Passenger Name Record
Encyclopedia
In the travel industry, a passenger name record (PNR) is a record in the database of a computer reservation system (CRS) that contains the itinerary for a passenger, or a group of passengers traveling together. The concept of a PNR was first introduced by airline
s that needed to exchange reservation information in case passengers required flights of multiple airlines to reach their destination (“interlining
”). For this purpose, IATA and ATA
have defined standards for interline messaging of PNR and other data through the "ATA/IATA Reservations Interline Message Procedures - Passenger" (AIRIMP). There is no general industry standard for the layout and content of a PNR. In practice, each CRS or hosting system has its own proprietary standards, although common industry needs, including the need to map PNR data easily to AIRIMP messages, has resulted in many general similarities in data content and format between all of the major systems.
When a passenger books an itinerary, the travel agent or travel website user will create a PNR in the computer reservation system it uses. This is typically one of the large Global Distribution Systems, such as Amadeus
, Sabre
, Worldspan
or Galileo
, but if the booking is made directly with an airline the PNR can also be in the database of the airline’s CRS. This PNR is called the Master PNR for the passenger and the associated itinerary. The PNR is identified in the particular database by a record locator
.
When portions of the travel are not provided by the holder of the Master PNR, then copies of the PNR information are sent to the CRSes of the airlines that will be providing transportation. These CRSes will open copies of the original PNR in their own database to manage the portion of the itinerary for which they are responsible. Many airlines have their CRS hosted by one of the GDSes, which allows sharing of the PNR.
The record locators of the copied PNRs are communicated back to the CRS that owns the Master PNR, so all records remain tied together. This allows exchanging updates of the PNR when the status of trip changes in any of the CRSes.
Although PNRs were originally introduced for air travel, they are now also being used for bookings of hotel
s, car rental
, railways, etc.
Once the booking has been completed to this level, the CRS will issue a unique alpha-numeric record locator, which will remain the same regardless of any further changes made (except if a multi-person PNR is split). Each airline will create their own booking record with a unique record locator, which, depending on service level agreement between the CRS and the airline(s) involved, will be transmitted to the CRS and stored in the booking.
A considerable amount of other information is often desired by both the airlines and the travel agent to ensure efficient travel.
This includes:
In more recent times, many governments now require the airline to provide further information included to assist investigators tracing criminals or terrorists.
These include:
, Galileo
, Worldspan
and Amadeus
.
This will include the passenger’s full name, date of birth, home and work address, telephone number, e-mail address, credit card details, IP address if booked online, as well as the names and personal information of emergency contacts.
Designed to “facilitate easy global sharing of PNR data,” the CRS-GDS companies “function both as data warehouses and data aggregators, and have a relationship to travel data analogous to that of credit bureaus to financial data.”. A canceled or completed trip does not erase the record since “copies of the PNRs are ‘purged’ from live to archival storage systems, and can be retained indefinitely by CRSs, airlines, and travel agencies.” Further, CRS-GDS companies maintain web sites that allow almost unrestricted access to PNR data – often, the information is accessible by just the reservation number printed on the ticket.
Additionally, “[t]hrough billing, meeting, and discount eligibility codes, PNRs contain detailed information on patterns of association between travelers. PNRs can contain religious meal preferences and special service requests that describe details of physical and medical conditions (e.g., “Uses wheelchair, can control bowels and bladder”) – categories of information that have special protected status in the European Union and some other countries as “sensitive” personal data.”
Despite the sensitive character of the information they contain, PNRs are generally not recognized as deserving the same privacy protection afforded to medical and financial records. Instead, they are treated as a form of commercial transaction data.
In the aftermath of the September 11, 2001 attacks, the US government determined that PNRs (both archived and real-time) were invaluable tools for investigating and thwarting terrorist attacks. Accordingly, the US government has sought the collection, transfer and retention of PNRs by the US Department of Homeland Security (DHS)
Bureau of Customs and Border Protection
.
