The German government has introduced new guidelines for the authorities who now (effective 25th May, 2018) collect and store a wide variety of passenger data including reservation details, passengers personal data and booking origin.
This measure was brought on the way by the previous (and current) Merkel Administration over a year ago and already drew harsh criticism. Experts described it as too far reaching and intrusive even though many of the parameters collected there are already being collected by other countries and airlines as well.
Last April when this first became a thing German online IT magazine Heise Online (access here) wrote about it and this week the guys from Netzpolitik (see here – both sources in German only!) followed up.
The so called Fluggastdatenspeicherung (try to pronounce that if you’re not speaking German) demands that airlines save a set of data for each ticket that leaves Germany. Domestic flights are not affected by this legislation (yet).
Following information is part of the data set collected (not limited to those, there are more):
- Historical Data of the PNR
- Flight Specific Data related to individual segments
- Names of the passenger and all other individuals on the PNR
- Address and Phone Nr of the passenger and all other individuals on the PNR
- Address and Phone Nr of the destination
- Payment method
- Billing address
- Frequent Flyer Information
- Travel Agency
- Flight coupon status
- All Notes in the reservation/PNR
- Information related to ticketing
- Fare information
- Date of ticket issuance
- Seat information
- baggage tag information (registration numbers)
- Special Service Requests OSI- / SSI/SSR– (Sensitive Security Information/Special Service Requests) Elements
- possible APIS-Information (Advance Passenger Information System)
- connected reservations of Hotels, Rental Cars etc if visible in the same PNR
A lot if not all of this (and more) has been collected by countries such as the United States DHS for a long time already and even though I don’t like that random information about myself is readily available to the government but it’s travel related and really a necessary evil if you want to take the flight.
I can’t see anything wrong with travel data being available to the authorities since it’s mandatory to give most of these infos at the time you enter a foreign country.
Not sure how I feel about my own country preying on my data though. The data is being accessible to the LKA / BKA (FBI Equivalent), Verfassungsschutz (State Security), Military Counter Intelligence, Bundesnachrichtendienst (CIA Equivalent), Europol and other countries authorities.
The UK uses such a system since 2004 and it hasn’t been effective in preventing any serious security breaches. Apparently it couldn’t be prevented either that 500 islamic fighters (jihadists) were able to leave the UK and enter Syria/Iraq.
I often had PNR printouts from airlines that showed the entire reservation record such the IP address from where i booked my ticket. I’d automatically assume that whatever the airline has, various governments have it too – either voluntarily or they skim it as long as they want the data.
It’s common to leave biometric data upon entering many countries and fill in a detailed list of information such as for any Electronic Travel Authorization (USA/Canada/Australia) and especially physical visa application. So on that end there is really not much new with that.