Ryanair Faces Investigation Over Facial Recognition and GDPR Compliance
Ireland’s Data Protection Commissioner (DPC) has initiated an investigation across the European Union regarding Ryanair’s implementation of facial recognition technology. This inquiry focuses on whether the airline’s practice of requiring additional identity verification for customers booking through third-party websites complies with EU privacy regulations. The DPC received multiple complaints from Ryanair customers who expressed concerns about the airline’s verification process when tickets are purchased from online travel agents (OTAs).
Ryanair, the largest airline in Europe by passenger numbers, stated that the additional verification is intended to protect customers from OTAs that may provide inaccurate contact and payment information. According to the airline, this measure aligns with safety and security requirements. Customers can bypass the facial recognition process by arriving at the airport at least two hours before their flight or by submitting a form along with a photo of their passport or national ID card in advance. However, this alternative method can take up to seven days for approval.
The airline clarified that this verification process is not necessary when customers book directly on Ryanair’s website, mobile app, or through OTAs that have a commercial agreement with the airline. Since the beginning of the year, Ryanair has entered into 14 such agreements, which ensure that tickets are booked directly with the airline, eliminating the need for additional verification.
Ryanair asserts that both its biometric and non-biometric verification processes comply fully with the EU’s General Data Protection Regulation (GDPR). As the investigation unfolds, it will be crucial to monitor how Ryanair’s practices align with EU privacy laws and the implications for customers booking through third-party platforms.
Source: Irish privacy regulator probes Ryanair’s use of facial recognition
