- Assessing the European Commission's Options for Digitalising Travel Documents
The digitalisation of travel documents has the potential to revolutionize the travel experience, but it is essential to consider both efficacy and privacy implications. The European Commission's public consultation, which closed 28 June 2023, on digitalising travel documents presents six options, aiming to make travel easier. However, upon careful analysis, it becomes evident that none of these options provide a comprehensive and privacy-focused solution and we suggest seventh alternative.
While the adoption of the ICAO (International Civil Aviation Organization) DTC (Digital Travel Credential) guidelines may appear as a viable choice, it falls short in meeting all privacy aspects, particularly selective disclosure. Let’s first summarise the Six Options Presented by the European Commission and our analysis.
Option 1: Status Quo - proposes Member States can implement their own digital travel documents as they see fit
Pros:
- Familiarity: The current paper-based and pseudo paper-based travel document system is widely used and familiar to travellers.
Cons:
- Inefficiencies: The status quo fails to address the inefficiencies of current approach when crossing borders leading to delays and potential errors.
- Development of differing standards may mean that only 27% of passenger travel – that being the Domestic flight market in Europe - is facilitated by digitalisation.
- Ultimately Option 1 lacks any coordinated advancements to address inefficiencies, security risks, and delays in the existing system. It is also probable that developing international standards will be forced upon Member States and Operators through commercial realities.
Option 2: Digitisation of Travel Documents based on a common EU Standard - proposes an EU standard divergent to the ICAO DTC
Pros:
- Reduced Paperwork: Digitising paper documents can eliminate the need for physical copies and streamline administrative processes.
Cons:
- Lack of Interoperability: Without a standardised international framework, digitised paper documents may not be compatible across different systems and countries.
Option 2 lacks international interoperability. In the likely scenario any developed standard is not adopted globally at best this can serve a maximum of approximately 60% of passenger traffic (domestic and intra-European flights). As with Option 1 developing international standards may be forced upon operators through commercial pressure.
Option 3: Digitalisation of Travel Documents based on ICAO DTC Standard
Advocates for following ICAO DTC standard.
Pros:
- Recognised Framework: An international DTC standard may offer a recognised and accepted framework for digital travel documents.
- Potential Efficiency Gains: Adopting a standardized system can lead to streamlined processes and improved travel experiences, globally.
Cons:
- Privacy Concerns: The DTC standard falls short in meeting privacy aspects such as selective disclosure, potentially compromising personal data privacy.
- Lack of Customisation: The international standard may not accommodate specific needs or requirements of individual countries or regions.
Option 3 offers potential efficiency gains but falls short in meeting privacy aspects such as selective disclosure, raising concerns about personal data exposure and potential misuse. It could meet the needs of 100% of passenger traffic as an international approach.
Option 4: Digitalisation of Travel Documents on a voluntary basis - proposes the option for Member States to adopt the ICAO DTC Standard
Pros:
- As with Option 3 plus this permits Member States the ability to decide whether to implement or not.
Cons:
- As with Option 3 though this will reduce the efficacy of the overall EU implementation for international, intra-EU and Domestic travel.
Option 4 offers potential efficiency gains as per Option 3 but falls short in meeting privacy aspects such as selective disclosure, raising concerns about personal data exposure and potential misuse. It may also reduce the potential reach of the benefits based on Member State decision.
Option 5: Obligatory Digitalisation of Travel Documents - proposes Member States must adopt and implement ICAO DTC standard
See Option 3 - evaluated as obligatory.
Option 6: Digital passport/digital identity card allowing a full seamless experience
Suggests a wider solution including provisions for the ICAO DTC, physical passports/cards and one-to-may biometric matching on the move.
Pros:
- Seeks to utilise recognised and accepted framework for digital travel documents.
- Suggests at additional potential efficiency and customer service gains through widening scope to include improved travel experiences.
Cons:
- Previously noted DTC privacy and additional requirement short comings.
- Introduces new concepts not backed by standards or described procedures such as one-to-many border experiences.
Option 6 appears as a somewhat confused Option. It raises more questions than it answers, such as the value of a distributed identity, e.g., Passport/Digital Identity Card, but with One-to-Many checks indicating a ‘database’ type facilitated experience.
It is essential to critically evaluate each option based on their pros and cons, considering factors such as interoperability, security, efficiency, privacy, and feasibility. A balanced solution that addresses these concerns is crucial for the successful digitalisation of travel documents.
So, the answer is DTC then?
Of key concern for the majority of Options presented is that the EC is publicly consulting to use the DTC Standard. It must be iterated and understood that ICAO’s DTC is not an agreed standard. What exists today is a set of Guidelines for developing DTCs, it does not yet have the rigour of debate and agreement against it, yet. By contrast we do have ICAO 9303, the globally recognised standard, first issued in 1980, for physical passports (indeed it is ICAO 9303 documents that Type 1 and Type 2 DTCs are derived from).
