Maritime Passenger Targeting

13th May 20226th May 2022 NeilWalker

By Manu Niinioja, Law Enforcement Expert, WCC Group

A drug unit has been investigating organised crime groups smuggling drugs from the Netherlands to Finland. The investigation has just started when one potential female smuggler takes a flight from Helsinki to Amsterdam. National Passenger Information Unit (PIU) is alarmed to provide information when she flies back to Finland. In Bussum, a small town some 30 km from Amsterdam, she receives two kilos of cocaine, which is worth EUR 200.000 – 300.000 in the streets of Finland, depending on how pure it is. Instead of taking a flight back to Helsinki, she takes a flight to Tallinn (Estonia) and continues to Helsinki by ferry, trying to avoid detection at the airport. Unlucky for her, Finland has a passenger targeting system covering also maritime and investigators are notified on time. After 200km long surveillance, lasting a few hours from Helsinki harbour to the streets of Tampere, the female smuggler and a man receiving the drugs were arrested with the drugs. The investigation continues…

Passenger targeting
UN Security Council Resolutions 2178 (2014), 2396 (2017), and 2482 (2019) mandate that UN member states build their capabilities to detect passengers connected with terrorism and serious crimes using Advance Passenger Information (API) and Passenger Name Records (PNR). API is essentially a biographical dataset found in the machine-readable zone of the passport, while PNR includes the information collected by the air carrier to carry out a booking, such as information about the travel itinerary, contact details, payment methods, and so on. To simplify further, API data is considered ‘confirmed’ data as it’s collected by the carrier during check-in but PNR on the other hand is ‘declaratory’ information provided by the passenger and therefore unconfirmed.

The collection of API data is complementary to border controls. It provides information about the passengers in advance, allowing the authorities more time to cross-check the API against watchlists of known targets, make additional checks on databases if needed and prepare for the arrival of high-risk passengers at the border. It might be that the arriving passenger is on a watchlist for intelligence collection purposes, for example, therefore information regarding the arrival is needed in advance to ensure that a surveillance team is ready. API data is often shared with the authorities at the time of departure, but if it is shared before, it will also provide the possibility of intercepting outbound passengers.

PNR data is the information that the carrier has in its systems for business purposes. It contains lots of valuable information about the passenger’s journey, which can be used to crosscheck against different criteria or profiles to detect passengers who require specific attention. These passengers could be previously unknown high-risk targets fitting a drug smuggling profile but also potential victims of crimes like human trafficking.

Lack of similar processes to the airline industry
The airline industry is already familiar with the use of API and PNR data. WCO, IATA and ICAO have created international guidelines for API and there is also ICAO’s Annex 9 to the Convention on International Civil Aviation to provide similar guidance to the use of PNR, specifically amendment 28 from the year 2020.

From a law enforcement perspective, the maritime industry is lacking similar standard processes for the collection and use of passenger and crew data as those seen in the airline industry. There are regulations for the maritime industry around the provision of information in advance to different authorities including border control entities, but most parts of these regulations are related to the cargo and much of the reasoning behind the regulations is related to safety, not security.

Data collected from maritime traffic
The Facilitation Committee (FAL) of the International Maritime Organization (IMO) deals with matters related to the facilitation of international maritime traffic. The collection of passenger and crew data using IMO’s FAL 5 and FAL 6 forms provides a good starting point for the use of maritime data for law enforcement purposes, providing similar data as API in the air industry. Even though the maritime industry has relied on paper copies of the documents, the requirements for national governments to introduce electronic information exchange between ships and ports came into effect in 2019 under the IMO’s FAL Convention.

At the same time, the use of the single window concept was recommended, which is the same approach as that used for air traffic. The main point regarding the single window, whether it concerns air or maritime traffic, is that the mandatory data is sent once to the relevant government authority and then it is up to the government to share it with the different agencies that require the data.

Again, in the airline industry this single window concept or Passenger Data Single Window (PDSW), as named by the ICAO, is well adapted. New countries adapting the collection of API and PNR data are establishing PDSW for air travel to avoid duplications. Where they have previously had several agencies collecting the data, they are now looking to change this to follow the PDSW concept.

In maritime on the other hand, this concept had been also proposed before 2019. For example, in 2010 the European Commission imposed the directive “2010/65/EU on reporting formalities for ships arriving in and/or departing from ports of the Member States, repealing Directive 2002/6/EC,” where the single window is mentioned as the place where all the information is reported once and made available to various competent authorities and relevant Member States. On the contrary, this led to a bigger burden for the maritime industry and now the EU is looking to harmonise how the data is shared under new regulation (EU) 2019/1239 to establish a European Maritime Single Window environment and repeal Directive 2010/65/EU.

As we can see, there are efforts to use a similar approach in maritime as that already used in air traffic. The data identifying the passenger and crew members are available through FAL formats and the person-related information is the same as the API used for the air industry. The difference is in the transportation-related data shared, for example, in FAL formats, where there is the IMO number of the ship, and its call sign, which replaces similar data related to the flight in air API.

This data related to a specific vessel is an interesting feature as besides targeting the passengers and crew, it might be interesting to target the vessel, depending on its previous ports. This will also add the need to focus more on the crew than passengers of some vessels, such as cruise ships, as the passengers might change but the crew stays on board for longer periods travelling around the world. Cruise ships are huge floating hotels – currently the biggest cruise ship “Wonder of the Seas” has a capacity of almost 7000 passengers and some 2300 crew members.

