Several British online platforms have filed complaints against the Irish airline Ryanair, and a few complaints have also come from the EU. The airline is violating data protection laws.
A coalition of online travel portals (such as Kiwi.com, Booking, and Skyscanner) has written a letter to the British authority asking it to take action against the low-cost airline Ryanair. According to them, Ryanair is violating data protection laws. If a customer wants to make an online reservation through these portals, they must undergo identity verification using facial recognition technology. However, this procedure does not occur when customers book directly through Ryanair’s website. By doing so, the company is infringing on customers’ privacy, and customers themselves are left confused about the status of their tickets. Their concern that their ticket has not been booked is entirely justified. Travel portals believe that Ryanair is taking this step to increase direct ticket sales, rather than through other platforms. To avoid the facial verification step, customers are buying their tickets directly from Ryanair. However, by processing this biometric data, Ryanair is violating European data protection laws, which could result in a substantial fine for the company. At the same time, it is collecting data that it would otherwise be unable to obtain, since customers are not purchasing tickets through these platforms.
Ryanair itself has spoken out against this, labeling these platforms “online pirates.” The tickets they offer on their websites are more expensive than those sold directly by Ryanair, and they also charge for services that are already included in the ticket price. At the same time, however, they have no official agreement with the company regarding these sales. The world’s largest airline, American Airlines, has also objected to this practice by Kiwi.com, expressing its disapproval of the platform’s approach.
The Austrian nonprofit organization NOYB (None of Your Business) has filed a complaint against Ryanair for violating the GDPR. The company could face a fine of up to several million for this violation.
