Feeds

BA staff to google for snaps, dirt on biz-class passengers

Airline denies building secret dossiers on VIPs

Top 5 reasons to deploy VMware with Tegile

British Airways has denied "compiling secretive data" about its business-class passengers after launching its "Know Me" programme to personalise customers' travel plans.

The Evening Standard today reported that BA staff will be given Apple iPads and told to use Google to research key frequent flyers. The employees are encouraged to download individuals' pictures, provided by a Google Images app, to help them identify the VIPs as they arrive.

A spokeswoman at the company told The Register that BA was not holding customer dossiers in some sinister fashion, but instead described "Know Me" as a loyalty programme for those people travelling business class with the airline.

Nonetheless, it's difficult not to question the company's data-handling strategy when it offers up nuggets such as this in its press release announcing "Know Me":

Its purpose is to collate a wealth of data from every experience the customer has with the airline and translate that into meaningful service for that individual.

Which, here on the networks desk at Vulture Central, sounds an awful lot like an identity database.

The scheme is limited in scope at the moment, but BA told us that it may be rolled out to other passengers if it proves a success with punters.

In the meantime, BA staff are focussing on what the company's spokeswoman described as "captains of industry coming through the airport". The airline wants its staff to bone up on biz leaders who may already have a big media profile online.

Looking at images of those individuals on Google will apparently aid that process.

However, when quizzed, the BA spokeswoman said that no facial recognition technology (software that, for example, is already used to greet hotel guests) was being used by the international people-carrier to pinpoint top businessmen and women.

She declined to clarify exactly whether customers could opt in or out of being stalked online by BA crew ahead of them taking their seat on the plane.

"There's no tick box involved," the BA spokeswoman told us, but added that passengers uncomfortable with the service could request not to be tracked in quite such a "personalised" manner.

Add to that the fact that most business class travellers do not book their flights themselves and it becomes difficult to see how those individuals might prevent such personalisation ahead of boarding their BA flight.

The BA spokeswoman assured El Reg in an emailed statement that the company is "entirely compliant with the UK Data Protection Act" and added that the airline "would never breach that".

She added:

Know Me is simply another tool to enable us to offer good customer service, similar to the recognition that high street loyalty scheme members expect. For example, it could flag up that a customer is travelling in business class for the first time so our crew can approach them and check if they need any information about the seat.

Alternatively, if someone has experienced a delay due to weather in the past then our customer service staff can apologise for that and thank the customer for continuing to fly with us. It could also advise our staff if a customer prefers not to be approached with messages when onboard.

That final comment may concern privacy campaigners because it appears to suggest that a "personalised" database on each biz class passenger is indeed maintained by BA, but if a customer declines such a service then the crew will simply be prompted NOT to use the information on the passenger that readily flashes up on their fondleslabs.

BA hasn't updated its main privacy policy since 2009. Among other things the airline states in the meaty small print:

We retain the data you provide from time to time, including your purchase history and data we collect when you use our services and facilities. Your data may be used and retained for the following purposes: accounting, billing and audit, credit or other payment card verification and anti-fraud screening (which may, for example, involve the use of credit reference agency searches and nominal payment card revalidation checks), immigration and customs control, safety, security, health, administrative and legal purposes, statistical and marketing analysis, operation of frequent flyer programmes, systems testing, maintenance and development, customer surveys, customer relations and to help us in any future dealings with you, for example by identifying your requirements and preferences.

For these purposes we may disclose your data to any of the following who may retain that data in accordance with applicable laws: other companies in the British Airways group, airlines and other companies involved in meeting your requirements, our oneworld partner airlines and franchisees, data processing companies, travel agents, government and enforcement agencies, credit and charge card companies, credit reference agencies and screening service providers. This may involve sending your data between different countries, including countries outside the European Economic Area, including countries where under their local laws you may have fewer legal rights.

It's nearly all there: data retention, third party access etc, but sadly there's no mention whatsoever of Googling for pictures of passengers ahead of them boarding their flight. ®

Internet Security Threat Report 2014

More from The Register

next story
'Kim Kardashian snaps naked selfies with a BLACKBERRY'. *Twitterati gasps*
More alleged private, nude celeb pics appear online
Home Depot ignored staff warnings of security fail laundry list
'Just use cash', former security staffer warns friends
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Freenode IRC users told to change passwords after securo-breach
Miscreants probably got in, you guys know the drill by now
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
BitTorrent's peer-to-peer chat app Bleep goes live as public alpha
A good day for privacy as invisble.im also reveals its approach to untraceable chats
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.