The United States is considering a major expansion of the personal information it collects from foreign visitors, marking a significant potential shift in how travellers are screened before entering the country. Under a proposal released by U.S. Customs and Border Protection (CBP) and the Department of Homeland Security (DHS), most visitors using the Visa Waiver Program would be required to provide far more detailed background information as part of the Electronic System for Travel Authorization (ESTA). The proposal reflects growing concern within U.S. security agencies about identifying potential risks earlier in the travel process, but it has also sparked widespread debate about privacy, proportionality, and the future of international travel to the United States.

At the center of the proposal is a requirement for ESTA applicants to disclose extensive digital and contact histories. Travellers could be asked to submit information about their social media activity going back five years, including the platforms they use and associated account identifiers. In addition, the proposal would require up to ten years of email addresses and other contact details. U.S. officials argue that this information would help build a more complete picture of travellers before they arrive, allowing authorities to flag potential security concerns earlier and reduce reliance on screening conducted only at airports or borders.

Beyond social media and email history, the proposal outlines a much broader collection of personal data. Applicants may be required to provide phone numbers, IP addresses, and photo metadata linked to images they submit. The plan also calls for collecting detailed information about close family members, such as names, dates of birth, and contact information. Perhaps most controversially, the proposal signals that biometric data could be expanded in the future. While facial scans and fingerprints are already used in many border processes, the document suggests that additional biometric identifiers—including, in theory, DNA—could be incorporated “when feasible,” though no clear timeline or method has been defined for such measures.

U.S. officials defend the proposal as a necessary modernization of border security. They argue that threats increasingly emerge online and across digital networks, making traditional screening tools insufficient on their own. By reviewing information earlier and in greater depth, authorities believe they can better identify individuals who may pose security, immigration, or fraud-related risks before those individuals ever board a plane. The proposal is currently subject to a public comment period lasting approximately 60 days, during which individuals, advocacy groups, and industry stakeholders can submit feedback. Only after this process would the government decide whether to finalize the rule, with implementation unlikely before 2026 at the earliest.

If adopted, the changes would affect millions of travellers from countries participating in the Visa Waiver Program, including the United Kingdom, most European Union member states, Japan, Australia, and South Korea. Civil liberties organizations and digital rights groups have raised strong objections, warning that the policy could misinterpret online posts taken out of context or written years earlier. Critics also argue that mandatory disclosure of social media activity could discourage free expression, as travellers may feel pressure to self-censor online to avoid potential scrutiny. Concerns have also been raised about data security, misuse of sensitive personal information, and the long-term storage of data belonging to individuals who are not suspected of any wrongdoing.

Further controversy surrounds plans to modernize the ESTA system itself by shifting applications toward a mobile app that could use facial recognition and geolocation tools. While CBP describes these changes as a way to streamline applications and reduce fraud, critics worry they could enable more extensive monitoring of visitors before and during their stay in the United States. Supporters of the proposal counter that reviewing publicly available online activity is a reasonable counter-terrorism and border management measure in a digital age. Opponents, however, fear the policy could deter tourism, prompt retaliation from other countries with similar requirements, and lead to legal challenges over privacy and free speech. As the public comment period continues, the proposal remains just that—a plan under consideration, not a finalized rule—but one with potentially far-reaching consequences for global travel.