For Booking.com, it is essential that users can book trips for other users by adding their email address to a booking, because people often book trips together. And if the email address added to a booking is also linked to an existing Booking.com user, the trip will automatically be added to that person's account. After that, Booking.com can no longer delete the trip from the foreigner's account, even if there is a typo in the email or if autocomplete adds the wrong email domain and the user booking the trip does not notices.
According to Booking.com, there is nothing to fix because this is not a “system error” and there is no “security breach”. What Alfie encountered is simply the way the platform works, which, like any app where users enter information, comes with the potential for human error.
Ultimately, Booking.com refused to remove the trip from Alfie's account, saying it would have violated the privacy of the user who booked the trip. The only solution was for Alfie to delete the trip from his account and pretend it never happened.
Alfie remains concerned, telling Ars: “I can't help but think this can't be the only problem.” But Jacob Hoffman-Andrews, a senior staff technologist for the digital rights group the Electronic Frontier Foundation, told Ars that after talking to other developers, his “gut reaction” was that Booking.com didn't have many options to prevent typos. during bookings.
“There's only so much they can do to protect people from their own typos,” Hoffman-Andrews said.
One step Booking.com could take to protect privacy
Perhaps the biggest concern Alfie highlights, aside from typos, is Booking.com's practice of automatically adding bookings to accounts linked to emails entered by users they don't know. Once the trip is added to someone's account, that person apparently has access to sensitive information about the users booking the trip, which Booking.com would not otherwise share.
While speaking to the Booking.com support team member, Alfie told Ars that he had “searched as much information as possible” to find out who was behind the strange booking on his account. And apparently because the booking was added to Alfie's account, the support team member had no problem sharing sensitive information beyond the full name and last four digits of the credit card used for the booking, which is standard in the travel information was listed.
