Ryanair Faces Lawsuit Over Use of Facial Recognition Technology

Ryanair is currently facing a lawsuit filed by the European Center for Digital Rights (Noyb) over its use of facial recognition technology [1]. The lawsuit alleges that Ryanair’s requirement for customers to undergo additional identity verification through facial recognition poses a significant privacy risk and violates Europe’s General Data Protection Regulation (GDPR) [1].

Description

Noyb argues that Ryanair’s true motive behind the facial recognition requirement is to discourage customers from using third-party agents for future bookings [1]. They claim that this violates customers’ right to data protection and gives Ryanair an unfair advantage over alternative booking channels [2]. The complaint specifically cites a case where a customer who booked through an online travel agency was asked to complete a facial recognition verification process or pay an additional fee at the airport [2].

Ryanair defends its actions by stating that third-party online travel agents are not authorized to sell its flights and that the verification process is necessary for security and regulatory purposes [2]. However, Noyb disputes this, asserting that Ryanair already possesses the necessary information and that the verification process is confusing and unnecessary [2].

As a result, Noyb has filed a complaint with the Spanish Data Protection Authority [2], which has the power to issue a fine of up to €192 million based on Ryanair’s turnover. The privacy group NOYB has also filed a complaint against Ryanair [3], accusing the airline of violating customers’ data protection rights by using facial recognition to verify their identity when booking through online travel agents [3]. The complaint was filed with Spain’s data protection agency on behalf of a customer who booked a Ryanair flight through the online travel agency eDreams ODIGEO [3].

Ryanair claims that it uses facial recognition to comply with safety and security requirements [3], as travel agents often do not provide the necessary contact and payment details [3]. Passengers have the option to avoid facial recognition by arriving at the airport early or submitting a form and picture of their passport or ID card in advance [3].

Conclusion

The lawsuit against Ryanair raises concerns about the privacy risks associated with facial recognition technology and the potential violation of customers’ data protection rights. The outcome of the complaint filed with the Spanish Data Protection Authority could have significant financial implications for Ryanair. This case also highlights the ongoing debate surrounding the use of facial recognition technology and the need for clear regulations to protect individuals’ privacy.

References

[1] https://www.darkreading.com/application-security/ryanair-hit-with-lawsuit-over-use-of-facial-recognition-technology
[2] https://www.brusselstimes.com/belgium/620185/ryanair-accused-of-misusing-facial-recognition
[3] https://www.business-humanrights.org/en/latest-news/europe-cso-files-complaint-against-ryanairs-use-of-facial-recognition/