✈️ Does Ryanair’s biometric verification process violate GDPR principles like lawfulness, fairness, and transparency and also “introduce risks including data breaches, identity theft, and unwarranted surveillance”? 👀 A complaint filed against Ryanair centres around changes to Ryanair’s identity verification process introduced in December 2023. 👣 The airline uses an identity verification process using facial recognition for all users without a Ryanair account, purportedly to “protect customers from internet scams”. 📱 Even customers “booking through online travel agencies (OTAs) undergo biometric verification,” said EU Travel Tech. ⚖️“Ryanair’s biometric verification process violates the principles of lawfulness, fairness and transparency required by the GDPR,” the press release said. A European travel tech industry group filed two separate complaints on Tuesday (21 May) to French and Belgian data protection authorities over Ryanair’s use of biometric data, according to a press release shared with Euractiv. 🚷It called for a fine & an immediate halt to Ryanair’s biometric data processing until data protection authorities rule on their complaints. “We urge the data protection authorities to […] take immediate provisional measures” to halt Ryanair’s biometric verification process and impose “an effective, proportionate and dissuasive fine”, the EU Travel Tech press release said. The European Center for Digital Rights (Noyb), an Austrian non-profit, also filed a complaint with the Spanish data protection authority in July 2023 over Ryanair’s biometric verification process. Under GDPR, there is no justification for Ryanair to use facial recognition when users book flights through an online travel agent and not directly on Ryanair’s website, said Nyob.
Clare Daly CIPP/e’s Post
More Relevant Posts
-
This hits home real hard for me as a frequent flyer who enjoys the convenience of travelling dirt cheap. I’ve noticed that recently when you book with third party/online travel agency (OTA), Ryanair requires to verify your identity before check-in by providing them with a clear shot of your ID and a full-on facial scan. It not only allows you to skip any extra issues with the OTA and transfers your booking to you directly, also it is the only feasible option to unlock check-in. At first, it seems a bit intrusive verification to prove you being a real passenger. As before check-in you are required to register/sign into your account with the airline, and OTA have provided you with the email and the reservation number for the flight. Thus the additional biometric verification seems completely unnecessary. Why to go through such drastic verification measures instead of proposing a simple email change to continue communication directly with the passenger? In this case, the real problem arises when you discover your options. The imbalance of power becomes too obvious, when the “trap of cheap” has closed on you. Ryanair leaves their clients with very limited choice: It’s either you have a few options of flights on their website (most of which will not fit your schedule); or when booking with an OTA, you “freely” consent to sharing biometric data with an unknown third party for identity verification. Of course a few other “convenient” choices include: Arriving at least 2 hours before your flight to Check-In at the airport (possible fees twice the price of your ticket); Verifying your identity via providing a photo of your ID, which may take up to a week. It leaves us with the obvious fast-track choice of oversharing, otherwise we may end up losing money or missing the flight. As Ryanair holds a fair share of the market, this might be considered as an abuse of power and unfair business practice. Although Ryanair claims this procedure is used only for security compliance reasons, the true motive might be the switch in customer behaviour. Although, the real reason for such practice seems unclear, it is a clear violation of customers’ privacy, thus the lawsuit is a relevant measure to eliminate such verification requests. Let’s wait and see what happens next! #Ryanair #privacylawsuit #dataprivacy #ryanairlawsuit https://lnkd.in/dC-BnUia
Ryanair Hit With Lawsuit Over Use of Facial Recognition Technology
darkreading.com
To view or add a comment, sign in
-
While over the past decade personal data privacy has been the buzzword permeating our lives, not many of us give second thought while sharing our passport, Aadhaar etc. while checking into hotels. What happens to those photocopies and digital copies of our documents? When these make their way to the ID black market, they can be used for financial frauds impacting our credit scores, taking SIM cards that can be used for criminal activities or even money laundering. The Digital data protection act might be a good moment not only for safeguarding travelers’ data, but also making the age old process of check-in at the end of hectic journey hassle free. #dpdpbill2023 #dataprotection #checkin #hospitality
