Originally Posted by
cauchy
If, after some time has passed, the person in question makes a GDPR request under the 'right to be forgotten' I don't see how the airline can refuse unless there's an ongoing risk from carrying them.
I’m unclear how it is practically enforced. Presumably if one were to get a new passport and book a ticket via AA with a different FFP in the booking it would be quite difficult for BA to identify that this particular passenger had been banned.