This Regulation establishes a new EU-wide system for collecting and transferring advance passenger information (API) from air carriers to law enforcement authorities for preventing and investigating terrorist offences and serious crime. It creates a centralized router managed by eu-LISA to facilitate secure data transfer between airlines and national Passenger Information Units (PIUs).The Regulation has 9 chapters covering: general provisions, data collection and transfer rules, router operations, data protection, governance structure, supervision and penalties. Key structural elements include detailed requirements for automated collection of passenger data, strict data protection safeguards, and establishment of national supervision authorities.The main provisions include:
– Mandatory automated collection of specific API data elements by airlines
– Creation of a central EU router for secure data transmission
– Strict data protection requirements and safeguards
– Establishment of national API supervision authorities
– Penalties of up to 2% of global turnover for serious violations
– Regular evaluation and reporting requirements
– Selective approach for intra-EU flights based on risk assessmentThe Regulation will apply from 2027 for API data and 2029 for PNR data, with some provisions applying earlier to enable system development. It complements existing EU rules on passenger name records (PNR) while establishing a distinct legal framework specifically for API data collection and transfer.
Leave a comment