Of further concern would be that given Type 1 and Type 2 DTC are derived from the physical eMRTD we are essentially proposing the same functionality. Surely a benefit of a Digital Travel Credential is to more than just the status quo. Is this not the opportunity to bring together disparate information (in the hands and control of the traveller) for other critical components of their travel journey, not least Visa/ETA and vaccinations?
The adoption of the DTC has also raised significant privacy concerns that must be carefully addressed to protect personal information and maintain public trust. Some of the main privacy concerns associated with DTC include:
- Data security and breach risks: Digital travel documents store sensitive personal information, making robust data security measures essential. Inadequate encryption and secure storage can increase the risk of data breaches, identity theft, and fraudulent activities.
- Data retention and consent: Clear guidelines are necessary to establish data retention periods and obtain explicit consent for the collection and storage of personal information. Without proper regulations in place, there is a risk of privacy infringements and potential misuse of data.
- Third-party access and sharing: The participation of multiple stakeholders, such as travel authorities and service providers, raises concerns about third-party access to personal data. Strict protocols and agreements should govern data access to prevent unauthorized sharing and protect individual privacy.
- Profiling and tracking risks: Comprehensive personal information stored in digital travel documents must be safeguarded against potential misuse for profiling and tracking purposes. The creation of centralised databases should be avoided to mitigate the risk of privacy violations.
- Lack of selective disclosure, which could result in excessive sharing of personal information without providing individuals control over what data is shared. This could potentially lead to privacy breaches and the misuse of personal data.
Ultimately the DTC does needs to and should evolve as a standard, this may be as an extension to ICAO 9303 or in its own right. That standard must take full account of technical and functional advancements it can offer, the security & privacy it must observe and last, but by no means least, future proof as best possible against the existing and future threats to identity theft it could unwittingly offer to criminals and terrorists including morphing, generative AI, and quantum computing.
Moving Forward
We support the role of international standards when it comes to the security and facilitation of travel. The ICAO 9303 document standard that underpins the ubiquitous Passport has evolved and facilitated cross border travel since its first edition formally published in 1980.
We feel that the DTC should be standardised and embraced globally just as ICAO 9303 has for the physical passport, with a few specific caveats; it must be:
- Formally established as a Standard as opposed to a set of guiding principles.
- Privacy must come into alignment with best in breed concepts such as selective disclosure.
- Security mechanisms must be formalised and enhanced to meet the forthcoming cyber-security challenges from, not least, quantum computing.
- Expanded to include optional critical travel ‘documentation’ such as Visa, Residency, Electronic Travel Authorisation and Vaccination statuses.
With privacy and efficacy concerns addressed an Internationally recognised and adopted DTC Standard should be the mechanism for establishing trust in a digital travel ecosystem.
Conclusion
After examination of the six options presented in the European Commission's call for evidence on digitalising travel documents, it becomes evident that none of these options provide a comprehensive, privacy-conscious, and future proofed solution. While each option carries its advantages, they also all come with significant drawbacks and in many cases fail to address critical concerns related to privacy, security, and interoperability.
Among the presented options, the adoption of the ICAO Digital Travel Credential (DTC) initially seems promising due to a recognised framework and potential efficiency gains. However, it must be acknowledged that the DTC falls short in meeting all privacy aspects, particularly selective disclosure. Privacy concerns, such as data security risks, third-party access, and potential misuse of personal information, raise valid concerns that cannot be overlooked.
Considering these shortcomings, it is apparent that the most sensible option moving forward is to adopt and enhance the DTC, addressing its privacy-related limitations and improving its technical and functional offerings. Enhancements must focus on strengthening data security measures for the short and medium term, ensuring proper consent and selective disclosure mechanisms, improving its scope for all identity related travel credentials and attributes, and establishing robust privacy safeguards throughout the digital travel document system.
To make the DTC safe and privacy-conscious, it is crucial to continue to engage relevant stakeholders, including privacy experts, technology specialists, travel authorities, and operator associations. This collaboration must lead to the development of comprehensive standards and regulations that prioritize data protection, consent management, and secure storage of personal information.
Additionally, incorporating privacy-by-design principles into the DTC will ensure that privacy considerations are integrated from the outset. This entails implementing strong encryption protocols, minimising the collection of unnecessary personal data, and providing individuals with transparent control over their information.
So as a final point of view, Option 7 is presented here for consideration
Our option 7: Utilise lessons leaned from 50 years of the ICAO 9303 standard and develop the DTC into an agreed international standard that will allow innovation by industry to provide a digitally enhanced seamless travel experiences. The EC, its Member States and Travel Industry stakeholders should engage and ensure that the DTC Guidelines are translated into an agreed Internationally supported and adopted International Standard that takes account of the security, privacy, and efficacy of the traveller’s data.