Ireland’s Data Protection Commissioner has initiated an EU-wide investigation into Ryanair’s use of facial recognition technology for verifying customer identities on certain third-party websites.
The probe follows multiple complaints from Ryanair customers across the European Union regarding the airline’s additional verification measures when booking tickets through online travel agents rather than directly with Ryanair.
As Europe’s largest airline by passenger numbers, Ryanair expressed its support for the inquiry, stating that the verification process aims to protect customers from OTAs that may provide incorrect contact and payment information. The airline insists that this extra layer of verification is necessary to meet safety and security standards.
Customers can opt out of facial recognition verification by arriving at the airport at least two hours before departure or by submitting a form along with a photo of their passport or national ID card in advance—a process that Ryanair notes can take up to seven days to complete.
Ryanair clarified that this additional verification is not required when customers book directly through Ryanair’s website or mobile app, or through OTAs that have established commercial agreements with the airline, of which Ryanair has signed 14 since the beginning of the year.
In its statement, Ryanair affirmed that both its biometric and non-biometric verification processes comply fully with the EU’s General Data Protection Regulation.