In May 2004, the US government negotiated the 2004 Passenger Name Record Data Transfer agreement (aka. US-EU PNR agreement) – a safe harbor PNR transfer agreement with the European Commission. Specifically, the European Commission deemed that the level of protection afforded to such PNR transfers would satisfy the standard of “adequacy” required by the 1995 EU Data Directive, as long as the data would be transferred and used solely for the purposes for which it was collected. These purposes being limited to “preventing and combating: terrorism and related crimes; other serious crimes, including organized crime, that are trans-national in nature; and flight from warrants or custody for those crimes.” The US-EU-PNR agreement required European airlines to supply PNR data to US authorities within 15 minutes of a plane taking off. While this agreement was invalidated by the European Court of Justice
on May 30, 2006 due to lack of legal authority, the European Council
worked to substantively resurrect the agreement before the court-mandated deadline of September 30, 2006.
In July 2007, a new, controversial, PNR agreement between the US and the EU was undersigned. A short time afterward, the Bush administration
gave exemption for the Department of Homeland Security, for the Arrival and Departure System (ADIS) and for the Automated Target System from the 1974 Privacy Act, raising concerns from Statewatch
about the protection of EU citizens' data.
In February 2008, Jonathan Faull, the head of the EU's Commission of Home Affairs, complained about the US bilateral policy concerning PNR. The US had signed in February 2008 a memorandum of understanding (MOU) with the Czech Republic
in exchange of a visa waiver scheme, without consulting in advance with Brussels. The tensions between Washington and Brussels are mainly caused by a lesser level of data protection in the US, especially since foreigners do not benefit from the US Privacy Act of 1974
. Data privacy in the EU is regulated by the Directive 95/46/EC on the protection of personal data
, and the US Safe Harbor arrangement made to converge with European norms is still being controversial for alleged lack of protection. Other countries approached for bilateral MOU included the United Kingdom, Estonia, Germany and Greece.
Airline
An airline provides air transport services for traveling passengers and freight. Airlines lease or own their aircraft with which to supply these services and may form partnerships or alliances with other airlines for mutual benefit...
s that needed to exchange reservation information in case passengers required flights of multiple airlines to reach their destination (“interlining
Interlining
Interlining is a voluntary commercial agreement between individual airlines to handle passengers traveling on itineraries that require multiple airlines.-Agreements:...
”). For this purpose, IATA and ATA
Air Transport Association
Airlines for America , formerly known as Air Transport Association of America, Inc. , is America's oldest and largest airline trade association. A4A member airlines and their affiliates transport more than 90 percent of U.S. airline passenger and cargo traffic. Based in Washington, D.C., the...
have defined standards for interline messaging of PNR and other data through the "ATA/IATA Reservations Interline Message Procedures - Passenger" (AIRIMP). There is no general industry standard for the layout and content of a PNR. In practice, each CRS or hosting system has its own proprietary standards, although common industry needs, including the need to map PNR data easily to AIRIMP messages, has resulted in many general similarities in data content and format between all of the major systems.
When a passenger books an itinerary, the travel agent or travel website user will create a PNR in the computer reservation system it uses. This is typically one of the large Global Distribution Systems, such as Amadeus
Amadeus CRS
Amadeus is a computer reservations system owned by the Amadeus IT Group with headquarters in Madrid, Spain. The central database is located at Erding, Germany. The development center is located at Sophia Antipolis, France...
, Sabre
Sabre (computer system)
Sabre Global Distribution System , owned by Sabre Holdings, is used by more than 55,000 travel agencies around the world with more than 400 airlines, 88,000 hotels, 24 car rental brands, and 13 cruise lines...
, Worldspan
Worldspan
Worldspan is a provider of travel technology and content and a part of the Travelport GDS business. It offers worldwide electronic distribution of travel information, Internet products and connectivity, and e-commerce capabilities for travel agencies, travel service providers and corporations...
or Galileo
Galileo CRS
Galileo is a computer reservations system owned by Travelport. As of 2002, it had a 26.4% of worldwide CRS airline bookings.In addition to airline reservations, the Galileo CRS is also used to book train travel, cruises, car rental, and hotel rooms...
