Does data privacy equal no common sense?
#1
Original Poster
Join Date: Apr 2007
Location: Anywhere
Posts: 6,575
Does data privacy equal no common sense?
An observation, and a bit of a rant.
I’ve had several interactions with the GGL helpline in recent weeks.
It’s fair that for every new interaction, I’m asked to confirm my name, BAEC number, email address, first line of my address with postcode, and last 4 digits of my saved credit card and expiry date. After all BA is presumably extra cautious after the data breach incident of some years back.
But there was an occasion, while I was mid-conversation with someone, the line got abruptly terminated, I called back right after and spoke to the SAME person (who recognised me immediately, and was fully aware that the line was dropped barely 2 minutes earlier) - yet she required me to go through the rigmarole of repeating the same verification information.
And on another occasion, after hanging up the phone with another person, I noticed that he had typed my email address for a booking incorrectly (even though my email address was recorded correctly in my BAEC account, and I had earlier confirmed that he should use that for all booking related correspondences). So I immediately called back, and got through to the SAME person, who again recognised me (after all we only just spent the past 40 minutes in a conversation to make the booking). He clearly understood that he’s made a typo error - yet required me to go through the same security verification the second time round before he would correct an error - that he had personally made!
Do operational procedures trump common sense these days?
I’ve had several interactions with the GGL helpline in recent weeks.
It’s fair that for every new interaction, I’m asked to confirm my name, BAEC number, email address, first line of my address with postcode, and last 4 digits of my saved credit card and expiry date. After all BA is presumably extra cautious after the data breach incident of some years back.
But there was an occasion, while I was mid-conversation with someone, the line got abruptly terminated, I called back right after and spoke to the SAME person (who recognised me immediately, and was fully aware that the line was dropped barely 2 minutes earlier) - yet she required me to go through the rigmarole of repeating the same verification information.
And on another occasion, after hanging up the phone with another person, I noticed that he had typed my email address for a booking incorrectly (even though my email address was recorded correctly in my BAEC account, and I had earlier confirmed that he should use that for all booking related correspondences). So I immediately called back, and got through to the SAME person, who again recognised me (after all we only just spent the past 40 minutes in a conversation to make the booking). He clearly understood that he’s made a typo error - yet required me to go through the same security verification the second time round before he would correct an error - that he had personally made!
Do operational procedures trump common sense these days?
#2
Join Date: Oct 2019
Programs: BAEC Silver, Volare Executive / Skyteam Elite+
Posts: 672
It's possible all calls are recorded, and any call recording without identity confirmation could go against the agent if later a complaint were made or it was otherwise pulled for some kind of QA/audit/review.
#3
Join Date: Dec 2009
Location: LAS/FCO/JFK/LAX
Programs: DL DM/2MM, BA GGL/CCR,/GFL, A3 Gold, JBU Mosaic, ITA Executive, HHonors Diamond
Posts: 305
An observation, and a bit of a rant.
I’ve had several interactions with the GGL helpline in recent weeks.
It’s fair that for every new interaction, I’m asked to confirm my name, BAEC number, email address, first line of my address with postcode, and last 4 digits of my saved credit card and expiry date. After all BA is presumably extra cautious after the data breach incident of some years back.
But there was an occasion, while I was mid-conversation with someone, the line got abruptly terminated, I called back right after and spoke to the SAME person (who recognised me immediately, and was fully aware that the line was dropped barely 2 minutes earlier) - yet she required me to go through the rigmarole of repeating the same verification information.
And on another occasion, after hanging up the phone with another person, I noticed that he had typed my email address for a booking incorrectly (even though my email address was recorded correctly in my BAEC account, and I had earlier confirmed that he should use that for all booking related correspondences). So I immediately called back, and got through to the SAME person, who again recognised me (after all we only just spent the past 40 minutes in a conversation to make the booking). He clearly understood that he’s made a typo error - yet required me to go through the same security verification the second time round before he would correct an error - that he had personally made!
Do operational procedures trump common sense these days?
I’ve had several interactions with the GGL helpline in recent weeks.
It’s fair that for every new interaction, I’m asked to confirm my name, BAEC number, email address, first line of my address with postcode, and last 4 digits of my saved credit card and expiry date. After all BA is presumably extra cautious after the data breach incident of some years back.
But there was an occasion, while I was mid-conversation with someone, the line got abruptly terminated, I called back right after and spoke to the SAME person (who recognised me immediately, and was fully aware that the line was dropped barely 2 minutes earlier) - yet she required me to go through the rigmarole of repeating the same verification information.
And on another occasion, after hanging up the phone with another person, I noticed that he had typed my email address for a booking incorrectly (even though my email address was recorded correctly in my BAEC account, and I had earlier confirmed that he should use that for all booking related correspondences). So I immediately called back, and got through to the SAME person, who again recognised me (after all we only just spent the past 40 minutes in a conversation to make the booking). He clearly understood that he’s made a typo error - yet required me to go through the same security verification the second time round before he would correct an error - that he had personally made!
