As is often the case with regulation, there’s a difference between theory and reality.
In theory, January 2016’s vote for the EU 2016/681 directive would mean that any airline operating in the EU would provide passenger name records (PNRs) to a passenger information unit (PIU) system in the destination country. PNR data is intended to provide additional information for state security services across the EU to fight terrorism and serious crime. The deadline for making this data available was May 2018.
In reality, asking airlines to provide this kind of information smoothly and seamlessly is a huge technical challenge – both for airlines and EU states.
Why is it so complex to provide PNR data to PIUs, and what can be done about it?
The challenge of sending and receiving PNR data
The security benefits of the EU PNR directive are clear. Unfortunately, the challenges of following the directive are significant:
- For states: All EU states are now expected to connect to each airline flying to and from their territory and collect PNR data from them – while also ensuring this data is complete and reliable. Once the data is collected they must also analyze it while complying with the new GDPR regulation – ensuring that this personal data is kept safe and secure.
- For airlines: Any airline operating in the EU must transfer its PNR data in real time to the destination country, and this implies the contribution of many IT actors throughout the air transport chain acting on their behalf. This is a huge technological task – which implies feeding state systems in different countries with the requested data in a permanent flow, in different formats depending on the requesting country’s requirements. This is clearly a heavy burden for already over-stretched IT resources.
In sum the new regulation requires the implementation of data flows and deploying data analysis:
- For 900 Airlines coming from 180 states
- For the 28 EU member states
- Involving 100 data providers resulting in 1,000,000 messages per day exchanged between parties
Due to this enormous complexity, many airlines and EU state actors have struggled to fully comply with the directive. What’s the solution?
Conztanz’s API-PNR gateway - a community solution
Since the PNR directive 2018, Conztanz has been working with EU governments and airlines to develop a solution which will allow airlines to quickly and easily comply with these new requirements. We launched the API-PNR gateway in March 2018 to help airlines and governments send and receive PNR data in a fast, seamless and secure manner.
The highly secured community gateway, which is independent of data analysis systems, has been developed with the support and collaboration of the Luxembourg authorities. It is already connected to Luxembourg’s PIU systems, data provider ARINC and major Passenger Service Systeme Amadeus, and Navitaire. This provides PNR data for Flybe, Ryanair, Hahn Air, KLM, Hop, Aegean, British Airways, LOT polish airlines, Volotea and Vueling so far. There are also 3 airlines with a direct connection due to its system specificities, which are Turkish airlines, Easyjet and TAP.
This community solution offers a single point of collection for PNR data sources to any subscribing government and therefore alleviates the burden of multi-source connection, data certification and permanent consistency checks for governments as well as airlines.
Here’s how Conztanz’s API-PNR Gateway is helping airlines:
- Fast integration of data provider systems.
- A built-in converter of raw data to standard IATA format (PNRGOV and PAXLST).
- Reduced support and maintenance costs based on a secure, shared business model.
- Shorter implementation project thanks to our specific PNR experience and our deep expertise in airlines systems and data.
The API-PNR Gateway closes the gap between the theory of the EU PNR Directive 2018 and the technological realities of implementing it.