, but if the booking is made directly with an airline the PNR can also be in the database of the airline’s CRS. This PNR is called the Master PNR for the passenger and the associated itinerary. The PNR is identified in the particular database by a record locator
Record locator
A record locator is an alphanumeric code, typically 6 characters in length, used in airline reservation systems to access a specific record. When a passenger, travel agent or airline employee refers to a record locator they typically mean a pointer to a specific reservation which is known as a...
.
When portions of the travel are not provided by the holder of the Master PNR, then copies of the PNR information are sent to the CRSes of the airlines that will be providing transportation. These CRSes will open copies of the original PNR in their own database to manage the portion of the itinerary for which they are responsible. Many airlines have their CRS hosted by one of the GDSes, which allows sharing of the PNR.
The record locators of the copied PNRs are communicated back to the CRS that owns the Master PNR, so all records remain tied together. This allows exchanging updates of the PNR when the status of trip changes in any of the CRSes.
Although PNRs were originally introduced for air travel, they are now also being used for bookings of hotel
Hotel
A hotel is an establishment that provides paid lodging on a short-term basis. The provision of basic accommodation, in times past, consisting only of a room with a bed, a cupboard, a small table and a washstand has largely been replaced by rooms with modern facilities, including en-suite bathrooms...
s, car rental
Car rental
A car rental or car hire agency is a company that rents automobiles for short periods of time for a fee...
, railways, etc.
Parts of a PNR
From a technical point, there are five parts of a PNR required before the booking can be completed. They are:- The name of the passenger(s).
- Contact details for the travel agent or airline office. (The minimum contact information enforced by CRS policy is typically the 8-digit IATA code of the travel agency or airline office, although there is usually at least one phone number as well, most often the agency phone number. Direct customer contact information is rarely required.)
- Ticketing details, either a ticket number or a ticketing time limit.
- Itinerary of at least one segment, which must be the same for all passengers listed.
- Name of the person providing the information. (This is usually entered in a "received from" field and recorded in the "history" or change log attached to the PNR, along with the user and office or agency ID of the airline or travel agency employee creating the PNR or entering the change. The "history" records the "received from" data separately for the initial creation of the PNR and for each subsequent change to it.)
Once the booking has been completed to this level, the CRS will issue a unique alpha-numeric record locator, which will remain the same regardless of any further changes made (except if a multi-person PNR is split). Each airline will create their own booking record with a unique record locator, which, depending on service level agreement between the CRS and the airline(s) involved, will be transmitted to the CRS and stored in the booking.
A considerable amount of other information is often desired by both the airlines and the travel agent to ensure efficient travel.
This includes:
- Fare details, and any restrictions that may apply to the ticket.
- The form of payment used, as this will usually restrict any refund if the ticket is not used.
- Further contact details, such as agency phone number and address, additional phone contact numbers at passenger address and intended destination.
- Age details if it is relevant to the travel, e.g., unaccompanied children or elderly passengers requiring assistance. ** this must be added at the time the name is stored during step one above***
- Frequent flyer data.
- "Special Service Requests" (SSR) such as special meal requirements, seating preferences, wheelchairs, and other similar requests.
- "Optional Services instruction" (OSI), information sent to a specific airline, or all airlines in the booking, which enables them to better provide a service. This information can include ticket numbers, local contacts details (the phone section is limited to only a few entries), and other details such as a passenger's language or details of a disability.
- Vendor Remarks. VRs are comments made by the airline, typically generated automatically once the booking or request is completed. These will normally include the airline's own record locatorRecord locatorA record locator is an alphanumeric code, typically 6 characters in length, used in airline reservation systems to access a specific record. When a passenger, travel agent or airline employee refers to a record locator they typically mean a pointer to a specific reservation which is known as a...
