FB pixel

Ryanair accused of GDPR violations with biometric passenger verification

Ryanair accused of GDPR violations with biometric passenger verification

Travel policy advocacy group eu travel tech has lodged a formal complaint with the French and Belgian Data Protection Authorities (DPAs) against Ryanair, challenging the airline’s new biometric data processing policy for customer verification.

The policy, which was introduced on December 8, 2023, mandates biometric verification for customers without existing accounts, including those booking via Online Travel Agencies (OTAs). These customers are required to submit live self-images or signature images along with passport details to manage bookings and check-in online.

eu travel tech argues that this requirement infringes on individual privacy and contravenes the General Data Protection Regulation (GDPR). The organization asserts that Ryanair’s biometric verification process breaches GDPR principles of lawfulness, fairness, and transparency, particularly concerning the handling of sensitive biometric data.

eu travel tech members include prominent OTA’s like airbnb, Booking.com and expedia group, along with Amadeus.

The group has called on the DPAs to investigate Ryanair’s practices urgently and to implement provisional measures to suspend the biometric verification process under GDPR Article 66. The organization emphasizes the need for immediate action due to the potential harm to individuals’ rights and freedoms, and suggests that a substantial fine, as prescribed by GDPR Article 83, may be warranted.

Additionally, the complaint draws attention to the protracted nature of previous investigations. Notably, a similar complaint regarding Ryanair’s facial verification process was filed by the European Center for Digital Rights (NOYB) in July 2023. The status of the Irish DPA’s investigation into that complaint remains unclear, raising concerns about the effectiveness of GDPR enforcement.

In addition to filing the complaint, eu travel tech, along with the European Travel Agents’ and Tour Operators’ Associations (ECTAA) and the European Passengers’ Federation (EPF), has sent a letter to European Commission Vice-President Věra Jourová, urging the commission to explore measures to ensure timely and robust GDPR enforcement.

The coalition says it hopes these actions will prompt a swift and decisive response to protect individuals’ data rights across Europe.

Related Posts

Article Topics

 |   |   |   | 

Latest Biometrics News


EU AI Act should revise its risk-based approach: Report

Another voice has joined the chorus criticizing the European Union’s Artificial Intelligence Act, this time arguing that important provisions of…


Swiss e-ID resists rushing trust infrastructure

Switzerland is debating on how to proceed with the technical implementation of its national digital identity as the 2026 deadline…


Former Jumio exec joins digital ID web 3.0 project

Move over Worldcoin, there’s a new kid on the block vying for the attention of the digital identity industry and…


DHS audit urges upgrade of biometric vetting for noncitizens and asylum seekers

A recent audit by the DHS Office of Inspector General (OIG) has called for the Department of Homeland Security (DHS)…


Researchers spotlight Russia’s opaque facial recognition surveillance system

In recent years, Russia has been attracting attention for its use of facial recognition surveillance to track down protestors, opposition…


Estonia digital identity wallet app from Cybernetica lifts off

Tallinn-based Cybernetica has submitted the minimum viable product (MVP) for Estonia’s national digital identity wallet to the Estonian Information System…


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events