Brokers battle in federal court over “bank” of frequent flyer points and miles

November 25, 2014

AZ DNR, LLC d/b/a ERC, LLC v. Luxury Travel Brokers, Inc. and Timothy W. Gibson (D. Kan. Oct. 24, 2014).  Litigation between brokers has revealed some of the inner workings of the secondary wholesale market for frequent flyer program points and miles.  In its complaint, ERC alleged that it is “in the business of purchasing and repurposing unwanted credit card reward points and frequent flyer miles” from consumers.  ERC deposits the purchased points and miles in a “bank” it maintains and then resells them to travel agencies and other customers.  Luxury Travel Brokers, which does business as “Flyer Miles” and “Flyer Smiles,” bought points and miles from ERC for resale to its own wholesale and retail customers.

Over time, ERC and Luxury Travel became so chummy that ERC permitted Luxury Travel to “self-serve” by accessing the bank directly and withdrawing points and miles as needed.  However, according to ERC, Luxury Travel became too familiar with the bank, helping itself to points and miles but not paying for them, and even taking points and miles that were not available for purchase.  When the parties’ negotiations over compensation for the excessive self-service failed, ERC filed suit.  ERC sued not only Luxury Travel but Timothy Gibson, the owner of Flyer Miles and Flyer Smiles, as well.  ERC’s complaint asserted claims for tortious interference with contracts and prospective contracts, violation of the federal Computer Fraud and Abuse Act, breach of contract and unjust enrichment.

The defendants filed a motion to dismiss.  Their main argument was that ERC lacked standing to bring the lawsuit because ERC “has no legitimate property rights” in the points and miles in the bank because “[p]ursuant to the contracts between these customers and the airlines and financial institutions, these frequent flier miles and reward points are generally the property of the airlines and financial institutions, until redeemed by the customer.”  The court denied the motion to dismiss, primarily because the motion raised various factual defenses that the court could not consider in deciding a motion to dismiss.  For example, the court ruled that ERC had “sufficiently alleged” that it “purchased points and miles from others.”

The defendants then filed their answer to the complaint.  Ironically, one of their affirmative defenses, entitled “public policy,” mirrored the primary claim that airlines typically assert in lawsuits against brokers; the defendants explained their “public policy” defense as follows:  “Plaintiff’s recovery in this matter is barred for the reason that Plaintiff’s alleged sale of frequent flier miles and credit card reward points necessarily involves the breach of Plaintiff’s ‘customers’ [sic] third party contracts with airlines and financial institutions.  Thus, Plaintiff cannot show that it has any lawful right that has been interfered with.  Furthermore, it would be against public policy to allow an individual to sue for interference with property rights that are only ‘acquired,’ to the extent they are so acquired, if at all, via the necessary breach of an individual’s third party contract with another individual.”

However, the defendants will not have the opportunity to prove at trial that the brokerage of points and miles fundamentally violates public policy.  Due to what the court described as the defendants’ “pattern of intransigence and violations of Court orders,” it entered a default judgment against them.  The remainder of the case will be limited to litigation over the quantification of the damages to which ERC is entitled and whether ERC is entitled to injunctive relief.  The damages phase of the lawsuit should provide an additional insight into this secondary wholesale market by showing the value that market participants place on points and miles.

Note:  ERC operates the website earnrewardscash.com, which advertises that “We Buy CREDIT CARD POINTS and AIRLINE MILES! Safe. Simple. Discreet. Guaranteed.”  Timothy Gibson was the founder of Alpha Media Group, LLC, which does business as Alpha Flight Guru and operates the website alphaflightguru.com.


The Computer Fraud and Abuse Act: revenue protection weapon for airlines

December 5, 2010

Note:  This post is an abridged version of the article I wrote for the Autumn 2010 issue of Issues in Aviation Law and Policy, which is published by the International Aviation Law Institute of DePaul University College of Law.  Click here for the full version.

Until the last few years, airlines sustained significant revenue losses from “bust-outs” by Airlines Reporting Corporation (ARC)-accredited travel agencies.  In a bust-out, an agency’s owners validate and sell vast numbers of tickets in a short period of time to individuals and other agencies, fail to report the sales to ARC, and disappear with the proceeds.  Due to technological innovations and aggressive enforcement activities, primarily driven by ARC, bust-outs are now comparatively rare.

Airlines still suffer revenue losses from ticket-related fraud, but now that type of fraud mostly results from online conduct by persons who are not affiliated with ARC agencies.  Online fraud, primarily the illicit sale of tickets purchased over the Internet by persons using stolen credit and debit card numbers, is a significant source of revenue loss for airlines.  This past summer, federal authorities charged 38 defendants “in a series of indictments that allege an extensive network of black market travel agents who used the stolen identities of thousands of victims as part of a multi-million dollar fraud scheme to purchase airline tickets for their customers.”  News Release, Office of the U.S. Attorney, W. District of Missouri, Black Market Travel Agents – 38 Defendants Indicted in Multi-Million Dollar Fraud (July 9, 2010).  Losses from this scheme allegedly exceeded $20 million.  According to one survey, airlines suffered losses of over $1.4 billion in 2008 due to online fraud.  Airlines Tackle $1.4 Billion Online Fraud Challenge, Cybersource (Mar. 16, 2009).

Airlines also sustain online-related revenue losses from fraud by frequent flyer mileage brokers and website abuse by “screen scraper” travel information providers.  Ironically, just as technology was instrumental in reducing the incidence of bust-outs, it is technology, mainly in the form of the Internet, which makes these other forms of fraud and abuse possible.