, replies to special requests, and advice on ticketing time limits. While normally sent by the airlines to an agent, it is also possible for an agent to send a VR to an airline.
In more recent times, many governments now require the airline to provide further information included to assist investigators tracing criminals or terrorists.
These include:
- Passengers' gender
- Passport details- nationality, number, and date of expiry.
- Date and place of birth.
- WatchList exclusion number
Storage
The majority of airlines and travel agencies choose to host their PNR databases with a Computer Reservations System (CRS) or Global Distribution System (GDS) company such as SabreSabre (computer system)
Sabre Global Distribution System , owned by Sabre Holdings, is used by more than 55,000 travel agencies around the world with more than 400 airlines, 88,000 hotels, 24 car rental brands, and 13 cruise lines...
, Galileo
Galileo CRS
Galileo is a computer reservations system owned by Travelport. As of 2002, it had a 26.4% of worldwide CRS airline bookings.In addition to airline reservations, the Galileo CRS is also used to book train travel, cruises, car rental, and hotel rooms...
, Worldspan
Worldspan
Worldspan is a provider of travel technology and content and a part of the Travelport GDS business. It offers worldwide electronic distribution of travel information, Internet products and connectivity, and e-commerce capabilities for travel agencies, travel service providers and corporations...
and Amadeus
Amadeus CRS
Amadeus is a computer reservations system owned by the Amadeus IT Group with headquarters in Madrid, Spain. The central database is located at Erding, Germany. The development center is located at Sophia Antipolis, France...
.
Privacy concerns
Some privacy organizations are concerned at the amount of personal data that a PNR might contain. While the minimum data for completing a booking is quite small, a PNR will typically contain much more information of a sensitive nature.This will include the passenger’s full name, date of birth, home and work address, telephone number, e-mail address, credit card details, IP address if booked online, as well as the names and personal information of emergency contacts.
Designed to “facilitate easy global sharing of PNR data,” the CRS-GDS companies “function both as data warehouses and data aggregators, and have a relationship to travel data analogous to that of credit bureaus to financial data.”. A canceled or completed trip does not erase the record since “copies of the PNRs are ‘purged’ from live to archival storage systems, and can be retained indefinitely by CRSs, airlines, and travel agencies.” Further, CRS-GDS companies maintain web sites that allow almost unrestricted access to PNR data – often, the information is accessible by just the reservation number printed on the ticket.
Additionally, “[t]hrough billing, meeting, and discount eligibility codes, PNRs contain detailed information on patterns of association between travelers. PNRs can contain religious meal preferences and special service requests that describe details of physical and medical conditions (e.g., “Uses wheelchair, can control bowels and bladder”) – categories of information that have special protected status in the European Union and some other countries as “sensitive” personal data.”
Despite the sensitive character of the information they contain, PNRs are generally not recognized as deserving the same privacy protection afforded to medical and financial records. Instead, they are treated as a form of commercial transaction data.
Regulation of PNR transfers between the USA and the European Union
Access and transfer of PNRs fall under the purview of European Data Protection Law. Under the Organisation for Economic Cooperation and Redevelopment (OECD) 1980 Privacy Guidelines, and the 1995 European Union Directive on data protection, PNRs may only be transferred to countries with comparable data protection laws. Also, law enforcement authorities are permitted to access the passenger data only on a case-by-case basis, and where there exists a particular suspicion.In the aftermath of the September 11, 2001 attacks, the US government determined that PNRs (both archived and real-time) were invaluable tools for investigating and thwarting terrorist attacks. Accordingly, the US government has sought the collection, transfer and retention of PNRs by the US Department of Homeland Security (DHS)
United States Department of Homeland Security
The United States Department of Homeland Security is a cabinet department of the United States federal government, created in response to the September 11 attacks, and with the primary responsibilities of protecting the territory of the United States and protectorates from and responding to...
