New York—On February 9, 2026 the Global Business Travel Association (GBTA) released its formal comments opposing Customs and Border Protection’s plan to require Visa Waiver travellers to disclose five years of social-media handles, past phone numbers and extensive family data when applying for an Electronic System for Travel Authorization (ESTA).
GBTA chief executive Suzanne Neufang told CBP the proposal “poses significant operational and economic risks,” arguing it will lengthen application times, clash with EU and U.K. privacy law and prompt corporations to re-route meetings to easier destinations. The association’s economic model projects that every 1 percent decline in VWP arrivals would cost the United States $1.6 billion in visitor spending and 12,000 jobs.
Beyond privacy, GBTA highlighted practical snags: many travellers cannot recall historic user names; collecting IP addresses could force applicants to list hotel or airport Wi-Fi nodes; and consulates lack the staffing to review the flood of extra data. The group urged CBP to limit new fields to those with “clear, evidence-based security utility,” adopt a phased roll-out and guarantee automatic data deletion after a defined retention period.
![Business-travel industry warns CBP that proposed ESTA data grab could deter visitors]()
If your organization is wondering how to navigate these evolving entry requirements, VisaHQ can help. The platform’s U.S. portal (https://www.visahq.com/united-states/) simplifies ESTA submissions, monitors regulatory changes in real time, and offers centralized tools for corporate travel departments to track application progress and ensure compliance—minimizing disruption even as CBP rules shift.
For mobility managers the stakes are considerable. Corporate travellers from 40 VWP countries account for a third of inbound business-trip volume; added friction could delay client-site visits, project kick-offs and conference attendance. GBTA recommends companies file their own comments before the February 9 deadline, alert travel-booking teams to possible ESTA slow-downs later this year and budget for contingency visas where time-sensitive visits are critical.
CBP must now review stakeholder feedback and decide whether to publish a final rule or issue a revised notice. Industry observers expect a scaled-back version by late summer, but warn that failure to address privacy concerns could trigger lawsuits similar to those that delayed previous digital-visa expansions.
GBTA chief executive Suzanne Neufang told CBP the proposal “poses significant operational and economic risks,” arguing it will lengthen application times, clash with EU and U.K. privacy law and prompt corporations to re-route meetings to easier destinations. The association’s economic model projects that every 1 percent decline in VWP arrivals would cost the United States $1.6 billion in visitor spending and 12,000 jobs.
Beyond privacy, GBTA highlighted practical snags: many travellers cannot recall historic user names; collecting IP addresses could force applicants to list hotel or airport Wi-Fi nodes; and consulates lack the staffing to review the flood of extra data. The group urged CBP to limit new fields to those with “clear, evidence-based security utility,” adopt a phased roll-out and guarantee automatic data deletion after a defined retention period.
If your organization is wondering how to navigate these evolving entry requirements, VisaHQ can help. The platform’s U.S. portal (https://www.visahq.com/united-states/) simplifies ESTA submissions, monitors regulatory changes in real time, and offers centralized tools for corporate travel departments to track application progress and ensure compliance—minimizing disruption even as CBP rules shift.
For mobility managers the stakes are considerable. Corporate travellers from 40 VWP countries account for a third of inbound business-trip volume; added friction could delay client-site visits, project kick-offs and conference attendance. GBTA recommends companies file their own comments before the February 9 deadline, alert travel-booking teams to possible ESTA slow-downs later this year and budget for contingency visas where time-sensitive visits are critical.
CBP must now review stakeholder feedback and decide whether to publish a final rule or issue a revised notice. Industry observers expect a scaled-back version by late summer, but warn that failure to address privacy concerns could trigger lawsuits similar to those that delayed previous digital-visa expansions.
