Travellers’ surveillance: The role of the UN Countering Terrorist Travel Programme

In this briefing, we identify the most significant concerns on the UN Countering Terrorist Travel Programme (CTTP), and put forward a range of recommendations to mitigate some of the human rights risks associated with the surveillance of travellers.

Long Read
Travellers' surveillace

In this new briefing, we identify the most significant concerns on the UN Countering Terrorist Travel Programme (CTTP), and put forward a range of recommendations to mitigate some of the human rights risks associated with the surveillance of travellers. We based our briefing on publicly available information and our own research, outlining the purposes and activities of this UN programme. We shared a draft of this briefing with the United Nations Office of Counter- Terrorism (OCT), which coordinates and implements the CTTP in partnership with other UN entities. We continue to engage with OCT and other UN partners of the CTTP.

Since the events of 9/11, the securitisation of international borders has shifted gear, and every new major geopolitical development (such as the Syrian conflict and the emergence of the foreign fighters’ phenomenon) is further serving to strengthen the hand of those advocating for the expansion of the surveillance of travellers at borders.

In this context, the collection, analysis and sharing of passengers' personal data is ramping up in scope, purpose and technical capabilities. Processing travellers’ data is seen by many governments and industries as necessary to respond to perceived threats of terrorism, investigate serious crimes and more broadly secure borders against illegal entries.

While recognising states’ legitimate aim of preventing and investigating acts of terrorism and other serious crimes, PI has long been concerned by the largely unregulated introduction of surveillance technologies at borders, resulting in mass surveillance and deployment of unfettered surveillance powers. PI believes that the systematic, untargeted collection, analysis and sharing of travellers’ personal data constitutes a form of mass surveillance and does not meet the requirements of necessity and proportionality under international human rights law.

As a growing number of governments require travellers’ data from airlines, several states and private actors are providing support to process travellers' data, including data such as Advance Passenger Information (API) and Passenger Name Records (PNR). API refers to a passenger’s identity and includes full name, date of birth, gender, citizenship and travel document data, while PNR data may contain a wider range of personal data, including passenger contact information, information relating to the means of payment or billing, information concerning baggage and general remarks regarding the passengers, such as meal preferences. Together with states and companies, the United Nations (UN) is becoming an increasingly influential actor in providing surveillance assistance. In a context where many states and private actors offer governments products and services to enable governments to process travellers’ personal data, the UN Countering Terrorist Travel Programme offers UN Member States a range of assistance, including a purpose-made software called "goTravel", that enables government authorities to process API and PNR data.

In light of the trend towards utilising personal data to enable the mass surveillance of travellers crossing borders around the world, we have conducted research into the role of the UN Countering Terrorist Travel Programme and has published our findings in the form of a briefing entitled: Travellers’ surveillance: The role of the UN Countering Terrorist Travel Programme. This briefing, based on publicly available information and our own research, outlines the purposes and activities of the UN Countering Terrorist Travel Programme, identifies the most significant concerns, and puts forward a range of recommendations to mitigate some of the human rights risks associated with the surveillance of travellers.

As a result of these concerns, we recommend, in our briefing, that the UN Countering Terrorist Travel Programme:

  • Suspends the roll out of the goTravel software solution until the UN Countering Terrorist Travel Programme can publicly demonstrate its capacity to monitor its use by beneficiary UN Member States and has developed an effective mechanism to withdraw it if it receives reports of abuses/misuses of the software;
  • Develops its capacity to monitor UN Member States’ processing of API and PNR data in accordance with human rights law, including data protection;
  • Develops and conducts human rights risk assessments (including data protection impact assessment) prior to providing any assistance to Member States;
  • Regularly and meaningfully consults with national civil society organisations and experts during the prior human rights assessments and during the implementation of assistance programmes;
  • Publishes the recommended legal provisions and other policy documents and tools used by the UN Countering Terrorist Travel Programme to provide assistance to Member States;
  • Develops and publish a privacy policy for the goTravel software;
  • Updates on a regular basis the list of beneficiary Member States, with details on the status of support, including up-to-date list of authorities testing the goTravel software solution and countries where it is fully operational.