Bureau of Customs and Border Protection
U.S. Customs and Border Protection
U.S. Customs and Border Protection is a federal law enforcement agency of the United States Department of Homeland Security charged with regulating and facilitating international trade, collecting import duties, and enforcing U.S. regulations, including trade, customs and immigration. CBP is the...
.
In May 2004, the US government negotiated the 2004 Passenger Name Record Data Transfer agreement (aka. US-EU PNR agreement) – a safe harbor PNR transfer agreement with the European Commission. Specifically, the European Commission deemed that the level of protection afforded to such PNR transfers would satisfy the standard of “adequacy” required by the 1995 EU Data Directive, as long as the data would be transferred and used solely for the purposes for which it was collected. These purposes being limited to “preventing and combating: terrorism and related crimes; other serious crimes, including organized crime, that are trans-national in nature; and flight from warrants or custody for those crimes.” The US-EU-PNR agreement required European airlines to supply PNR data to US authorities within 15 minutes of a plane taking off. While this agreement was invalidated by the European Court of Justice
European Court of Justice
The Court can sit in plenary session, as a Grand Chamber of 13 judges, or in chambers of three or five judges. Plenary sitting are now very rare, and the court mostly sits in chambers of three or five judges...
on May 30, 2006 due to lack of legal authority, the European Council
European Council
The European Council is an institution of the European Union. It comprises the heads of state or government of the EU member states, along with the President of the European Commission and the President of the European Council, currently Herman Van Rompuy...
worked to substantively resurrect the agreement before the court-mandated deadline of September 30, 2006.
In July 2007, a new, controversial, PNR agreement between the US and the EU was undersigned. A short time afterward, the Bush administration
George W. Bush administration
The presidency of George W. Bush began on January 20, 2001, when he was inaugurated as the 43rd President of the United States of America. The oldest son of former president George H. W. Bush, George W...
gave exemption for the Department of Homeland Security, for the Arrival and Departure System (ADIS) and for the Automated Target System from the 1974 Privacy Act, raising concerns from Statewatch
Statewatch
Statewatch is a non-profit organization founded in 1991 that monitors the state and civil liberties in the European Union. It is composed of lawyers, academics, journalists, researchers and community activists. Its European network of contributors is drawn from 14 countries...
about the protection of EU citizens' data.
In February 2008, Jonathan Faull, the head of the EU's Commission of Home Affairs, complained about the US bilateral policy concerning PNR. The US had signed in February 2008 a memorandum of understanding (MOU) with the Czech Republic
Czech Republic
The Czech Republic is a landlocked country in Central Europe. The country is bordered by Poland to the northeast, Slovakia to the east, Austria to the south, and Germany to the west and northwest....
in exchange of a visa waiver scheme, without consulting in advance with Brussels. The tensions between Washington and Brussels are mainly caused by a lesser level of data protection in the US, especially since foreigners do not benefit from the US Privacy Act of 1974
Privacy Act of 1974
The Privacy Act of 1974, 5 U.S.C. § 552a, Public Law No. 93-579, establishes a Code of Fair Information Practice that governs the collection, maintenance, use, and dissemination of personally identifiable information about individuals that is maintained in systems of records by federal agencies...
. Data privacy in the EU is regulated by the Directive 95/46/EC on the protection of personal data
Directive 95/46/EC on the protection of personal data
The Data Protection Directive is a European Union directive which regulates the processing of personal data within the European Union...
, and the US Safe Harbor arrangement made to converge with European norms is still being controversial for alleged lack of protection. Other countries approached for bilateral MOU included the United Kingdom, Estonia, Germany and Greece.
External links
- PNR Observatory on StatewatchStatewatchStatewatch is a non-profit organization founded in 1991 that monitors the state and civil liberties in the European Union. It is composed of lawyers, academics, journalists, researchers and community activists. Its European network of contributors is drawn from 14 countries...
- custom railway PNR Status
- Indian Railways PNR System explained
- IRCTC PNR Status
- Track PNR Status