India's Hospitality Sector is at a Digital Crossroads: The Digital Personal Data Protection Act of 2023 is transforming the way the industry handles personal data. But what does this mean for hotels, OTA's, and other establishments? How will complex ownership structures and new KYC protocols reshape the landscape? Dive into the Intricacies of Data Management, KYC Protocols, and Emerging Challenges. Read now to streamline privacy compliance in hospitality! https://zurl.co/Cna4 #DPDPAct2023 #DataPrivacy #DataSecurity #Hospitality #Compliance
India’s Digital Personal Data Protection Act 2023 – Impact on the Hospitality Sector
https://www.idcentral.io
To view or add a comment, sign in
-
India's Hospitality Sector is at a Digital Crossroads: The Digital Personal Data Protection Act of 2023 is transforming the way the industry handles personal data. But what does this mean for hotels, OTA's, and other establishments? How will complex ownership structures and new KYC protocols reshape the landscape? Dive into the Intricacies of Data Management, KYC Protocols, and Emerging Challenges. Read now to streamline privacy compliance in hospitality! https://zurl.co/Cna4 #DPDPAct2023 #DataPrivacy #DataSecurity #Hospitality #Compliance
India’s Digital Personal Data Protection Act 2023 – Impact on the Hospitality Sector
https://www.idcentral.io
To view or add a comment, sign in
-
Read: Navigating The New Data Privacy Laws in the Travel Industry ✈️ In today’s digital age, the travel industry has become increasingly reliant on the collection and processing of user data to provide personalized and convenient services. However, with great power comes great responsibility, and ensuring the privacy and security of customer data has become a top priority. The recently enacted Data Protection and Digital Privacy (DPDP) Act has set stringent guidelines for how travel companies handle user data, emphasizing the importance of explicit user consent. Read about what this means for travel companies.
Navigating The New Data Privacy Laws in the Travel Industry
https://www.travellaw.in
To view or add a comment, sign in
-
Not just travel sector but may other sectors such as logistics, trade show organisers, eCommerce, etc. The bill discourages the practice of data hoarding which requires a radical shift in thinking about customer data. #dpdpbill #cybersecurity #travel
New data law may make the trip tough for travel sector - ET CISO
ciso.economictimes.indiatimes.com
To view or add a comment, sign in
-
Another two companies decided to partner-up in order to realize #privacy preserving #decentralized, digital identities in Europe - use case: Travel credential Want to know how #bosch can make use of this upcoming ecosystem of verifiable, people ID information for example in #digitalhr - contact me 😉 #verifiablecredentials #ssi #digitalidentity
SITA and Indicio announce a co-innovation agreement to accelerate the development of digital identities
sita.aero
To view or add a comment, sign in
-
✈️ The Department of Transportation (DoT) recently announced that it intends to conduct a privacy review of ten US-based airlines. Read our blog here: https://bit.ly/4aNZq0c ▶️ This first privacy review intends to confirm whether airlines are “properly safeguarding their customer’s personal information,” and “unfairly or deceptively monetizing or sharing that data with third parties.” While this review has the potential to confirm sound practices and enhance consumer trust in a challenging industry, any regulator focus also carries potential risk. Negative findings by the DoT could result in fines and penalties for offending airlines. ✅ It is exciting to see privacy receive such focus in a critical industry, and at a crucial time. As David McInerney, Commercial Manager at Cassie says, “The US Department of Transportation’s initiative to review the privacy practices of the nation’s largest airlines emphasizes the importance of consent, not only in the airline industry, but across all sectors.” Read more here: https://bit.ly/4aNZq0c #DataPrivacy #DepartmentofTransportation #PrivacyRegulations #Compliance #Consent #CustomerExperience
Sky High Standards: Airlines Prep for DoT Privacy Scrutiny
https://trustcassie.com
To view or add a comment, sign in
-
