24 October 2011 by

The treatment of personal data in the airline industry

The number of protection laws around the globe illustrates the need to treat personal information of individuals with respect.

On the one hand, government agencies and other institutions such as airlines need information to fight crime, protect health and property and to regulate the social and economic well-being of the population.

On the other hand, people want protection against the abuse of their personal information. The laws attempt to reconcile the needs and the protection.

The Equality and Human Rights Commission United Kingdom recently summarised the tension between the demand for personal information and the need to protect the same information, calling for a simplification of the regulatory framework at least in the UK "... so that any need for personal information has to be clearly justified by the organisation that wants it."

In the airline industry passengers, especially to and from the USA, must provide personal data in terms of the US Government's Secure Flight programme designed to keep terrorists off planes.

Passengers booking flights online give a large amount of personal information. Travel agencies collect vast amounts of personal information to make land and flight arrangements.

Most of the personal information in the airline industry crosses borders. Information is stored on servers and in clouds. This is generally known as the processing of personal information, something subject to strict regulation in most jurisdictions.

Concerns have been raised especially recently about the security of "cloud" storage of data after hackers gained access at institutions such as Sony, Citibank, IMF and others.

The sensitive treatment of personal information in the airline industry has so far been good and no major breach of legislation has been publicly reported. This certainly is a pat on the back for the airline industry.

The acid test will come in the form of challenges regarding the security of the storage of personal information, the cross-border transfer of information and for how long players in the industry may store personal information.

Faan Coetzee

The information and material published on this website is provided for general purposes only and does not constitute legal advice.

We make every effort to ensure that the content is updated regularly and to offer the most current and accurate information. Please consult one of our lawyers on any specific legal problem or matter.

We accept no responsibility for any loss or damage, whether direct or consequential, which may arise from reliance on the information contained in these pages.

Please refer to the full terms and conditions on the website.

Copyright © 2021 Cliffe Dekker Hofmeyr. All rights reserved. For permission to reproduce an article or publication, please contact us cliffedekkerhofmeyr@cdhlegal.com