Online travel agencies have called on UK regulators to investigate Ryanair’s data requirements for passengers who do not book directly through its website.
In a letter sent to UK regulators, signatories Booking.com, eDreams Odigeo, Expedia Group, Kiwi.com, lastminute.com, Skyscanner and On the Beach – members of Online Travel UK – claimed that Ryanair could be in breach of UK data protection rules.
They raised concerns over Ryanair’s “invasive, unnecessary and unfair” treatment of customers.
The companies argue that the low cost carrier forces many customers booking through third-party websites to hand over significant personal information in a complex process, including facial verification, in order to manage their booking or check-in online.
More: Ryanair starts twilight bag drop service at Manchester airport
Ryanair introduces UK-Lapland flights
In the letter to government bodies including the Civil Aviation Authority and Information Commissioner’s Office, they said: “Ryanair’s facial recognition process involves the collection of sensitive supplementary personal information, such as a person’s race or gender.
“In addition to potentially breaching data minimisation requirements, it also exposes the individual to significant risks to their privacy, rights and freedoms in the event of a data breach. This process is clearly excessive considering it is being required simply to access an online booking.”
The companies added: “These steps mean that customers are confused as to the status of their booking, and many may be led to falsely believe that their flight booking might be in jeopardy.
“It is causing considerable and unnecessary stress and anxiety for passengers ahead of their well-earned summer breaks.”
Ryanair claims that these new checks are necessary for safety and security reasons, yet it could easily verify a passenger’s booking by using their name or their date of birth, like all other airlines, the OTAs argued.
The airline said its goal is “solely to be able to communicate with passengers directly . . . in order to comply with our legal obligations and to allow passengers to correct their contact details so that we can meet any customer needs that may arise”.
Ryanair told the Financial Times it does not have access to customers’ email addresses or payment details if they book through an online agent.
This then forces the airline to verify their identities in compliance with regulatory protocols.
Ryanair added that its business model is “dependent” on direct online sales to customers, and that “many” OTAs “mis-sell” its flights, including adding mark-ups such as inflated baggage or seat fees.
The dispute is the latest in a long-running battle between Europe’s largest airline and some of the region’s leading OTAs.
Ryanair has long criticised third-party booking sites for preventing it from dealing directly with customers and has called on all passengers to book direct via its own website.
But the coalition of OTAs argued that no other airline requires customers to go through such checks and they had seen the process “causing misery” for many passengers.
They claimed: “Ryanair is making this process as difficult and invasive as possible by requiring a complete face scan, a signed and completed verification form, and photos of travel documentation, which are checked at the airport anyway.
“The procedure comes at an additional cost of £0.59 per passenger. Passengers who do not follow the online verification process must instead pay £55 per person, one way, to check-in at the airport, costing a family of four an extra £440 for a return journey.
“Even passengers willing to undergo the online verification process often end up having to pay at the airport, since Ryanair’s online system does not work for many passengers.”
The ICO, the independent regulatory body for data protection, told the FT it “recognised the concerns raised” over Ryanair’s collection of data, as well as “the stress and uncertainty experienced by customers worried about their travel plans.”
“We will consider the issues raised in the letter and will be making inquiries with Ryanair,” the agency said.
The CAA and Competition and Markets Authority declined to comment to the newspaper.
More: Ryanair starts twilight bag drop service at Manchester airport