In March 2020, Frank van der Linde entered the immigration line for EU citizens at Amsterdam’s Schiphol international airport. Linde, a Dutch citizen and human rights advocate, was returning home from outside the European Union, and the immigration officer asked several questions about the trip. Linde thought it was a random check; after a few minutes, it was cleared to enter. But unbeknownst to Linde, his answers were recorded and shared with the Dutch public prosecutor, who was gathering information about Linde’s movements. The officer was informed of Linde’s arrival that day through a seemingly innocuous act that happens every time you board a plane to the United States, most of Europe, and increasingly anywhere in the world—the exchange of personal data detailing each trip between the airline and the government. Data, stored about you for years, is increasingly valuable to tech companies trying to use algorithms that can decide who is allowed to cross international borders. , was first secretly flagged by Dutch police in 2017 as a person of interest in the Amsterdam municipality’s counter-terrorism program. In July 2018, Linde had a “strange feeling” that she was being watched; he will eventually sue the government over 250 times in the freedom of information law to reveal the extent of the surveillance. Although Linde was removed in 2019 from the city’s watch list, following a personal apology from the mayor of Amsterdam, the surveillance continues. When Linde learns that the police wrote her name on the international travel alert, she wonders if they are also using her travel data to track her down. In October 2022, Linde requested the flight records from the government. The data is called the Passenger Name Record (PNR), a digital trail of information related to the purchase of an airline ticket. PNR records are sent by most commercial airlines to the destination country about 48 to 72 hours before departure. While PNR records may seem harmless, they contain highly sensitive personal information, including travel addresses, mobile phone numbers, flight booking dates, where tickets were purchased, credit card and other payment information, billing addresses, baggage information, and frequent flyer information. , general remarks related to passengers, destination travel date, full travel schedule, accompanying travel name, travel agency information, ticket history changes, etc. In December 2022, more than two years after Linde passed through Schiphol, the Dutch PNR office, called the Passenger Information Unit, handed over 17 travel records to Linde. He stated that he did not share the data with anyone, but Linde was suspicious. He quickly filed an appeal. In March 2023, the Dutch government admitted that it had shared Linde’s PNR details with border police three times, including before a March 2020 flight, when immigration officers were ordered to take the information confidentially. (He also showed an additional seven flight records that he claimed were found only in the second search.) When Linde examined the PNR records, he was surprised that some of the travel data the government had was incorrect—some of the flights. disappeared, and in four cases the government has records of flights that never took place. For example, one PNR record from 2021 states that Linde traveled to Belfast, Northern Ireland; Linde said she had saved the ticket, but changed her plans and never got on the plane. “What do companies do with data?” Linde asked as she scrolled through a copy of the PNR record on her laptop. “If a commercial company helps analyze the wrong data, you can draw all kinds of conclusions.”
