In March 2020, Frank van der Linde entered the immigration line for European Union citizens at Schiphol international airport in Amsterdam. Linde, a Dutch citizen and human rights activist, returned home from outside the EU, and the immigration officer asked him a series of questions about his trip. Linde thought it was a random check; after a few minutes, he was cleared for entry. But unbeknownst to Linde, his answers were recorded and shared with a Dutch public prosecutor, who collected information on Linde’s movements.

The official was notified of Linde’s arrival that day by a seemingly innocuous act that happens every time you board a flight to the United States, most of Europe, and anywhere else in the world—the exchange of detailed personal data about each traveler between airlines. and governments. The data, stored about you for years, is especially valuable for technology companies experimenting with the use of algorithms that can decide who is allowed to cross international borders.

Linde, who has not spoken publicly about homeless rights, anti-racism, and pacifism, was first secretly marked by the Dutch police in 2017 as a person of interest under the program of counter-terrorism in the municipality of Amsterdam. In July 2018, Linde had a “strange feeling” that she was being watched; he eventually sued the government more than 250 times under freedom of information laws to reveal the extent of the surveillance. Although Linde was removed in 2019 from the city’s watch list, after receiving a personal apology from the mayor of Amsterdam, the investigation continues. When Linde found out that the police put his name on an international travel alerthe wondered if they were also using his travel data to track him.

In October 2022, Linde requested his flight records from the government. The data, called the Passenger Name Record (PNR), is a digital trail of information related to the purchase of an airline ticket. PNR records are sent by most commercial airlines to the destination country about 48 to 72 hours before departure. While PNR records may seem harmless, they contain highly sensitive personal information, including the traveler’s address, cell phone number, date of flight booking, where the ticket was purchased, credit card and other payment information, billing address , baggage information, frequent flyer information, general comments related to the passenger, date of intended travel, complete travel itinerary, names of accompanying travelers, travel agency information, changes or ticket history, and so on.

In December 2022, more than two years after Linde passed through Schiphol, the Dutch PNR office, called the Passenger Information Unit, handed over 17 travel records to Linde. They stated that they did not share his data with others, but Linde was suspicious. He quickly filed an appeal. In March 2023, the Dutch government admitted that they had in fact shared Linde’s PNR details with border police three times, including the first on a flight in March 2020, when immigration officials were ordered to secretly take the information. (They also shared an additional seven flight records that they claim were found only in a second search.)

As Linde reviewed his PNR records, he was surprised to find that some of the travel data the government had on him was incorrect—some flights were missing, and in four cases, the government had record of flights he missed. For example, a PNR record from 2021 states that Linde traveled to Belfast, Northern Ireland; Linde said she reserved the ticket, but changed her plans and did not board the plane. “What do companies do with data?” Linde asked as she scrolled through copies of PNR records on her laptop. “If commercial companies help analyze the data incorrectly, you can draw all kinds of conclusions.”