Can the use of passenger data help contain, track, or manage the spread of infectious diseases?

Over the last few months news headlines around the world have been reporting on the outbreak, attempt to contain, and the spread of a new coronavirus now known as COVID-19. Initially discovered in Wuhan, China, in just over two months the virus has spread from just one city in China to 33 other countries around the world .

Humans are by nature, a migratory species. History shows we have travelled the planet for millennia. The way in which we’re now able to travel from one side of the world to the other in under 24 hours is undoubtedly a boost for business and is enjoyed by tourists. Fast and efficient travel also means diseases have the ability to spread very quickly. Travellers move from one city to another in close proximity to hundreds of other people; disease may be passed on at an alarming rate. Ordinarily this isn’t a problem, modern medicine is incredibly efficient at keeping us well and supporting our immune systems when we become sick. The challenge comes when a new bacteria or virus such as COVID-19 emerges. Humans have no immunity to the new disease and medicine has no means to help us fight off infection or help us get better when we do fall ill. Science needs time to develop vaccines; meanwhile, the disease spreads frighteningly quickly.

There were a reported 15,952 deaths in 2018 as a result of terrorism . Each of these deaths is a tragedy. I believe that those of us working in the security and border management world must consider how we contribute to managing the threat of uncontrolled and uncontained spread of new diseases. We should consider the proposition that diseases may present more of a threat to the global population than terrorism and organised crime.

There is a very real threat that new diseases could travel undetected around the world very quickly, spreading through the population in many countries before individuals show any symptoms.

As of the time of writing this article (26th February 2020) COVID-19 kills 1-2% of those it has infected outside China . A disease with a mortality rate of 1-2% that is new to science, without a cure, spreading throughout the world’s population who have no immune resistance, has the potential to kill many more people in one year than the darkest and most devious dreams of terrorists who wish us harm. Can we make use of information gathered by governments to assist with border management to help control the spread of diseases such as COVID-19?

Airlines and cruise/ferry operators provide many governments with passenger information in the form of API (Advance Passenger Information) and PNR (Passenger Name Records) to assist with managing border control with particular focus on counter terrorism and combatting serious and organised crime.

Advance Passenger Information contains details about each traveller, at its core it is the information contained in the machine-readable zone of passports, ID cards, and other travel documents. A small amount of information is added about each traveller’s journey but this only relates to the current segment of the journey being undertaken.

It is possible to see where a traveller’s journey began as long as the journey being undertaken was booked in a single transaction and as a single journey. For example, the API of a traveller’s journey from London to Sydney via Hong Kong would be shown as a single journey with a calling point in Hong Kong.

If the traveller booked the same journey as two tickets, perhaps the journey was cheaper when booked as two individual flights, or perhaps the traveller wanted to visit Hong Kong for a few days en-route to Sydney, the API would only show each leg of the journey. The Hong Kong authorities would only see the journey from London. The Australian authorities would only see the leg from Hong Kong.

Travel undertaken with multiple tickets or with stopovers is often referred to as broken travel. There can be many good reasons for booking such journeys, multi destination holidays and the availability of cheaper tickets are both legitimate reasons for travellers wishing to book their travel this way. Some travellers make broken travel arrangements to make it harder for authorities to identify smuggling or other organised criminal activity, booking long journeys using several tickets makes it very difficult to identify a traveller’s original point of departure. However, most broken travel is booked for reasons of budget or convenience – it is not a reliable indicator that an individual is trying to hide dishonest behaviour or criminal intent.

The main use of API is to assist with border management, traveller’s details are checked against data sources that contain among other things, lists of wanted persons. This allows persons potentially of interest to be identified before they reach a border crossing point. Plans can be made about how such persons will be managed when they approach the border. Sometimes the course of action will be to arrest, deport, interview, or place the person of interest under surveillance. It is clear that API has uses when looking for individuals who are wanted by authorities, but it is of limited use when trying to screen for travellers who have recently been exposed to a health hazard.

In order to identify whether or not travellers may be of interest an element of risk profiling will need to take place. In border management and other forms of law enforcement, profiling of individuals is not something that often yields reliable results. Such crude methods are open to abuse and can very easily lead to racist, sexist and other discriminatory practices whether or not these were intended. This was wonderfully demonstrated by Michael O’Leary of Ryanair in an ill-advised interview with the Times in the UK on 22nd February where he suggested that Muslim men travelling alone should be singled out for extra security checks at airports.

As mentioned earlier in this article, API is primarily about the traveller as an individual with a very limited amount of information about the traveller’s journey. It is not a dataset that can be reliably used to analyse risk in these circumstances.

PNR, or Passenger Name Record information contains data about each traveller’s reservation. PNR is most often used by customs and intelligence agencies to carry out risk profiling against particular threats. The use of PNR does come with particular challenges.
The original purpose of PNR was not to be analysed by government agencies, it is a repository of information used by airlines to service each of their customers’ bookings. Airlines need to know certain things about their customers, this information can be deemed to be personally sensitive according to data protection regulations.

