Saint Christopher and Nevis Advanced Passenger Information and Passenger Name Record (Amendment) Bill, 2025

The Advanced Passenger Information and Passenger Name (Amendment) Act, 2025 of Saint Christopher and Nevis modifies the Advanced Passenger Information and Passenger Name Act of 2024, primarily to reinforce the role of the Competent Authority in receiving, validating, and processing passenger data before its onward transmission to the Implementation Agency for Crime and Security (IMPACS) via the CARICOM Electronic Manifest Single Window (CEMSIW). This amendment emphasizes a two-step process where the Competent Authority acts as the initial gatekeeper for all Advanced Passenger Information (API) and Passenger Name Record (PNR) data, ensuring its accuracy and compliance before it reaches IMPACS for security screening and analysis.

The amendment revises several key definitions within the Act to reflect this enhanced role of the Competent Authority. Definitions such as “Embarkation and Disembarkation data,” “CARICOM Advance Passenger and Crew Information System,” “PNR data transfer,” and “push method” are all reworded to explicitly state that data is first submitted to and processed by the Competent Authority. This clarifies the data flow and establishes the Competent Authority as the primary recipient and initial validator of passenger information. Additionally, the definition of “Watch List” is amended to provide flexibility in its application by IMPACS or other relevant authorities.

The amendment also modifies various sections of the Act to ensure the consistent application of this two-step process. Section 5, concerning the submission of API and PNR data, is amended to mandate the initial submission of data to the Competent Authority by aircraft and vessel operators. The Competent Authority is then responsible for processing and transmitting the validated data to IMPACS via CEMSIW. This process applies regardless of any commercial agreements between airlines, ensuring comprehensive data collection and preventing circumvention of the reporting obligations. Further, the amendment introduces a requirement for passengers and crew to submit embarkation and disembarkation data directly to the Competent Authority, again reinforcing its central role in data acquisition and management.

Section 7, dealing with the functions of the Minister, is amended to underscore the establishment of a Passenger Information Unit (PIU) to manage and conduct risk assessments. While the PIU retains its analytical function, the amendment clarifies that the data it receives will have already been processed and validated by the Competent Authority. This ensures that the PIU works with accurate and verified data, improving the effectiveness of its risk assessments. Similar amendments to Sections 9, 11, and 13 further solidify the Competent Authority’s role in data handling and dissemination, emphasizing its responsibility for initial processing, validation, and controlled sharing with IMPACS and other authorized entities.

The amendment further strengthens the Act by aligning it with international standards and best practices. Section 13 now requires that data collection and storage practices adhere to standards set by organizations like the International Civil Aviation Organization (ICAO), the International Air Transport Association (IATA), and the World Customs Organization (WCO). This promotes interoperability and ensures that Saint Christopher and Nevis’s passenger data collection framework is consistent with global norms. The amendment also mandates the use of secure data centers for data storage, enhancing data security and integrity.

Sections 17, 18, 23, 24, 25, and 26, all concerning the specific data elements and timelines for transmission of API and PNR data, are revised to reinforce the primacy of the Competent Authority. These sections now uniformly stipulate the initial submission of all relevant data to the Competent Authority. The Competent Authority then processes and validates this data before transmitting it to IMPACS via CEMSIW. This approach streamlines the data flow, ensures data quality, and empowers the Competent Authority to efficiently manage the information flow. The amendment also emphasizes adherence to internationally recognized data standards, as defined by organizations like IATA, ICAO, and the WCO, enhancing consistency and interoperability with international systems.

Finally, the Amendment Act addresses data retention and depersonalization. Section 31 clarifies that PNR data, after being received, validated, and transmitted by the Competent Authority to IMPACS, must be depersonalized within six months of the initial receipt by the Competent Authority. This measure safeguards privacy rights while allowing for data retention in ongoing investigations or immediate threat scenarios. Additionally, Schedule I parts A and B are repealed, and Schedules II, III, and IV are amended to specify precise timelines for data submission, accommodating various scenarios, including emergencies and technical failures, while Schedule VI is repealed altogether. These changes provide greater clarity and structure to the data submission process. In conclusion, the 2025 amendment reinforces the role of the Competent Authority as the crucial first point of contact for all passenger data, ensuring its quality and facilitating a more secure and efficient information flow within the established framework. This streamlined process enhances Saint Christopher and Nevis’s ability to manage passenger information effectively, aligning with international standards and prioritizing both security and privacy.