Ireland’s Data Protection Commissioner (DPC) has initiated an EU-wide investigation into Ryanair’s use of facial recognition technology for identity verification. The probe was launched on October 4, 2024 in response to customer complaints across the European Union, questioning whether the airline’s practice of requesting additional identity verification from passengers who book through third-party websites violates EU privacy regulations, particularly the General Data Protection Regulation (GDPR).
Ryanair has implemented facial recognition for certain bookings to ensure that customers booking through online travel agents (OTAs) not affiliated with the airline are verified. The company claims that this process safeguards customers against potential errors in contact and payment information that may arise from these third-party platforms.
Passengers who wish to avoid facial recognition can opt for alternative verification methods, such as arriving early at the airport or submitting their identification documents online at least seven days in advance. These steps are not required for those who book directly via Ryanair’s website or mobile app, or through OTAs that have commercial agreements with Ryanair.
In defense of its practices, Ryanair maintains that its biometric and non-biometric verification methods comply fully with GDPR, the EU’s stringent data privacy law. The airline further emphasized that its policies are in place for safety and security purposes. Since the beginning of the year, Ryanair has signed agreements with 14 OTAs to streamline the booking process and reduce the need for additional identity checks.
Ryanair began implementing facial recognition technology in its booking process in 2023. The facial recognition capability is powered through a partnership with GetID, according to Ryanair’s website.
The new investigation by Ireland’s DPC underscores the increasing scrutiny over the use of biometric data in travel and other sectors, as privacy advocates and regulators continue to weigh the balance between technological convenience and individuals’ data protection rights. Ryanair’s case may serve as a benchmark for how airlines and third-party travel platforms handle sensitive customer information in the future.
Source: Reuters
–
October 4, 2024 – by Cass Kennedy
Related News
Ryanair Faces Privacy Complaint Over Biometric IDV
Ryanair Faces GDPR Complaint Over Biometric Verification Process
Checking Rules and Regulations in Ireland, Scotland, and the US – Identity News Digest
Adani Group, the DHS, the GPDP, and More – Identity News Digest
ID Tech Digest – October 30, 2024
ID Tech Digest – October 24, 2024
Follow Us