Feeds

Hotel marketplace Airbnb: Show us your privates if you want to book a bed

Hand over that Facebook ID and passport, Popeye

Internet Security Threat Report 2014

San Francisco-based hotel-booking biz Airbnb wants a quarter of its users in the US to provide passports or driving licences when reserving a room.

The company, which describes itself as a "trusted community marketplace" for people to list and book accommodation around the world, said that there was "no place for anonymity" on such a service.

Airbnb wants its users to marry their online profiles (such as Facebook and LinkedIn) to their offline ID docs by confirming personal information or scanning a photo identity into its website. The web biz has four million customers.

The data will then be hoarded by the outfit, which receives significant investments from a VC fund headed up by actor Aston Kutcher.

The company said on Tuesday:

Airbnb will require a random 25 per cent of users in the USA to go through the Verified ID process. Soon, we’ll expand this requirement to users around the world.

We hope that hosts and guests worldwide will see the benefits of interacting with users who complete Verified ID. Our goal is for all Airbnb members to have Verified ID eventually.

What this means is that once Airbnb opens up its Verified ID policy to other parts of the globe that it operates in, users will find copies of their identity documents being stored on servers in the US. Specifically, the company states under its terms of service for European users:

Your information may be processed and maintained on computers located outside of the European Economic Area where the privacy laws may not be as protective as those in your jurisdiction. In particular, Airbnb transfers personal information to the United States and processes it there.

However, we will endeavour to secure a protection of your Personal Information at any time and any place which is comparable to the standard of protection granted under the terms of this Privacy Policy.

The bold move could raise concerns among privacy campaigners as the company wants to collect ID docs globally while effectively ignoring local law.

Up until now, Airbnb relied solely upon social networks to verify the ID of its users. Now it wants to build a database that links, say, a user's Facebook account to their passport.

But it's a strategy - known as federated identity - that isn't simply one being mulled over by private companies.

The British government is working on a so-called ID assurance project that would allow taxpayers to access public services online via their existing logon for a bank account, social network or other website. So presumably, it will be watching Airbnb closely to see how such a system might play out in the real world. ®

Providing a secure and efficient Helpdesk

More from The Register

next story
Scrapping the Human Rights Act: What about privacy and freedom of expression?
Justice minister's attack to destroy ability to challenge state
WHY did Sunday Mirror stoop to slurping selfies for smut sting?
Tabloid splashes, MP resigns - but there's a BIG copyright issue here
Google hits back at 'Dear Rupert' over search dominance claims
Choc Factory sniffs: 'We're not pirate-lovers - also, you publish The Sun'
EU to accuse Ireland of giving Apple an overly peachy tax deal – report
Probe expected to say single-digit rate was unlawful
Inequality increasing? BOLLOCKS! You heard me: 'Screw the 1%'
There's morality and then there's economics ...
Hey Brit taxpayers. You just spent £4m on Central London ‘innovation playground’
Catapult me a Mojito, I feel an Digital Innovation coming on
While you queued for an iPhone 6, Apple's Cook sold shares worth $35m
Right before the stock took a 3.8% dive amid bent and broken mobe drama
EU probes Google’s Android omerta again: Talk now, or else
Spill those Android secrets, or we’ll fine you
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.