Planned law will let Israel collect personal info on all airline passengers

Database, which matches programs in US and elsewhere, will compile everything from credit card numbers to meal requests in order to fight terror, crime and pandemics

Tal Schneider is a Political Correspondent at The Times of Israel

The departure hall at the Ben Gurion International Airport, on August 16, 2020. (Avshalom Sassoni/Flash90)
The departure hall at the Ben Gurion International Airport, on August 16, 2020. (Avshalom Sassoni/Flash90)

Israeli authorities are drafting a bill that will require airlines to share private information about travelers entering or leaving the country, including the credit card number used to pay for the ticket, their billing address and where else they might be traveling.

The proposal, which is nearing completion but has not been submitted to the government for approval, is expected to face serious opposition once it reaches lawmakers for a vote, though proponents note that its provisions are in line with standard information collected on passengers in the United States and Europe.

Work on the bill has been underway for several years, initially spurred by terror concerns, but it has been given extra urgency recently by the coronavirus pandemic, defense officials told The Times of Israel on condition of anonymity. During the pandemic, Israel has sought to track where arrivals are coming from and their activities in the country as part of contact tracing efforts.

Of particular interest to authorities during the pandemic is knowing where travelers were coming from — not just their last immediate port of departure, but every place they visited or had a connection. Israel banned entry for arrivals from certain countries and at times imposed varying quarantine rules depending on infection rates in different locations, but those rules were easily circumvented by connecting through a third locale.

According to the text of the legislation being worked on by the Justice Ministry, Shin Bet security service and National Security Council, which is still under wraps but was seen by The Times of Israel, a passenger database will be created to hold a wide array of information on “any person who is landing or will soon land in Israel or is taking off or will soon take off from it.”

Beyond the person’s name, nationality, date of birth and passport number, which are already transferred to authorities, the database will collect files used by airlines called PNRs, or passenger name records. These include a wide array of information regarding passengers, the flight or flights they took, how the tickets were purchased and travel status, including where they sit, how much luggage they check in or carry on, and any special requests like meals or other in-flight services.

The database will allow authorities to see credit card numbers used to purchase a ticket, as well as a billing address and whether there are other related charges on the card. If a passenger is in a frequent flyer or rewards program, or got an upgrade, or bought a one-way ticket, it will be in the database, and if six tickets were purchased together, or someone missed their flight, it will show that too.

Travellers seen being transferred from the airplane to the arrival hall of Ben Gurion International Airport, near Tel Aviv, on April 11, 2018. (Moshe Shai/Flash90)

The database will also include the traveler’s complete itinerary, including connecting flights; membership in frequent flier programs or other airline loyalty promotions; information about their checked luggage and carry-on items; and if the ticket is one-way or includes a return itinerary.

The bill calls for the database to include “the assigned seat number and other information related to the seat,” which can include anything from if a special meal was ordered or special equipment for a baby or disabled person was requested, to whether the seat comes with extra legroom. Even the purchase of Wi-Fi service or a bottle of perfume from in-flight duty free can show up in the database under the proposed legislation.

Everybody else is watching

The idea for the database dates back to 2014, when former prime minister Benjamin Netanyahu’s government ordered a task force be formed to study the possible establishment of a passenger database.

Many countries maintain databases to collect PNRs, which also include APIs, or advanced passenger information, from airlines. Since 2010, the International Civil Aviation Organization, an international commercial aviation clearinghouse operating under the auspices of the United Nations, has maintained guidelines for countries to legislate the establishment of such databases.

A worker loads a bag onto a conveyer belt at a United Airlines check-in counter at Hartsfield-Jackson Atlanta International Airport, on Wednesday, July 8, 2015, in Atlanta, GA. (AP/David Goldman)

The UN encourages countries to share databases as a law enforcement mechanism to protect against terrorism, money laundering, trafficking and child abduction.

A Justice Ministry spokesperson noted that “the scope of the information that will be stored in the Israeli database will not be wider than is customary in the world, but will operate in accordance with the prevailing arrangements in the world on this issue, in accordance with the guidelines of the International Aviation Organization.”

The US and European Union maintain such databases of PNR information, including credit cards and other specific information, and have an agreement to share them between each other as an anti-terror resource. In the US, an online guideline notes that racial, ethnic and religious data could be collected from PNRs as well, though those will only be used in extraordinary circumstances.

Israel’s impetus for looking into such a database in 2014 was the rise of the Islamic State, and was a response to UN Security Council Resolution 2178, which adopted a global fight against terrorists crossing borders and countries, including by restricting travel and flights around the world.

File photo of security personnel checking passengers’ luggage at Ben Gurion International Airport in Lod, on September 7, 2019. (Moshe Shai/Flash90)

The team formed by the government was headed by representatives from the Counter-Terrorism Bureau and the National Security Council, both of which operate out of the Prime Minister’s Office. Discussions were held with officials from the Shin Bet, the police, the Defense Ministry, the Health Ministry, the Justice Ministry’s anti-money laundering unit, the Population and Immigration Authority, and the Tax Authority, among others.

However, it was not until February of 2020, with efforts to curb the spread of COVID-19 concentrated on travelers entering the country, that work on the bill began in earnest. That month, with new elections looming, the government passed a decision to create an ad-hoc directorate for the purposes of creating a passenger database, with all necessary legislation. The database is also backed by the new government that took office in June.

The project was initially allocated a budget of NIS 7 million ($2.2 million) for 2020 and 2021, though The Times of Israel has learned that the current cost of the project is NIS 33 million ($10.3 million) and officials are seeking NIS 650 million more ($203 million) for the coming years.

Terror, copyrights and plant health

The purposes of the database specified in the law being written up range far beyond fighting terror, and allows for the information to be accessed or used for a wide array of activities, most of them involving law enforcement.

Included are investigations against criminal organizations, drug offenses, corruption, credit card fraud, money laundering, cybercrime, illegal immigration, organ trafficking, human trafficking and sexual offenses. The database can also be used to enforce laws on copyrights and defense exports. The information will also be available for the purposes of protecting public, animal or plant health.

Police officers enforce COVID-19 regulations at Ben Gurion Airport, on July 19, 2021. (Avshalom Sassoni/Flash90)

Unlike the US, where privacy laws kept the Department of Homeland Security from sharing PNR information for contact tracing efforts with health officials, forcing them to unsuccessfully seek the data from the airlines directly, in Israel the law is being written so that the database can be shared with a wide array of government agencies, according to a copy of the draft bill seen by The Times of Israel.

Ostensibly, only data relevant to an agency’s request will be shared with them.

Under the proposal, the database will be maintained for five years and overseen by the Tax Authority, which will be tasked with combing through the PNRs and flagging anything suspicious. An official from the state Privacy Protection Authority would be tasked with oversight of the program and preventing abuse.

Under the law, information from the database can be transferred to foreign countries or international agencies, provided it is for a purpose noted in the legislation and steps are taken to keep the information confidential.

Travelers are seen at Ben Gurion Airport, on September 6, 2021. (Yonatan Sindel/Flash90)

The Justice Ministry spokesperson confirmed the details of the proposal to The Times of Israel and noted that while progress is being made, it is not yet clear when the legislation will go to the government and on to the Knesset for passage.

“The purposes of using the information collected in the database will be determined in the main legislation,” the ministry said in a statement. “According to the wording, these goals will include the fight against terrorism, the fight against serious crime, the security of civil aviation, the fight against illegal immigration and the improvement of border controls, and the protection of public health, in the sense of preventing the spread of epidemics or infections.”

Most Popular
read more: