Definitions
- API refers to an electronic communication of passenger and crew data transmitted before arrival or departure.
- API System (APIS) is the electronic system collecting such data, which may include biographic details extracted from machine-readable travel documents.
- Commercial Carriers are entities offering passenger or goods transport services by air or sea for compensation.
- Passenger excludes crew members and others employed on board.
API Data Submission Requirement
- Captains, masters, agents, or owners of commercial carriers must submit API data for passengers, crew, and non-crew members to the Bureau of Immigration (BI).
- API acts as initial security screening but does not exempt individuals from physical inspection at immigration counters.
Data Standards and Transmission
- API data elements and transmission methods must comply with internationally recognized standards.
- BI ensures data collection is limited to the minimum necessary and that data integrity and security are maintained.
Security Vetting and Verification
- Upon receipt of API, BI conducts security vetting against internal databases and international law enforcement and sanctions lists.
- Errors in API data must be corrected after verification.
- Only the subject individual may access their own API data.
API Management and Access Control
- BI implements strict security measures to safeguard API data, limiting access to authorized personnel only.
Centralized Management
- BI is designated as the sole government agency to receive and manage API data.
Interagency Information Sharing
- BI may share API information with other government agencies tasked with security, immigration, law enforcement, customs, intelligence, and public health, subject to legal constraints.
- Recipient agencies are required to comply with the Data Privacy Act and relevant laws.
Sanctions and Penalties
- Unauthorized disclosure or misuse of API data is punishable under the Data Privacy Act and other applicable laws.
- Commercial carriers face fines and penalties for failure to provide accurate API data, regardless of clearance results.
- Omitted crew/non-crew members are subject to immigration protocols; passengers complicity may attract sanctions.
Data Retention
- Collected data is retained for a maximum of 12 months unless classified as terrorism- or crime-related.
- Data must thereafter be destroyed according to prescribed rules.
Funding
- Initial implementation funding is sourced from BI’s existing budget, with subsequent funding subject to normal budget procedures.
Implementing Rules and Regulations
- BI, in coordination with the National Privacy Commission and other stakeholders, shall issue implementing rules within 60 days of effectivity.
Repeal and Continuity
- Any conflicting orders or regulations are repealed or amended to conform with this Order.
Separability Clause
- Should any provision be invalid or unconstitutional, the remaining provisions remain effective.
Effectivity
- The Order takes effect immediately upon publication in the Official Gazette or a newspaper of general circulation.