Still, looking at the data specifically on the passengers, we must remember that cargo vessels are also carrying passengers. Again, if one wants to try to avoid detection by authorities, choosing a cargo vessel might be a good option.

Additional data
Besides the data from FAL 5 and FAL 6 forms, cruise lines and ferry companies can provide additional information. As said, FAL 5 and FAL 6 forms provide the biographical details but nothing more regarding a person itself. Cruise lines and ferry companies might be able to provide lots of other details that are close to or the same as PNR data in the air industry. They also need to collect contact details like phone numbers and details of payments. Ferry companies do have loyalty programmes similar to the frequent flyer information maintained by air carriers. There are no seats, but vessels have cabins and, similarly, there can be several persons included within the same booking as in the PNR collected by air carriers.

In addition to this data, ferries often carry vehicles, and this provides an interesting data source for law enforcement. This data can be very useful, especially when tackling mobile organized crime groups (MOCG). It takes two hours to travel from Helsinki to Tallinn across the Baltic Sea, 90 minutes from the UK to France. Renting a car or using one that is already available to carry out criminal activities are things for criminals to assess, with both having pros and cons. Tracking vehicle movements using the data from ferry companies can be helpful in smuggling cases whether related to drugs, other illicit goods, or people.

How to ensure that mandatory data is received?
One of the challenges in maritime data collection is compliance monitoring. This might require cooperation with the navy or coast guards as tracking vessels can be challenging. Vessels could stay in international waters, but passengers and illegal goods might be moved to shore using smaller boats.

Of course, air traffic has the same challenge when verifying if all the data has been pushed at the right moment, but still, this is easier than with the maritime sector. Aeroplanes cannot stop in the middle of the air and wait for days or longer like maritime vessels can.

Data from national authorities who are surveilling the waters could be useful, but there are also other means to track the movements of vessels. An Automatic Identification System (AIS) provides information using the transponders of a maritime vessel and these data feeds could be integrated into national targeting systems to check that all data has been sent.

Experiences from law enforcement
The use of maritime data has proven very useful to joint operations supported by Europol. During the years 2014 – 2015, Sweden led an operation called “Turnstone,” supported by Europol. The main other participating countries were Finland and Estonia. Among these three countries, there is regular high volume ferry traffic, and Operation Turnstone used passenger data from ferries to tackle specifically mobile organized crime groups in the Baltic Sea Region. During 10 operational action weeks, 200 suspects were arrested, and EUR 2.5 million worth of items were seized.

This operation provided excellent results, highlighting the importance of cooperation between maritime companies and law enforcement agencies in different countries. Operation Turnstone, as well as Europol’s EMPACT Operation TRIDENT (2018-2019), were explained in detail during Finland’s EU Presidency (the second half of 2019), with Finland sharing a proposal that aimed to widen the scope of the EU PNR Directive to forms of transportation other than air traffic.

Globally, INTERPOL has also noticed the added value of collecting maritime data during international operations like NEPTUNE III summer 2021. This international operation aimed at strengthening passenger controls at several seaports and airports linking North Africa to Southern Europe and yielded 29 arrests for a variety of offences, including one on terrorism charges. Large amounts of drugs, guns, and cash were also seized during the operation.

As mentioned previously, vessels carry sizable numbers of people and this creates challenges for cross-checking data. With short ferry routes, the technical capacity of the systems to cross-check the data but also to have enough time for the manual assessment of the matches is a challenge. When the passengers are then embarking, detecting targets is a challenge if there are no passport controls, as in the Schengen area for example.

The use of CCTV, facial recognition and other methods can help to detect targets but also provide additional information, for example, regarding their travel companions. While using the passenger data for targeting, we must always keep in mind that it is only data and might not show all the details or links between the individuals concerned. Therefore, we should always look at other sources to support law enforcement action and keep in mind that it might be possible to confirm the identity of a passenger only when he or she is actually intercepted by the authorities.

One way to see how passengers are behaving, and how they are interacting with each other, is to deploy plain clothes law enforcement officers on board vessels to observe the passengers. They might be able to detect potential targets before embarking and provide valuable information.

Towards a national targeting centre
The combination of maritime and air travel is something that criminals are using to avoid detection by law enforcement as we saw in the fictional story at the begin of this article. The collection and processing of passenger and crew data should be done by the same national targeting centre so there is a possibility of detecting these so-called “broken travels”, using data from different travel modalities. Few countries globally are already processing all passenger data using the same system and many more, especially in Europe, are now looking at possibilities around creating a targeting centre collecting data from all travel modalities, not only air. Typical challenges faced when working with passenger data from multiple sources is that it is hard to create a passenger centric view, especially when a travel document is not (yet) available which often is the case with PNR data or maritime passenger data. This challenge can be solved with advanced commercially available software solutions.

Visa applications and pre-departure screening like ESTA for the US or the incoming ETIAS for the EU also provide valuable information for passenger targeting. When combining this information with API and PNR data from all travel modalities, alongside other methods like CCTV and facial recognition at the port of entry, the detection of potential terrorists or serious criminals can be supported. This is a challenge for the interoperability between different systems, but it is also the future of passenger targeting and securing the borders.