January 2017
EU Smart Borders Package
Entry-Exit System / ETIAS / API
In April 2016, the European Commission presented the Communication “Stronger and Smarter Information Systems for Borders and Security” which establishes several key initiatives focusing on how new information systems can enhance external border management and internal security in the EU. Two of these initiatives, the Entry-Exit System (EES) and the EU Travel Authorisation (ETIAS), will require direct cooperation with the airline operators for submission of data as well as for the verification of passengers’ status before entry into the Schengen area.
The Airlines Associations, A4E (Airlines For Europe), ERA (the European Regions Airline Association), IACA (the International Air Carrier Association) and IATA (the International Air Transport Association), fully support the implementation of electronic travel systems, as they enhance border security and flight security while facilitating the identification of potentially inadmissible passengers before the boarding process[1]. It is however essential that these systems fullfill two conditions:
– Any new system implemented for border controls shall take into account the impact on facilitating passenger travel and avoid additional waiting time at airports.
– These new systems need to build upon international standard and practices and align with airlines operational systems and processes.
The EU needs to implement an interactive Advanced Passenger Information (iAPI) system which will allow validating passengers’ acceptance to travel to the EU – providing a single interface for API data submission, EES and ETIAS validation.
- 1. Impact on passenger facilitation
Global passenger traffic is expected to grow by around 5% every year, to reach around 3.8 billion by 2020. Managing this growth in passenger numbers at airports will be a huge challenge both for the industry and for governments.
The industry aims at providing an “end-to-end passenger experience that is secure, seamless and efficient”. In that regard, indicative objectives are to bring the passenger from curb to gate within 10 minutes at departure, and from the aircraft door to the taxi stand within 30 minutes at arrival.
In this context, Airlines Associations fully support the implementation of border management processes which can expedite pre-vetting and acceptance of low risk passengers.
As such, we welcome the inclusion in the amendment to Regulation 2016/399 of provisions expanding the possibility for non-EU citizens to use automated border control gates (ABC gates) as well as the proposed harmonisation at EU level of signage for ABC systems. In addition, we call upon further EU and national financial support to ensure that ABC gates are widely deployed at relevant European airports.
We regret, however, the withdrawal of the proposal on Registered Traveller Programs. We believe that such program at EU level would have allowed more passengers to go through expedited procedures at the border and to use ABC gates. Airlines advocate for mutual recognition amongst registered traveller schemes, as illustrated in IATA Recommended Practice 1701l[2] and would encourage the EU to reconsider setting such a scheme at EU level.
- 2. Need to streamline passenger data transfer requirements and verification processes
Airlines Associations fully support EU efforts to reinforce external borders controls so as to preserve Schengen’s free movement area. The implementation of electronic travel systems, such as EES and ETIAS will indeed help automating the verification of passengers’ acceptance for travel to a country and avoid transporting to EU borders potential inadmissible passengers.
Similar systems have already been implemented by the US, Australia, Canada. In all these cases, such electronic travel systems for travel authorisation or visa verification are integrated with an interactive Advanced Passenger Information (API) system, which allows airlines to automatically receive a boarding directive (OK/NOT OK) depending on whether entry requirements in the country are met or not. This also guarantees that carriers do not have access to any personal data of passengers in these EES or ETIAS databases, as noted by the European Data Protection Supervisor.
However, with the proposed approach for EES and ETIAS and in the absence of a credible implementation of API data collection systems, the EU is at risk of piling up many independent systems which will not only prevent adequate sharing of data amongst authorities, but also impose a significant burden on transport operators which will have to set-up a number of different systems to comply with these new border security requirements.
As such, Airlines Associations urge European Institutions to build upon existing international standards and practices to streamline the different passenger data exchange and verification requirements and to avoid putting in place redundant processes and requirements on passengers and travel operators.
The EU needs to implement a credible border control systems, in line with the recommendations of the UN Security Council resolution 2178/2014[3], implementing an interactive Advanced Passenger Information (iAPI) system which will allow validating passengers’ acceptance to travel to the EU – providing a single interface for API data submission, EES and ETIAS validation.
Airlines will not be able to build in their existing Departure Control Systems (DCS) three different interfaces for API, EES and ETIAS. In addition, there is no internet connection available at airport check-in counters and airlines systems are not web-based. Hence, both provisions under article 12 of EES (amending Reg. 767/2008 and Reg 1077/2011) and article 39 of ETIAS proposals will have to be built upon an interactive API systems, in line with international standards defined by ICAO Annex 9.
On this basis, Airlines Associations propose in annex to this paper some amendments to both the EES and the ETIAS proposals which, in their implementation are interdependent.
We also note that in its April 2016 Communication on Stronger and Smarter Information Systems for Borders and Security the European Commission announced a review of the 2004 API Directive. This review as well as a revision of the API Directive, mandating the implementation of an interactive API system in all Member States will be essential steps to allow airlines to comply with EES and ETIAS systems.
Failing to adopt such approach in line with international ICAO standards and practices, airlines will simply not be in a position to comply with the new verification requirements set under the EES and ETIAS regulations.
