Airlines Mandated to Share Passenger Travel Itineraries and Credit Card Details with Indian Government Starting April 1, 2025

Beginning April 1, 2025, airlines operating international flights to and from India will be required to share detailed passenger information with Indian customs authorities under the Central Board of Indirect Taxes and Customs (CBIC). The directive, issued as part of the Passenger Name Record Information Regulations, 2022, aims to enhance border security and facilitate risk analysis.

Failure to comply with the mandate could result in penalties ranging from INR 25,000 to INR 50,000, equivalent to approximately CAD 410 to CAD 820 per violation, according to CBIC.

Airlines must register with the National Customs Targeting Centre-Passenger (NCTC-Pax) by January 10, 2025, to comply with the new regulations. The rules apply to all international flights to and from India, including transit and transfer passengers.

What Data Will Airlines Share?

Airlines are obligated to transfer passenger information at least 24 hours before departure or at the time of wheels-off. Data to be shared includes:

• Passenger names

• Payment information (credit card details)

• Ticket issuance dates

• Travel itineraries

• Contact information (email and mobile number)

• Travel agency details

• Codeshare and baggage information

This data collection will encompass all passengers, including those traveling from Canada, the UAE, and other countries.

Privacy Concerns Emerge

While CBIC emphasizes that sensitive information, such as race, religion, political views, and health details, will not be processed, critics are wary of potential privacy violations.

“The extent of data being collected is alarming. While the aim is security, there’s a lack of transparency about how this information will be safeguarded,” said Kamaljit Gill, a frequent traveler from Toronto.

Mandeep Grewal, a privacy advocate in Brampton, added, “Passengers deserve clear assurances on how their personal data will be used and stored. Trust in the system hinges on robust privacy protocols.”

Implementation Timeline

The initiative will begin with a pilot phase on February 10, 2025, involving select airlines. Full implementation is slated for April 1, 2025, for airlines operating independently, and June 1, 2025, for those using global distribution systems (GDS).

How Will Data Be Used?

The NCTC-Pax will manage the collected data, ensuring access only to authorized personnel. Data will be stored securely for up to five years and anonymized thereafter unless required for investigations or security purposes.

Officials argue that the move will bolster border security while adhering to international standards for passenger data handling. However, critics maintain that stringent measures must be taken to prevent misuse and protect travelers’ privacy.

As airlines and passengers brace for the changes, the balance between security and privacy remains a contentious issue, sparking debates that are unlikely to subside anytime soon.