Ryanair facing DPC probe over facial recognition
Ryanair is facing a Data Protection Commission (DPC) inquiry into its customer verification process, which includes the use of facial recognition technology.
The DPC has received a number of complaints regarding the budget airline’s practice of requesting additional ID verification from customers who book travel tickets via third-party websites or online travel agents.
The verification process, which can include processing biometric data, does not apply to customers who book directly on Ryanair’s website.
Graham Doyle, deputy commissioner with the DPC, said: “The DPC has received numerous complaints from Ryanair customers across the EU/EEA who after booking their flights were subsequently required to undergo a verification process.
“The verification methods used by Ryanair included the use of facial recognition technology using customers’ biometric data. This inquiry will consider whether Ryanair’s use of its verification methods complies with the GDPR.”
The decision to conduct the inquiry under section 110 of the Data Protection Act 2018 was taken by commissioners Dr Des Hogan and Dale Sunderland, and notified to Ryanair last week.
The inquiry is cross-border in nature and will consider whether Ryanair has complied with its various obligations under the GDPR, including the lawfulness and transparency of the data processing.