Do operational procedures trump common sense these days?
Same grotesque experiences here, over and over. The tedious process is a reason for me being averse to calling, ending up forgetting to even use the jokers, some years
#5
Original Poster
Join Date: Apr 2007
Location: Anywhere
Posts: 6,575
But surely, if someone audits the call, the agent could “link” the current conversation to a previous one, furthermore it would’ve been obvious from the conversation itself that it’s a continuation of a conversation between the same people within a short space of time.
#6
Moderator, Iberia Airlines, Airport Lounges, and Ambassador, British Airways Executive Club
Join Date: Feb 2010
Programs: BA Lifetime Gold; Flying Blue Life Platinum; LH Sen.; Hilton Diamond; Kemal Kebabs Prized Customer
Posts: 63,771
But surely, if someone audits the call, the agent could “link” the current conversation to a previous one, furthermore it would’ve been obvious from the conversation itself that it’s a continuation of a conversation between the same people within a short space of time.
#7
Original Poster
Join Date: Apr 2007
Location: Anywhere
Posts: 6,575
BA has been fined for data protection breaches. I'm quite sure that agents have been firmly instructed to do a full Know Your Client stage at the start of each contact, so there won't be any optionality on this. Can you imagine BA setting out a Work Instruction saying "oh but don't bother with all of the above if the line drops"? Now my telephone system seems a bit more robust than some other FTers, but on the one occasion I had a dropped line, the security questions second time around took a few seconds. Personally this issue is not not a ditch in which I would be prepared to expire.
#8
Join Date: Mar 2009
Location: UK
Programs: BA Gold / Hilton Diamond / IHG Diamond Ambassador / Marriot Bonvoy Gold
Posts: 2,533
It time they came up with a better system but I am full behind GDPR and data protection. The pressure should be to provide a system that is both secure and customer focused.
data protection protect me and I am grateful for it
data protection protect me and I am grateful for it
#9
Join Date: Nov 2015
Location: London
Programs: BA Gold
Posts: 1,683
Agreed. I don’t like what they do now as I feel I’m gifting too much info to a random on the phone. A better system would be to offer digits from an authentication app.
#10
Moderator: British Airways Executive Club, Marriott Bonvoy
Join Date: May 2006
Location: Englandshire
Programs: SPG LT Plat, BA G, BD*LG, MG Blue+ ...
Posts: 16,027
Also bear in mind that your previous session with the agent would have been closed. Secure system design means that some personal information is not made available to the agent until you have 'cleared security' again with them, even if it's obvious who you are.
#11
Join Date: Jan 2008
Posts: 3,838
I do think the process could be smoother but the idea that you don’t need to re-verify is a non-runner. Not least because you are transferring the risk back to the staff member.
#12
Join Date: Aug 2008
Posts: 3,925
If you ring the DWP pension line more than once you will quickly realise that the security questions are always the same. Don’t do as I did once and answers the question before it’s asked, it will lead to tears and they won’t be one’s of joy!
#13
Join Date: Dec 2014
Location: London, UK
Programs: BAEC Gold-GGL
Posts: 1,182
I think the lack of common sense with the KYC questions comes when they ask for a heap of personal data to be sent over unsecured email. I am most certainly NOT going to email name, dob, passport number & expiry, address, etc to them.
They should send a link to a secure form where you input that data so they can proceed with your enquiry.
They should send a link to a secure form where you input that data so they can proceed with your enquiry.
#14
Join Date: Sep 2013
Location: London
Programs: BA Gold; FB Silver; SPG; IHG Gold
Posts: 2,983
”common sense” and “spirit of the policy” are demonstrably non-objective, unlearnable, a recipe for inconsistency and inevitably will result in further data breaches.
I do think the process could be smoother but the idea that you don’t need to re-verify is a non-runner. Not least because you are transferring the risk back to the staff member.
I do think the process could be smoother but the idea that you don’t need to re-verify is a non-runner. Not least because you are transferring the risk back to the staff member.
#15
Join Date: Jan 2022
Programs: BAEC
Posts: 1,469
The data protection song and dance is nonsense. The lesson here is that if you want to modify, cancel or upgrade your cousin's colleagues' sister's former roommate's booking to first class, do it on the web. There you only need PNR and last name.
It's silly that I can't even just ask a general question unrelated to me or a specific booking on something like avios availibility on a given flight without giving a load of silly information. I once had to go through data protection 3 times on the same call: 1. to get the ball rolling and make changes to booking, 2. againwhen I got called back and 3. again on the call back to use a voucher that was attached to my name and BAEC number. This is a major reason that wait times have been so insane these last months, although things haave certainly gotten better lately.
It's silly that I can't even just ask a general question unrelated to me or a specific booking on something like avios availibility on a given flight without giving a load of silly information. I once had to go through data protection 3 times on the same call: 1. to get the ball rolling and make changes to booking, 2. againwhen I got called back and 3. again on the call back to use a voucher that was attached to my name and BAEC number. This is a major reason that wait times have been so insane these last months, although things haave certainly gotten better lately.