In order to provide a defined framework for collection of specified details relating to international passengers travelling by Air, the Passenger Name Record Information Regulations, 2022 (the ‘Regulations’) were notified on 08th August, 2022. These regulations are meant to enhance detection, interdiction and investigative capabilities of Customs Authorities using non-intrusive techniques for combating offences related to smuggling of contraband such as narcotics, psychotropic substances, gold, arms & ammunition etc. that directly impact national security. This mechanism is being widely used by border management agencies of several administrations.
The salient points of the Regulations are as under:
- The Regulations require the operator of Aircrafts (i.e airlines) to transmit specified information electronically to the designated Customs System. Passengers are not required to individually submit any information to Customs, neither do they need to furnish any additional information to the Airlines on account of these regulations. Airlines are already collecting this information under the aegis of the Chicago Convention on International Civil Aviation.
- The data exchange between the Airlines and the Customs Systems is through the PNRGOV EDIFACT message format. This is a standard electronic message format endorsed jointly by the World Customs Organisation (WCO), International Civil Aviation Organisation (ICAO) and the International Air Transport Association (IATA) and is widely used internationally.
- Although some data elements included in the Regulations are available from other sources, the objective of these regulations is to obtain this data in advance of departure or arrival of the passengers for analytics by the Customs Risk Management System.
- The information collected is subject to strict information privacy and data protection and there are adequate legal and administrative safeguards built in. Processing of the information to reveal ethnicity, race, religious or philosophical beliefs, health etc. is strictly prohibited. Hardware and software necessary for data protection has already been envisaged. The information received is used for further processing only by a senior officer of the rank of Principal Additional Director General/Additional Director General.
- In normal course, the data collected is stored only for five years after which it is disposed of by depersonalisation or anonymisation. The Regulations provide for an extensive and independent system audit and security audit to prevent misuse of the information.
The Regulations strike a good balance between the needs of privacy and the imperatives of security. The Central Board of Indirect Taxes & Customs is committed to work with all stakeholders to enable a smooth transition and implementation of these regulations