total of 100 million.

Harmonized data collection

Throughout the feasibility study, the PNR mission had extensive exchanges of views with countries that had already put national programmes in place: Canada, Australia, the United Kingdom and the United States. This exchange of knowledge was essential to allow France to cope more easily with data collection and air transport issues as a whole, without ‘reinventing the wheel.’ France also naturally took into account the standards and good practices defined by governments and industry under the auspices of the International Air Transport Association (IATA), the International Civil Aviation Organization (ICAO) and the WCO.

For data produced by departure control systems (API), the standard can be regarded as mature: a standard computer message, the PAXLST, was developed to transmit the passenger manifest. The message, which has been used in the airline industry for many years, is quite short and can be sent easily via the carriers’ traditional communication networks.

France complies with the framework defined by this standard message, but has suggested that luggage weight should be included in the list of API data – under the ‘baggage information’ category, the WCO/IATA/ICAO API guidelines currently refer only to the number of checked bags and, where applicable, the tag numbers attached to each bag. This proposal was very broadly approved by the States represented at the last meeting of the API-PNR Contact Committee established by the WCO, IATA and ICAO.

A variety of work has meanwhile guided the implementation of the system for collecting and processing booking data (PNR). This includes a checklist drawn up by the PNRGOV working group, which brings together representatives of States and airline leaders, such as air carriers, suppliers and major booking/departure control systems companies, in order to make best use of a national PNR plan. The following are some of the significant ideas set out in the checklist:

  • determination of the project sponsor or interministerial body as quickly as possible (as occurred in France);
  • precise determination of volumes, costs and budget, and whether developments will be carried out internally or externally;
  • implementation of national legislation and analysis of relations with third-party states that might restrict access to data;
  • familiarization with documentation available (on the WCO website, for example);
  • identification of data to be collected (under the standard) and the means of collecting it by proposing either a direct Internet connection, or an indirect connection using third-party infrastructure (Sita, Rockwell Collins/Arinc);
  • identification of the flights and air transport stakeholders concerned;
  • definition of a test strategy based on a personalized relationship with each company involved;
  • publication of specific documentation, and initiation of the information process with bodies representing air carriers;
  • introduction of the analysis of the quality of data received, including its monitoring and key indicators.

The API/PNR mechanism uses the PNRGOV message resulting from the work done by the PNRGOV joint industry-government working group, the purpose of which is to facilitate exchanges of information between airline booking systems and government mechanisms.

More recent, longer and therefore requiring more substantial network capacities, the PNRGOV standard has raised extra difficulties in its implementation than the PAXLST message, its API equivalent. Despite being widely promoted, industry and governments are still on a learning curve since the standard may be subject to interpretation. There are many advantages in using it, however: quicker implementation, cost control, shorter tests, and ultimately an improvement in data quality.

It should also be noted that PNR data is commercial data which is collected primarily by the industry for the industry. Consequently, only data collected for commercial purposes will be transmitted as stipulated in ICAO document 9944. In terms of connectivity, the French mechanism will offer air carriers and their providers as many options as possible for connecting to it at less cost.

Since early 2014, it has become evident among European States that have benefited from ISEC funding that there was a real risk if they worked without a common approach on the basis of regulatory documents alone. The risk also concerns the time periods and implementation costs involved for carriers and their providers if they are presented with 28 systems, which although admittedly similar, are sufficiently different to require adaptation work.

This is why France took the initiative to join several other EU Member States – Estonia, Hungary, the Netherlands, Spain, Sweden and the United Kingdom – in seeking to harmonize the collection of data. The objective was to develop a document that would supplement those referred to above and thus establish a consensual basis to be presented to the industry. The PNRGOV working group that met in April 2015 warmly welcomed the initiative and hoped the document would be included in current documentation.

France, which has taken part in the PNRGOV working group since 2013, has advised States that wish to launch their own PNR programme to join in the twice-yearly European spring and autumn discussions and the autumn discussions at the WCO as part of the work of the API-PNR Contact Committee.

Abandoning ‘traditional’ data processing

The French project will be operational in early 2016 and represents a new tool at the service of government departments. It will gradually become more powerful in accordance with the functionalities available and the carriers connected to the system.

Though initially restricted to fewer than 20 people, the French PIU will be extended to over 70 people to ensure 24-hour operation by late 2016/early 2017. It will be based close to Paris’ Charles de Gaulle Airport, and staff will be recruited from four partner administrations – Internal Affairs, Defence, Transport and Customs.

The automating of existing techniques offers real potential. Some 70% of French Customs drug seizures in the air transport sector are made thanks to passenger targeting techniques which are currently almost completely manual. The effectiveness of the controls will also be greatly enhanced, ensuring smoother passenger flows in airports.

The API-PNR system will have a number of search, targeting and sorting functionalities designed to:

  • obtain information from the passenger database on the basis of combined criteria (e.g. investigate the possibility of flights common to several members of a network known to government departments);
  • identify suspects from pre-tested standard profiles to increase effectiveness (e.g. identify people carrying drugs);
  • compare passenger data collected with data from national, European or international processing systems concerning people who are known or wanted and stolen or lost documents, and forward the results to the departments responsible for controls around airports after they have been validated by the PIU;
  • put one or more people or targets under surveillance for a given period (to ensure that a suspect does not travel abroad by air, for example).

The system will also allow each control carried out by government departments to be assessed so that a ‘white list’ of false hits can be updated, thereby ensuring that a person is not subject to a check when they take their next journey, and so that the effectiveness of the target profiles can be improved.

With respect to the Customs service, the API-PNR system will enhance performance in combating the trafficking in drugs, weapons, counterfeits and cultural goods, for example. The analysis of information will be available prior to a flight. It will be possible to ensure large-scale and very rapid identification of sensitive or illogical routes, return flights at unduly close intervals in light of the weight of a passenger’s luggage, unusual forms of payment, suspect travel agencies, etc., or a combination of these different criteria.


More information