In a significant shift, Airlines and IATA, update travel guidance, formally recognizing Somaliland’s visa-on-arrival as a separate, secure destination following a massive data breach in Mogadishu
HARGEISA/NAIROBI— In a stark repudiation of Somalia’s digital governance, three major aviation entities have updated their travel guidance to confirm that passengers flying to the Republic of Somaliland can obtain visas on arrival, explicitly distinguishing its secure, self-run border controls from the compromised e-Visa system of the federal government in Mogadishu.
The moves by the International Air Transport Association (IATA), FlyDubai, and Ethiopian Airlines this week came as the United States issued an urgent security alert following a large-scale breach of Somalia’s e-Visa platform that exposed the personal details of tens of thousands of applicants, including diplomats and aid workers.
The updates underscore a long-standing reality on the ground: Somaliland operates its own stable and orderly immigration system, entirely separate from the chaos and insecurity plaguing Somalia.
“What we are witnessing is a flight-shaming of Somalia’s digital infrastructure and a vote of confidence in Somaliland’s proven, on-the-ground procedures,” said Anwar Hussein, a Nairobi-based aviation analyst. “The airlines are not making a political statement; they are responding to operational realities and passenger safety. Somaliland’s airports are secure, its visa process is straightforward, and it doesn’t rely on a vulnerable digital system that has just endangered thousands.”
The chain of updates began yesterday when IATA, the global trade association for airlines, revised its Timatic database, the system used by airlines worldwide to verify travel document requirements. IATA’s notice stated that visa-on-arrival is available at Somaliland’s Hargeisa Egal International Airport (HGA) and Berbera Airport (BBO), explicitly listing Hargeisa as a destination where passengers can receive visas upon landing.
Shortly afterward, FlyDubai revised its travel advisory, confirming the same for both airports and directing its passengers to follow Somaliland’s entry procedures, not Somalia’s.
The most direct clarification came from Ethiopian Airlines, which issued a bulletin stating that Somalia’s e-Visa requirements “do not apply to passengers arriving at Berbera (BBO) or Hargeisa Egal International (HGA).” The airline reinforced that passengers to Somaliland may obtain visas on arrival, a clear acknowledgment of the country’s independently administered borders.
The updates highlight a dramatic contrast between the two territories. While Somaliland has maintained a reputation for stability and predictability in the Horn of Africa, Somalia’s federal government is reeling from a catastrophic failure of its digital sovereignty.
The breach, first reported by outlets including Saxafi Media and the Somaliland Chronicle, exposed more than 35,000 visa applications, containing passport scans, photographs, itineraries, and contact details. Security analysts have described the trove as a potential “kill list” for the al-Qaeda-linked militant group Al-Shabaab.
“This was an avoidable disaster,” said a European data protection consultant who reviewed the exposed data and spoke on the condition of anonymity due to the sensitivity of the information. “The system aggregated incredibly sensitive data for a high-risk environment without the basic cybersecurity disciplines. It was a standing invitation for exploitation. Somalilanders with European passports whose data was breached could have grounds to sue both the data controller, Somalia, and the data processors, the airlines that adopted this vulnerable system, under GDPR regulations.”
The crisis is set to deepen. According to reports from Somaliland media, Mogadishu plans to introduce a new measure on Nov. 27 requiring all passengers headed to Somaliland to obtain prior authorization through its e-Visa platform, a move critics are calling an “e-extortion” scheme designed to cut off Somalilanders from their own country.
“The aim is to link the system directly to airlines’ passenger data systems, giving Mogadishu and its partner Al-Shabaab enhanced access to travelers’ personal details,” said a commentator on Horn of Africa affairs. “They intend to have total control over who can and cannot enter Somaliland. They have no idea how this war they declared on Somaliland will end and at what cost to them.”
For now, the aviation world is voting with its databases. By directing passengers to follow Somaliland’s own rules, global travel systems are, in practice, treating the region as what it has long claimed to be: a separate, well-managed, and reliable nation.
