Updated: Oct 15, 2022
The information to the ESTA submitted by applicants can only be accessed by those who are required to deal with it. All data is strictly controlled and the standards of security are privy to the industry standards found in similar screening programs for travellers.
Data is not shared frivolously and remains within rules set out by the Privacy Act System of Records Notice and these regulations can be found on the DHS website. There are a few instances where data may be shared outside of the ESTA framework. Those instances include:
The carriers only have access to your status. They receive no personal information other than that directly pertaining to the travel authorization.
Generally the information remains active for as long as your travel authorization is active, which is a period of two years. This can be shorter if your travel authorization expires sooner than expected for any reason, for example, your passport expires before the official expiry date of your travel authorization, whereby your TA will automatically expire along with your passport.
After your Travel authorization has expired, the DHS will hold onto the data for a further year.
After this period, your information will then be archived for a further twelve years.
Data being used for the following reasons will be kept for the span of the activities they are in use for:
All data is archived after expiry of the travel authorization. This is to ensure the availability of the information so that it can be recovered should it be needed for national security, investigation, and other related law enforcement purposes.
There is limited access to the data after it has been archived and it will be recalled only for the purposes mentioned above.
If you hold a passport from a visa waiver country such as the UK, Ireland, Australia, New Zealand or other Western European Country, and wish to obtain an ESTA for tourist, business, medical or transit purposes, get started on your application now: