In March 2020, Frank van der Linde entered the immigration queue for European Union citizens at Amsterdam’s Schiphol International Airport. Linde, a Dutch citizen and human rights defender, was returning home from outside the EU and was asked a series of questions about his trip by the immigration officer. Linde thought it was a random control; After a few minutes, he was allowed to enter. But unbeknownst to Linde, his responses were recorded and shared with a Dutch prosecutor, who was gathering information about Linde’s movements.
The officer had been informed of Linde’s arrival that day through a seemingly harmless action that occurs every time a flight is boarded to the United States, much of Europe, and, increasingly, anywhere in the world: the exchange of detailed personal data about each traveler between airlines. and governments. The data, which is kept on you for years, is increasingly valuable to technology companies that are experimenting with using algorithms that could decide who is allowed to cross international borders.
Linde, who is outspoken about homeless rights, anti-racism and pacifism, was first secretly named by Dutch police in 2017 as a person of interest under an Amsterdam municipality’s anti-terrorism program. In July 2018, Linde had a “strange feeling” that he was being watched; He would eventually sue the government more than 250 times under freedom of information laws to uncover the extent of the surveillance. Although Linde was removed in 2019 from the city’s watch list and later received a personal apology from Amsterdam’s mayor, scrutiny continued. When Linde found out that the police had put his name on an international document travel alerthe wondered if they were also using his travel data to track him.
In October 2022, Linde requested his flight records from the government. The data, called Passenger Name Record (PNR), is a digital trail of information related to the purchase of an airline ticket. Most commercial airlines send PNR records to the destination country between 48 and 72 hours before departure. While PNR records may seem harmless, they contain very sensitive personal information, including the traveler’s address, cell phone number, flight booking date, where the ticket was purchased, credit card, and other information. payment, billing address, baggage information and frequent flyer information. , general comments related to the passenger, planned travel date, complete travel itinerary, names of accompanying travelers, travel agency information, historical ticket changes and more.
In December 2022, more than two years after Linde passed through Schiphol, the Dutch PNR office, called the Passenger Information Unit, handed over 17 travel records to Linde. They said they hadn’t shared their data with others, but Linde was suspicious. He quickly filed an appeal. In March 2023, the Dutch government admitted that it had in fact shared Linde’s PNR details three times with border police, including before the March 2020 flight, when the immigration officer was instructed to extract information covert (They also shared seven additional flight logs that they claimed to have discovered only in a second search.)
As Linde reviewed his PNR records, he was surprised to discover that some of the travel data the government had on him was incorrect: Some flights were missing, and in four cases, the government had records of flights he never took. For example, a 2021 PNR record indicated that Linde traveled to Belfast, Northern Ireland; Linde says she had booked the ticket, but changed plans and never boarded the plane. “What do companies do with data?” Linde asked as he flipped through copies of the PNR records on his laptop. “If commercial companies help analyze bad data, all kinds of conclusions can be drawn.”