Union Home Minister Amit Shah has introduced a new initiative aimed at expediting the immigration process for pre-verified Indian nationals and Overseas Citizen of India (OCI) cardholders.
Describing it as a "visionary initiative," Shah highlighted that the Fast Track Immigration-Trusted Traveler Programme (FTI-TTP) is specifically tailored to benefit Indian nationals and OCI cardholders.
Applicants are required to apply online and provide biometrics (fingerprints and facial image) along with other specified details in the application form. Registration for FTI-TTP will remain valid for up to five years or until the passport expires, whichever is sooner.
This comes as privacy concerns have already been shrouding DigiYatra, a facility currently facilitating paperless journeys for domestic air travelers and requires biometric data in the form of facial scan of the travelers. It has lent to the uncertainty among many travelers as numerous individuals continue to be unaware of the mandatory/voluntary nature of participation, while some flag data privacy concerns.
What is FTI-TTP?
According to the Home Ministry officials, FTI-TTP resembles the United States' Global Entry Program, which expedites clearance for pre-approved, low-risk travelers upon their arrival at designated US airports.
After submitting the online application on the official website, approved applicants will receive instructions to schedule an appointment for biometric data submission. Biometrics can be provided at designated international airports in India or the nearest Foreigners Regional Registration Office (FRRO), based on the scheduled appointment.
The FTI-TTP will be launched at 21 major airports in the country. In the first phase, along with the Delhi airport, it will be launched at seven major airports — Mumbai, Chennai, Kolkata, Bengaluru, Hyderabad, Kochi and Ahmedabad.
Biometrics are mandatory for processing applications. Applicants must ensure their passport is valid for at least six months when applying for the FTI-TTP, as membership duration aligns with passport validity. Additionally, providing a current residential address is essential to avoid application rejection.
Providing incorrect or incomplete information in the application form may result in rejection. Moreover, applicants unable to have their biometrics captured for technical reasons will not be registered for the FTI-TTP.
The programme will roll out in two phases: the first phase will cover Indian citizens and OCI cardholders, while the second phase will extend to foreign travelers. The Bureau of Immigration will serve as the central authority overseeing the fast-track immigration process for various categories of travellers under the programme.
How will it work at the airports?
According to the official statement, the programme will utilise e-gates or automated border gates to reduce human involvement in the immigration-clearance process.
Following necessary verification, a White List of "Trusted Travelers" will be compiled and implemented through e-gates. Biometric data of "Trusted Travelers" will be captured either at the FRRO office or during their passage through the airport.
Upon reaching an e-gate, registered passengers will scan their airline-issued boarding pass to confirm flight details. Additionally, their passport and biometric data will be scanned and authenticated at the e-gate.
Once the passenger's identity is confirmed and biometrics authenticated, the e-gate will open automatically, granting immigration clearance.
The programme aims at significantly reducing congestion at airports by offering expedited immigration clearance for pre-verified travellers, both arriving and departing, the Delhi International Airport Limited (DIAL) said in a statement.
The traditional process entailed travelers showing their tickets and essential travel documents at the respective airport boarding counter. After receiving the boarding pass, the passenger heads to immigration counter. After verifying passenger's passport and visa, the passport is stamped with departure date from India for the ongoing trip.
Surveillance risks and data protection gaps
Speaking to BOOM, Disha Verma from Internet Freedom Foundation highlighted why programmes, such as FTI-TTP, built on biometric are more vulnerable to risks. She said, "One of our biggest biometric exercise is the Aadhaar which takes our fingerprint and eye scan as biometric. We have seen multiple incidents of breach of Aadhaar related information and the associated biometric data."
Verma explained that biometric such as fingerprint, facial scan or genetic data are our permanent identifier, which once breached leave behind a permanent damage. Moreover, according to her, biometrics and especially facial data can become an easy channel for surveillance. "You do not need consent to capture someone's photo and it is also one of the most prominent identifier of humans."
She said, "I don't think so we realise how pervasive and intrusive surveillance systems can be. If this immigration clearance can be done via alternate means, then why implement such potentially dangerous system. There is obviously room for abuse as we do not have surveillance regulations in place."
In India, data during surveillance is not collected through the act of receiving consent nor it is limited to an event. It can be round the clock and sometimes even without the knowledge of the person being surveilled, Verma added.
According to Kamesh Shekar, programme manager at Delhi-based think tank The Dialogue, data protection does not mean that we do not share our data, rather "it means sharing data where it is appropriate for the service you avail while the entity collecting it makes sure that data is safeguarded and taken in a for a lawful purpose".
He said, "The question should not be that if such services should exist or not, because other countries like America has similar system. We should focus on the other side of the coin which is, how is the data being protected of the people who are trading it off for a service."
Shekar felt that the FTI-TTP is at a very early stage early as we do not have answers regarding who has access to the data and whether on not purpose limitation will be taken into account. He said, "When the Digital Personal Data Protection Act, 2023 (DPDP) actually comes to play, such programmes could be more closely monitored and data protection will be looked at as a compliance requirement."
However, according to Verma, even if DPDP becomes operational, the Act does not have a distinction between sensitive and non-sensitive personal data which does not make it very helpful. "Sensitive data such as financial, biometric or sexual orientation data which can cause a lot of harm if breached, are not specifically protected under it," she said.
As a country, we need to establish some checks and balances in this area. The state is currently the largest data processor in India, and this represents a glaring loophole in the DPDP, Verma added.