Mustafa Al-Bassam exposed this tactic of British Airways while probing their online check-in, which comprises numerous third-party trackers and doesn't work with ad-blocking turned on.
Security researcher Mustafa Al-Bassam has accused British Airways of abusing the regulations of General Data Protection Regulation (GDPR), as the airlines' social media team asks the passengers to post personal information on Twitter, a public platform, so it could help scrutinise customer service claims. The information being asked for includes passport numbers, full addresses, and other personal info.
As reported by TechCrunch, after facing public outrage on social media platforms against the illicit practice, the company later suggested people that they can DM their personal info.
Al-Bassam exposed this tactic of British Airways while probing their online check-in, which comprises numerous third-party trackers and doesn't work with ad-blocking turned on. Such practice of misusing or invading the privacy of the passengers is not new for the British institutions it’s an age old practice where they do bizarre, anti-privacy things to fulfil with privacy laws.
He said that devoid of proper consent, this is an abuse of GDPR, the same GDPR that British Airways’ social media team reasons with stating that 'it’s complying with by asking people to post personal information on Twitter.'