cross-posted from: https://links.hackliberty.org/post/125466
My credit card issuer apparently never gets to know what I purchased at stores, cafes, & restaurants – and rightfully so. The statement just shows the shop name, location, and amount.
Exceptionally, if I purchase airfare the bank statement reveals disclosures:
- airline who sold the ticket
- carrier
- passenger name
- ticket number
- city pairs
So that’s a disturbing over-share. In some cases the airline is a European flag carrier, so IIUC the GDPR applies, correct? Doesn’t this violate the data minimization principle?
Airlines no longer accept cash, which is also quite disturbing (and illegal in jurisdictions where legal tender must be accepted when presented for PoS transactions).
Has anyone switched to using a travel agent just to be able to pay cash for airfare?
UPDATE
A relatively convincing theory has been suggested in this other cross-posted community:
https://links.hackliberty.org/comment/414338
Apparently it’s because credit cards offer travel insurance & airlines have incentive to have another insurer involved. Would be useful if this were documented somewhere in a less refutable form.
GDPR question still outstanding.
Credit card purchases come with complimentary travel insurance, so it makes sense they’d share the travel details with the bank in charge of that insurance.
You most likely agreed to that disclosure both when signing for the card contract, the insurance contract, and the travel purchase.
As others said, the bank “could” also use the information to avoid blocking your card for potential fraud… but often that’s a separate feature that you need to enable manually (default is to accept all payments).
The travel insurance sounds more plausible than the anti-fraud measure. I had not considered that. Although the question is how is that info sharing is arranged considering airline would not inherently care about my travel insurance or have a duty to inform my insurer.
Airlines definitely care about your travel insurance: if your bag, or body (or a limb… the payout tables are kind of grim), get lost during flight, someone will have to pay for it. Airlines don’t want to be the ones to pay, so they have their own insurance… but that insurer also doesn’t want to be the one to pay, so they’ll want to have your bank-card’s insurer’s information, who in turn will require your travel information in order to accept issuing the insurance (likely will reject it on travels to select countries)… and that’s how the information gets shared all the way.
That’s all plausible. But in the end the airline (their insurance) will be the loser, no?
When a traveler has insurance they have some reassurance & comfort that the loss won’t be theirs as they will file a claim. In my cases of lost luggage, the rules of the traveler’s insurance claim required me to still file a claim with the airline. The airline seemed to have the primary liability. Wouldn’t it be bizarre if the airline (who caused the loss) would get off the hook? My insurance just ensured I was compensated one way or another so long as I followed the rules and reported the loss to the airline. From there, wouldn’t my insurance work in their own interest to ensure the airline pays out? Surely my insurance must only be liable for benefits coverage that exceed the airline’s responsibility (depending on how generous my policy is).
Since an insurance company has the resources and legal muscle to ensure the responsible company pays out, I would expect it to /not/ be in the airline’s interest to deal with another insurance company over a loss. Just about every time I had a loss without insurance, the airline was directly liable to me but they told me to pound sand. Every time IIRC. They wouldn’t get away with that against another insurer.
Most of my cards are free with lousy policies that only pay out if I lose a limb or something like that. It was only when I paid for extra insurance that I got coverage that was useful.
In any case, if you are correct, that implies if I get a payment card with zero insurance (a prepaid card?), then the flight details won’t be shared, correct? Might be interesting to test that, but tricky because prepaid cards often don’t issue a statement.
Airlines never pay, that’s what they have insurance for 😉
The way it works, commercial air travel is highly regulated, with lots of laws regarding both safety and consumer rights. Airlines don’t risk having to pay for breaching any of it, instead they find an insurance company that will asses the company, estimate the chance of certain breaches happening, run their numbers… and gamble on asking the airline to pay a fee that they expect to be higher than what they expect to pay out the airline for its failures.
When you put a claim against an airline, they’ll send you away just so their insurer doesn’t raise their insurance payments. If you sue them, and win… the airline still won’t pay, it will most likely be the airline’s insurer (unless the airline loses their claim for the insurer to cover the costs of paying you, but that would be rare and kind of neglectful on the airline’s part).
When you pitch your own insurance company against an airline, it’s really going to talk to the airline’s insurance company, if they aren’t the same company to begin with… and as luck would have it, both insurers don’t make their profits on whether they pay your claim or not (unless it’s something really egregious), but on raising the regular payments for the airline and your bank, so they’re very likely to just grant your claim and raise their fees.
if I get a payment card with zero insurance (a prepaid card?), then the flight details won’t be shared, correct?
That’s… a resounding “maybe”.
Prepaid cards come in more kinds than banks issuing them; some are linked to a main account, some are separate entities, some have a per-card account… with a physical version, virtual, virtual physical, “print your own from a PDF” (not joking)… VISA, MasterCard… with all kind of paybacks, premiums, and whatnot… all depending on the given card’s contract, payment processor’s contract, general account conditions, general bank conditions. Some come with insurance from the bank, some from the payment processor, some don’t… but even then, the bank may or may not request or get your travel details, maybe as a “standard procedure”.
And some do offer online statements… and sometimes the statements appear as a pre-statememt, then get completed with more and more data some days later.
Remember that this community is a niche audience. Most people would probably find this convenient; you know easily which flight it is.
Everything here is just speculation, but if you want one more: Airlines and travellers are early adopters of credit card payments. Some people use credit cards only for travel. It does make sense that the industry has better integration than your corner store.
This is only a guess (and Still overreaching) but maybe so your card / account isn’t frozen due to unusual location?
That’s been suggested in the parent thread and another crosspost. It’s the most popular answer but I don’t buy it.
Why would the airline risk the liability of excessive oversharing of personal data for no benefit in return? Is the bank giving them a reduced transaction fee for sharing that data?