We put a lot of trust in airlines for safety, comfort and convenience, but what about our privacy?
The massive data breaches Australian consumers have experienced in the past few years have changed the way we think about how and why companies collect, retain and protect the data we provide them.
But what about airlines? We hand them, quite literally, our lives and, quite happily, a fair amount of data.
And that’s not going to slow down any time soon. In the digital age, the information airlines and airports collect is only going to increase in the name of improving security and increasing automation to cut down on staffing costs.
So how much do airlines know about you?
If you have a booking with an airline, they know your name, address, phone number, credit card details, where and when you will be away from your residence, relevant medical information, who you live with and their details if you are travelling with family members and your emergency contact details. And if you are travelling overseas, your passport details.
Criminal catnip
Now imagine you are a cybercriminal. That would be like criminal catnip. All you need to commit identity theft is right there. Just the credit card details alone could create financial devastation.
But that’s not all, for example, Qantas is surprisingly up-front about the vast quantities of information it has and will use.
There’s the usual – name, address, payment details – but there are a few surprises in there.
They include what in-flight entertainment you access, CCTV images from the airport lounges, products you have bought, sites visited if you use wifi in the air or at the lounges, any feedback or complaints and even your employment details.
It’s good that the airline is open about it, but, frankly, that’s terrifying. Taking photos in lounges? Collecting information about what sites you visit while using wifi?
Qantas is also very open about the fact that it will hand over your data to third parties and other service providers.
Qantas says it uses all this information to tailor services, streamline administration, and personalise marketing.
Biometrics
However, the Qantas IT department must be doing something right, they had their last serious breach in 2017. Which is reassuring, because I don’t want my browsing history made public. It’s probably just too much Pinterest … but still.
A deep dive into the internet found most airlines carry similar policies.
And it’s only going to get worse. Airlines and airports are all very keen on biometrics. Facial recognition technology and automatic fingerprinting are being rolled out across the globe at border gates, passport control and security points. Iris identification is a bit further behind, but it’s still on the agenda.
So what can you do to protect yourself?
Sadly not a lot. You have to rely on the airline being on the ball about cybersecurity.
If you want to fly with an airline, you will have to hand over your information and even the most basic and unavoidlable of that – name, birthdate and address – could be used to create a new identity.
The best advice is to keep an eye on any suspicious activity in any of your day-to-day online actions, use 2-step verification and change your passwords regularly.
What do you think about all this data airlines collect about us? Will it change your behaviour while travelling? Why not share your opinion in the comments section below?
Also read: One item you should never wear on a plane
“Qantas says it uses all this information to tailor services, streamline administration, and personalise marketing.” Just another cop out statement. No one that I know of wants any marketing never mind personalised. Qantas just can’t be honest and say they get paid by these companies for it’s all about money.
Governments needs to make it mandatory that no information is given or sold to any company or 3rd party. Also, any information more than a set time period should be deleted from all data bases, maybe after 2 or 3 years. This should also encompass overseas carriers that operate within Australian airspace. Mandatory hefty penalties to be applied for any breech. And I’m not talking a few Million $ in fines but more of a percentage of their annual turn over and minimum payments in compensation to people who have had there data compromised.