Annex
Proposed Amendments on Entry/Exit System, amending Reg. 767/2008 and Reg. 1077/2011
|
Recital a New |
|
|
|
Interoperability shall be established between EES and national Advance Passenger Information systems established in each Member State, as per Directive 2004/82. |
|
Recital aa New |
|
|
|
Carriers shall be informed on whether or not third country nationals holding a single or double entry visa have already used the visa through an OK/NOT OK answer conveyed through the Customs Response Message (CUSRES) message in the interactive Advance Passenger Information (API) system. The Commission shall adhere to the standards and recommended practices established in the International Civil Aviation Organisation (ICAO) Annex 9 of the Convention on International Civil Aviation to ensure that EES system is compatible with the established API systems. |
Justification:
The status of a traveler with regards to the validity of his travel document and visa shall be communicated to carriers through a message sent as part of each national API system. Such system is already in place in the UK and should be imposed in all EU Member States. This will ensure that information is consolidated at national level, including information from relevant national and European databases, and that one single message regarding the status of the traveler is sent back to the carriers
|
Article 12 para. 2 |
|
|
Carriers may use the secure internet access to the web service referred to in paragraph 1 to verify whether or not third country nationals holding a single or double entry visa have already used the visa. The carrier shall provide the data listed in Article 14(1)(d). The web service shall on that basis provide the carriers with an OK/NOT OK answer. Carriers may store the information sent and the answer received. |
Carriers shall be informed whether or not third country nationals holding a single or double entry visa have already used the visa by an OK/NOT OK answer conveyed through the CUSRES message of an interactive API system. Carriers may store the answer received. |
Justification:
Carriers do not need to have access to the EES database. Carriers only need information from border authorities on the validity of the traveller’s document of identity. Carriers would only submit API data to national authorities as part of the existing requirement to transfer API data for each passenger under Directive 2004/82 and receive an OK/NOT OK answer as part of the CUSRES message.
Proposed Amendments on the European Travel Information and Authorisation System (ETIAS)
|
Recital 31 |
|
|
Prior to boarding, air and sea carriers, as well as carriers transporting groups overland by coach should have the obligation to verify if travelers have all the travel documents required for entering the territory of the Member States pursuant to the Schengen Convention. This should include verifying that travelers are in possession of a valid travel authrosation. The ETIAS fil itself should not be accessible to carriers. A secure internet access, including the possibility using mobile technical solutions, should allow carriers to proceed with this consultation using travel document data. |
Prior to boarding, air and sea carriers, as well as carriers transporting groups overland by coach should have the obligation to verify if travelers have all the travel documents required for entering the territory of the Member States pursuant to the Schengen Convention. Carriers shall be informed that travelers are in possession of a valid travel authorization by an OK/NOT OK answer conveyed through the CUSRES message of an interactive API system. The ETIAS fil itself should not be accessible to carriers. |
|
Recital 31a New |
|
|
|
Interoperability shall be established between ETIAS Central System and national Advance Passenger Information systems established in each Member State, as per Directive 2004/82. The Commission shall adhere to the standards and recommended practices established in the International Civil Aviation Organisation (ICAO) Annex 9 of the Convention on International Civil Aviation to ensure that ETIAS Central System is compatible with the established API systems. |
Justification:
As it is the current established practice in the US, Canada and Australia, carriers receive a message OK/NOT OK regarding the validity of the passengers’ travel authorization through the interactive API system. This is a well established practice recognized in ICAO Annex 9 standards and recommended practices. ICAO, through its Facilitation Panel, is actually considering enhancing existing provisions on electronic travel systems to ensure that they are built in interactive API systems.
|
Article 39 Access to data for verification by carriers |
|
|
1. In accordance with Article 26 of the Convention Implementing the Schengen Agreement carriers shall consult the ETIAS Central System in order to verify whether or not third country nationals subject to the travel authorisation requirement are in possession of a valid travel authorisation. |
1. In accordance with Article 26 of the Convention Implementing the Schengen Agreement carriers shall be informed on whether or not third country nationals subject to the travel authorisation requirement are in possession of a valid travel authorisation by an OK/NOT OK answer conveyed through the CUSRES message of an interactive API system. Carriers may store the answer received. |
|
2. A secure internet access to the carrier gateway, including the possibility to use mobile technical solutions, referred to in Article 6(2)(h) shall allow carriers to proceed with the consultation referred to in paragraph 1 prior to the boarding of a passenger. For this purpose, the carrier shall be permitted to consult the ETIAS Central System using the data contained in the machine readable zone of the travel document.
The ETIAS Central System shall respond by indicating whether or not the person has a valid travel authorisation. Carriers may store the information sent and the answer received. |
2. Delete |
|
3. An authentification scheme, reserved exclusively for carriers, shall be set up in order to allow access to the carrier gateway for the purposes of paragraph 2 to the duly authorised members of the carriers’ staff. The authentification scheme shall be adopted by the Commission by means of implementing acts in accordance with the examination procedure referred to in Article 79(2). |
3. Delete |
Justification:
In the well-established US, Canadian and Australian systems, carriers do not need to consult a separate database to verify the status of the traveller’s authorisations. Carriers only need information from border authorities on the validity of the passenger’s travel authorisation. Carriers should only submit API data to national authorities as part of the existing requirement to transfer API data for each passenger under Directive 2004/82 and receive an OK/NOT OK answer as part of the CUSRES message.