Airbnb Splits User Identity to Protect Guest Privacy

Airbnb is changing how guest identities work inside its platform, especially for Experiences.

Instead of using one visible profile across every activity, Airbnb now separates identities into two layers: an internal User ID that stays hidden inside the system, and a temporary Profile ID created for each individual Experience booking.

For short-term rental operators and Experience hosts, the goal is simple: improve guest privacy while still allowing hosts to manage group activities safely.

Here’s what that means in practice.

If a guest books a cooking class in Rome, the other participants can only see that guest’s profile within that specific class. They cannot trace the guest’s past bookings, future trips, or broader Airbnb activity.

Every Experience essentially creates its own isolated identity environment.

Related: Greece cracks down on short-term rentals in Santorini, Mykonos and other tourist hotspots

Airbnb Expands Experiences While Tightening Guest Privacy Controls

According to Airbnb’s engineering blog, this structure reduces the risk of guests being tracked across different activities while giving users more control over how they appear to others on the platform.

Behind the scenes, Airbnb uses an authorization system called Himeji to enforce those privacy boundaries. The system checks whether two users actually share the same booking context before allowing profile information to be displayed.

To make the transition work, Airbnb audited millions of lines of code using automated Python scripts and AI-assisted refactoring tools.

Engineers still manually reviewed every change before launch.

The rollout also required coordination between engineering, product, privacy, and legal teams to determine which systems could access each type of identifier.

For operators and investors, the bigger takeaway is strategic. Airbnb appears to be expanding the social side of Experiences without creating a platform-wide social network where user activity follows guests everywhere.

That matters because it limits how much guest data flows between Experiences and reduces the amount of information that could be exposed if someone accessed a participant list.

Hosts still get the tools needed to manage group bookings, but within tighter privacy controls designed to protect guest identities across the broader platform.