Privacy group challenges Ryanair's use of facial recognition

FILE PHOTO-General view of the Ryanair logo at their headquarters in Dublin, Ireland, September 16, 2021. REUTERS/Clodagh Kilcoyne/File Photo

DUBLIN (Reuters) - Digital rights group NOYB on Thursday filed a complaint against Ryanair, alleging that the airline is violating customers' data protection rights by using facial recognition to verify their identity when booking through online travel agents.

NOYB, led by Austrian privacy activist Max Schrems, filed the complaint with Spain's data protection agency on behalf of a complainant who booked a Ryanair flight through the Spanish-based online travel agency eDreams ODIGEO..

The Irish airline, Europe's largest by passenger numbers, says on its website that in order to comply with safety and security requirements it must verify the identity of passengers' booking with travel agents because agents often do not provide Ryanair with customers' contact and payment details.

Passengers can avoid verifying through facial recognition by showing up at the airport at least 2 hours before departure or submitting a form and picture of their passport or national ID card in advance, a process Ryanair said can take seven days to complete.

A similar process is not required when booking through Ryanair's website or mobile phone app.

"There is no reasonable justification for Ryanair to implement this system," NOYB said in a statement. "Instead, it seems like the airline is willingly violating their customer's right to data protection in order to obtain an unfair competitive advantage over alternative booking channels."

NOYB has successfully launched privacy challenges against some of the world's largest multinational companies across the European Union under the bloc's General Data Protection Regulation (GDPR), introduced in 2018.

NOYB alleged that Ryanair's verification procedures are not valid under the GDPR because the company does not provide comprehensible information about the purpose of the "intrusive process."

Ryanair said in response that its biometric and non-biometric processes are both fully compliant with all GDPR regulations.

"Online travel agents scrape Ryanair's inventory and in many cases miss-sell our flights and ancillary services with hidden mark-ups and provide incorrect customer contact information / payment details," the low cost carrier said in a statement.

"As a result, and in order to protect customers, any customers who book through an online travel agents are required to complete a simple customer verification process. This is to ensure that they make the necessary security declarations."

(Reporting by Padraic Halpin, Editing by Louise Heavens and Jane Merriman)

Follow us on our official WhatsApp channel for breaking news alerts and key updates!


Next In Tech News

Oracle reaches $115 million consumer privacy settlement
Sanctioned Russia emerges unscathed in global IT outage
Indian ed-tech giant Byju's faces total shutdown if insolvency proceeds, CEO says
Factbox-What is CrowdStrike, the cybersecurity firm behind a global tech outage?
CrowdStrike CEO apologizes for tech outage, says systems should be recovering -NBC
Factbox-Global tech outage delays flights and disrupts services around the world
Factbox-Major tech outages in recent years
Microsoft says cause of outage at 365 apps and services fixed
'Fix' deployed for bug that caused global IT outage: CrowdStrike
India's Wipro misses Q1 revenue view

Others Also Read