BA meets GDPR
When you check in online for a British Airways flight, it might surprise you to know that your travel details are sent to a number of third parties including LinkedIn, Twitter and Google. A security researcher discovered what was going on after he was forced to disable an ad blocker in order to check in on the BA website. Mustafa Al-Bassam has accused BA of violating the EU's General Data Protection Regulation because he didn't consent to his information being used in this way. BA also seems to have come up with a highly original interpretation of data protection rules by telling customers to post personal information on Twitter and saying this is required to comply with the GDPR. BA later clarified that it intended details to be sent by Direct Message, but that's unlikely to stop it having to answer some pointed questions from the UK's Information Commissioner. And it certainly begs the question as to what training its staff have received.