On Thursday, US DOT Secretary Buttigieg announced a new DOT initiative to review the policy practices of US airlines to ensure the protection of passengers’ personal information. This review will examine airline policies and procedures regarding the collection, handling, maintenance, and use of passengers’ personal data and potential monetization or sharing of that data with third parties. This privacy review program is being led by the DOT’s Office of Aviation Consumer Protection (OACP). In connection with this program, OACP has already requested that the ten largest US airlines provide information on their policies, procedures, and personnel training relating to the collection, maintenance, handling, and use of passenger data and on any complaints received regarding airline employee or contractor mishandling of personal information or other airline violations of passenger privacy. Although the privacy review program is new, this is not the first time the DOT has addressed the need to protect passenger privacy. The DOT considers violation of passenger privacy protections an unfair or deceptive practice. See DOT, Defining Unfair or Deceptive Practices, 85 Fed. Reg. 11,881, 11,884 (Feb. 28, 2020). In May 2020, Airlines for America (“A4A”) and IATA requested clarification that the DOT is the “sole regulator of privacy-related conduct for air carriers, foreign air carriers, and ticket agents.” Further, they requested that the DOT include a provision in its regulations as to unfair or deceptive practices expressly addressing the collection, maintenance, and mishandling of private information. The DOT declined to adopt the proposal stating that if it were to “adopt detailed privacy regulation affecting air transportation and the sale of air transportation, it should first engage in the full notice-and-comment procedures of the APA, as well as the procedures outlined in [its final rule defining unfair or deceptive practices].” It is unclear whether the newly announced initiative is the first step towards the DOT issuing a rulemaking specifically addressing the protection of passenger data. https://lnkd.in/ezTdCW36
Secretary Buttigieg Announces First Industry-Wide Privacy Review of U.S. Airlines
transportation.gov
To view or add a comment, sign in
-
Inquiry concerning Airbnb Ireland UC June 2023 (IN-22-3-1) Date of Decision: 21 June 2023 In light of the infringements of Article 5(1)(c) and Article 5(1)(e), the DPC issued a reprimand to Airbnb pursuant to Article 58(2)(b) of the GDPR. In addition, the DPC made the following orders against Airbnb pursuant to Article 58(2)(d) to remedy the infringements identified in this case and to prevent similar infringements occurring with regard to data subjects in the future in similar circumstances: -Delete from all of its systems and records the redacted and out-of-date copies of the complainant’s identity documents that the complainant attempted to upload. -Delete from all of its systems and records the identity documents that the complainant uploaded (keeping only a record that such documentation was submitted as well as the date of submission). -Subject to compliance with EU and Member State law, revise its internal policies and procedures concerning user identity verification to ensure that (i) once the identity of data subjects has been verified to Airbnb’s satisfaction, Airbnb discontinues the practice of retaining improperly redacted and/or out-of-date identity documents that may be submitted by data subjects as part of the identity verification process, and (ii) the period for which valid or fraudulent/illegitimate identification documents (which includes identification documents validly redacted in accordance with laws which require certain redactions) submitted by data subjects as part of the identity verification process are stored is limited to a strict minimum (in accordance with Recital 39 of the GDPR).
To view or add a comment, sign in
-
Market Research Reveal: Albanian Travel Agencies' Privacy Policies 🌍 Our team has completed an analysis of privacy policies across various travel agencies in Albania. The study was meticulously designed to evaluate key aspects such as Compliance (C), Data Security (DS), Data Collection Practices (DCP) and User Rights (UR) among others. 🔑 Key Insights: 1. Compliance Variability. The level of adherence to data protection regulations varied significantly among agencies. 2. Data Security Concerns. Data security practices were inconsistent, with some agencies demonstrating satisfying measures and others showing potential vulnerabilities. 3. Inconsistent Attention to User Rights. While some agencies are attentive to user rights within their privacy policies, this is not a uniform practice across the board. 📈 Implications for the Industry: For Travel Agencies. This analysis underscores the importance of regularly reviewing and updating privacy policies and data security measures. Ensuring that these policies are in line with current regulations is crucial for building customer trust. For Travelers. Awareness is key. Our findings provide insight into the varying levels of data protection among different agencies, helping you make more informed decisions when selecting your travel partners. 💡 We are committed to bringing more such insights to light, aiding both the industry in elevating its standards and customers in making informed decisions. #TravelDataPrivacy #AlbaniaTourism #MarketResearch #DigitalSecurity #TravelIndustry
To view or add a comment, sign in
GRC Professional Support Specialist | * AI Comp Sci 🤖 + Law ⚖️ * | 🌈♾️ Mom of 3 | Avid 🪴🧳👩🍳📚
2moPlease remind me to tell you about the Afrikaans tests.