Modern ticketing systems must not violate privacy
During the 13th Congress of Public Transport and Urban Technologies, Konrad Komornicki, Deputy President of the Personal Data Protection Office, pointed out that modern ticketing systems in public transport must be constructed in such a way that they do not infringe passengers' privacy and properly protect their personal data.
The 13th Congress of Public Transport and Urban Technologies was held on May 22, 2024 in Warsaw. During the meeting, a lot of space was devoted to discussing issues related to modern ticketing systems used in public transport. The event was attended by Konrad Komornicki, Deputy President of the Personal Data Protection Office, as well as members of city boards, representatives of ministries, heads of transport organisers, transport operators and the largest ICT companies.
During the debate entitled "Modern ticketing system – a tool for integrating public transport", Konrad Komornicki presented the issues related to the protection of personal data in the implementation and application of modern ticketing systems.
"A ticketing system, regardless of the technologies used in it, must be convenient and easy to use. However, it is important that it does not infringe the privacy of users and ensures effective protection of personal data" - noted Konrad Komornicki.
The Deputy President of the Personal Data Protection Office also reminded how important it is to properly conduct a data protection impact assessment when implementing modern solutions in public transport in which passenger data are to be processed. He also pointed out that entities designing and implementing modern ticketing systems must comply with the principles of privacy by design and privacy by default indicated in the GDPR. Thanks to this, the protection of data processed as part of such solutions will be taken into account already at the planning stage, which will make it much easier to ensure the security of personal data.