To provide good customer service an airline will need to know if a passenger needs wheelchair assistance at the airport and if a special meal is required. Such information seems relatively uninteresting but can potentially be problematic. The need to use a wheelchair at the airport could be an indicator that a particular traveller has a disability and the request for a special meal could identify a traveller’s religious beliefs. This is information that a government must not use for the purposes of security and risk profiling. Sensitive data within PNR has to be removed by the airline before being shared with a government. Governments have a duty to discard information within PNR that they should not have received.

The permitted PNR dataset contains lots of information that is very useful when attempting to identify passengers that may be of interest. Data fields such as method of payment, date of booking, details of all flights booked as part of this reservation, and number and weight of checked bags can be very helpful in a number of situations. Combined, API and PNR can be very powerful tools indeed. For example, a young traveller from a developing country, travelling on their own, on a newly issued travel document, departing from Central America, paying cash for a ticket shortly before departure, with a return ticket in 3 days, checking 3 bags weighing 23kg each, would likely be of interest to officers investigating and fighting drug smuggling. This is an over-simplified example but explains how API and PNR are used to profile risks rather than individual passengers.

A key part of the information contained within PNR relating to the challenges of controlling the spread of new diseases is the details of all flights on the reservation. A government receiving PNR will be able to see where passengers have been prior to arriving in their territory for flights reserved as part of one journey. Many journeys are from one point to another with no connecting flight so it is easy to ascertain where a traveller started their trip. Some journeys have connecting flights, and some may be booked as part of a tour of several destinations. Travellers booking a holiday may expect all their flights to be part of one reservation if all flights were booked at the same time and are operated by cooperating airlines. It would be possible to book an entire holiday on one reservation. In the current climate it would be very useful to be able to identify travellers returning from a tour of South East Asian countries defined as high risk by the World Heath Organization. Travellers returning to Europe having visited Beijing, Hong Kong, Kuala Lumpur, Seoul, and Singapore may present more of a risk of infection of COVID-19 than those returning from a trip to other regions.

In reality, and from personal experience, it is not often that entire holidays such as the example given above are booked as one reservation. Many travellers book long-haul flights to their destination area first and arrange regional or local flights once an itinerary is agreed. It may be that flights between cities as part of a grand tour are made with regional airlines that only accept bookings made directly. These flights will have their own PNR, created in isolation from the long-haul flight. There is nothing to connect these two records, meaning it will not be possible for a government to have a complete travel history of the entire journey.

I was recently asked to attend a country’s embassy in London to have my passport checked for Chinese entry and exit stamps before I could apply for a visa. I haven’t been to China for many years, but like many frequent travellers I have two passports, checking for stamps in a travel document does not provide proof of anything.

Governments have been implementing mandatory quarantine for returning travellers at highest risk of carrying COVID-19. This has been widely reported in the media, along with news of anxiety and stigma within the public. Some people may try to hide the starting point of their journey to avoid discrimination or the need to enter a period of quarantine. This could lead to people travelling from a region of high risk of infection to a lower risk location and then booking a single flight to another region. This traveller’s API and PNR would not highlight either the journey or individual as being of particular risk, yet they could be someone who is carrying COVID-19, infecting others, while not yet showing any symptoms.

One possible way to ensure that travel history is shared is that an inter-governmental agency is appointed to collect and store information relating to border crossings. There are many data protection, civil liberties, and international cooperation arguments to settle about this idea, but to control new diseases spreading quickly we need new ways of thinking. Could such an inter-governmental agency collect information from each government about border crossings including travellers’ names, date of birth, travel document details, nationalities, and date of entering and leaving a country? Could this information be held centrally and API and PNR screened against this database only at times when there are active outbreaks such as COVID-19 and in the past SARS and Swine Flu? The responsible management and protection of such a huge database with data from so many countries would be a gargantuan task, but perhaps we should start discussing this within the border management community now?

API and PNR have been used as tools to assist law enforcement agencies for many years. The data contained within API and PNR has been exceptionally useful in risk profiling against terrorism and organised and serious crime. This data has the potential to be very useful in helping to control disease.

API and PNR are no replacement for skilled and highly trained border guards, customs agents, and other law enforcement agencies – while this data is useful and any information is better than nothing at all – it must be remembered that the picture painted by the available data might not always be complete.

API and PNR have the potential to play an important role to play in assessing each traveller’s risk and admissibility when crossing borders for a range of reasons, not just counter terrorism and serious crime. Using API and PNR for wider purposes will take a lot of work and cooperation between governments and data privacy and security must be ensured.

In the face of a potential crisis we require new ways of thinking that use the information available to help us to make swift, accurate, and well-informed decisions.

By Andrew Priestley, Agile Borders – helping governments, inter-governmental organisations, and commercial organisations understand and make most effective use of intelligence led border management