Feeds

BA staff to google for snaps, dirt on biz-class passengers

Airline denies building secret dossiers on VIPs

Using blade systems to cut costs and sharpen efficiencies

British Airways has denied "compiling secretive data" about its business-class passengers after launching its "Know Me" programme to personalise customers' travel plans.

The Evening Standard today reported that BA staff will be given Apple iPads and told to use Google to research key frequent flyers. The employees are encouraged to download individuals' pictures, provided by a Google Images app, to help them identify the VIPs as they arrive.

A spokeswoman at the company told The Register that BA was not holding customer dossiers in some sinister fashion, but instead described "Know Me" as a loyalty programme for those people travelling business class with the airline.

Nonetheless, it's difficult not to question the company's data-handling strategy when it offers up nuggets such as this in its press release announcing "Know Me":

Its purpose is to collate a wealth of data from every experience the customer has with the airline and translate that into meaningful service for that individual.

Which, here on the networks desk at Vulture Central, sounds an awful lot like an identity database.

The scheme is limited in scope at the moment, but BA told us that it may be rolled out to other passengers if it proves a success with punters.

In the meantime, BA staff are focussing on what the company's spokeswoman described as "captains of industry coming through the airport". The airline wants its staff to bone up on biz leaders who may already have a big media profile online.

Looking at images of those individuals on Google will apparently aid that process.

However, when quizzed, the BA spokeswoman said that no facial recognition technology (software that, for example, is already used to greet hotel guests) was being used by the international people-carrier to pinpoint top businessmen and women.

She declined to clarify exactly whether customers could opt in or out of being stalked online by BA crew ahead of them taking their seat on the plane.

"There's no tick box involved," the BA spokeswoman told us, but added that passengers uncomfortable with the service could request not to be tracked in quite such a "personalised" manner.

Add to that the fact that most business class travellers do not book their flights themselves and it becomes difficult to see how those individuals might prevent such personalisation ahead of boarding their BA flight.

The BA spokeswoman assured El Reg in an emailed statement that the company is "entirely compliant with the UK Data Protection Act" and added that the airline "would never breach that".

She added:

Know Me is simply another tool to enable us to offer good customer service, similar to the recognition that high street loyalty scheme members expect. For example, it could flag up that a customer is travelling in business class for the first time so our crew can approach them and check if they need any information about the seat.

Alternatively, if someone has experienced a delay due to weather in the past then our customer service staff can apologise for that and thank the customer for continuing to fly with us. It could also advise our staff if a customer prefers not to be approached with messages when onboard.

That final comment may concern privacy campaigners because it appears to suggest that a "personalised" database on each biz class passenger is indeed maintained by BA, but if a customer declines such a service then the crew will simply be prompted NOT to use the information on the passenger that readily flashes up on their fondleslabs.

BA hasn't updated its main privacy policy since 2009. Among other things the airline states in the meaty small print:

We retain the data you provide from time to time, including your purchase history and data we collect when you use our services and facilities. Your data may be used and retained for the following purposes: accounting, billing and audit, credit or other payment card verification and anti-fraud screening (which may, for example, involve the use of credit reference agency searches and nominal payment card revalidation checks), immigration and customs control, safety, security, health, administrative and legal purposes, statistical and marketing analysis, operation of frequent flyer programmes, systems testing, maintenance and development, customer surveys, customer relations and to help us in any future dealings with you, for example by identifying your requirements and preferences.

For these purposes we may disclose your data to any of the following who may retain that data in accordance with applicable laws: other companies in the British Airways group, airlines and other companies involved in meeting your requirements, our oneworld partner airlines and franchisees, data processing companies, travel agents, government and enforcement agencies, credit and charge card companies, credit reference agencies and screening service providers. This may involve sending your data between different countries, including countries outside the European Economic Area, including countries where under their local laws you may have fewer legal rights.

It's nearly all there: data retention, third party access etc, but sadly there's no mention whatsoever of Googling for pictures of passengers ahead of them boarding their flight. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.