Alaska Airlines’s recent successful use of the Computer Fraud and Abuse Act, 18 U.S.C. § 1030, in federal court against a defiant, long-time frequent flyer mileage broker demonstrates that the Act can be effectively used to combat online fraud and abuse.  Having the CFAA as a gateway to federal court, through federal question jurisdiction under 28 U.S.C. § 1331, is particularly important for airlines because, in general, cases move more quickly, and summary judgment is more readily available, in federal district courts than in state courts.  Moreover, airlines can no longer depend as heavily as they once did on federal trademark infringement or other Lanham Act causes of action to obtain federal question jurisdiction, as mileage brokers appear to be lessening their use of airline logos, trade names, and other trademarks on their websites in an effort to avoid drawing airlines’ attention.

A CFAA cause of action can serve as a powerful weapon, but, in general, courts are cautious about using the CFAA in a civil setting and thoroughly scrutinize evidence offered by a plaintiff in support of its CFAA cause of action.  As a result, an airline must make sure that its website’s terms of use are correctly set up so they can help support a CFAA cause of action, and as soon as online-based fraud or abuse is detected, an airline needs to take steps to ensure that it will be able to prove the elements of a CFAA cause of action, particularly with respect to the “loss” element, which various federal courts have construed differently.  These protective measures are discussed in detail below.

Introduction to the Act

In the early 1980s, computer hackers began to penetrate government and private computer systems.  Gradually, the public began to become aware of these shadowy figures, who used a combination of telephones and “social engineering” (tricking people into disclosing information) to hack into computer systems and steal information or cause damage.

Oddly, Hollywood provided a major impetus for legislative change to address the hacker problem.  In 1983, the movie “WarGames” was released, and it dramatically increased the public’s – and Congress’ – awareness of computer hacking.  In the movie, a high school-age computer geek unknowingly hacks into a NORAD computer system using his personal computer and a telephone and nearly causes a global nuclear war.  Partly as a result of this movie, and its far-fetched premise that a teenage hacker could cause the launch of nuclear missiles, Congress enacted the CFAA, which was then called the “Counterfeit Access Device and Computer Fraud and Abuse Act of 1984.”  (For those who doubt that a movie featuring the escapades of Matthew Broderick and Ally Sheedy spurred the enactment of federal computer crime legislation, see H.R. Rep. No. 98-894, at 6 (1984), reprinted in 1984 U.S.C.C.A.N. 3689, 3695 (“For example, the motion picture ‘War Games’ showed a realistic representation of the automatic dialing and access capabilities of the personal computer.”).)

The Report of the House Committee on the Judiciary summarized the need for the legislation as follows:  “The committee concluded that the law enforcement community, those who own and operate computers, as well as those who may be tempted to commit crimes by unauthorized access to them, require a clearer statement of proscribed activity.”

The goal of articulating a “clearer statement of proscribed activity” has been difficult for Congress to achieve, and, as a result, it has repeatedly amended the CFAA over the years.  The amendments have caused the Act’s reach to broaden substantially, just as the prevalence of computers themselves has increased.  For example, the CFAA initially was a criminal statute only.  In 1994, Congress amended the Act to add a civil cause of action, which is now codified at 18 U.S.C. § 1030(g), under which victims of computer fraud or abuse can assert claims against violators of the statute.  Also, the statute was originally intended to control interstate computer crime only, but, with the development of the Internet, virtually all computer use has become interstate use and thus subject to the Act.

The Act’s Civil Cause of Action

Although the CFAA prohibits seven separate types of activities, airline plaintiffs typically proceed against offenders under Section 1030(a)(4), which prohibits a person from “knowingly and with intent to defraud, access[ing] a protected computer without authorization, or exceed[ing] authorized access, and by means of such conduct further[ing] the intended fraud and obtain[ing] anything of value.”

The Act defines a “protected computer” as a computer “which is used in or affecting interstate or foreign commerce or communication.”  Thus, as noted above, the Act covers, in essence, any computer that is connected to the Internet, which means that it covers virtually all modern computers.  Certainly, any computer that hosts an airline’s website or frequent flyer mileage program constitutes a “protected computer” under the Act.

To prevail on a claim under Section 1030(a)(4), an airline plaintiff must prove that the defendant caused a “loss” to the airline “during any 1-year period . . . aggregating at least $5,000 in value.”  The Act defines the term “loss” as “any reasonable cost to any victim, including the cost of responding to an offense, conducting a damage assessment, and restoring the data, program, system, or information to its condition prior to the offense, and any revenue lost, cost incurred, or other consequential damages incurred because of interruption of service.”  The “cost of responding to an offense” includes the “consequential” costs incurred in investigating an offense and taking remedial measures in response to it.

An airline plaintiff that has sustained a “loss” through violations of the Act is entitled to “maintain a civil action against the violator to obtain compensatory damages and injunctive relief or other equitable relief.”  Actions must be brought within two years of the offensive conduct or the date of the discovery of the actionable damage.

History of Cases Brought by Airlines Under the Act

In court, airlines have had some successes with CFAA causes of action.  Although issues regarding whether defendants have accessed airline computers “without authorization” or have “exceed[ed] authorized access” have been litigated in several cases, the primary battleground has been the issue of whether the airline plaintiff has been able to prove that it sustained a “loss” within the meaning of Section 1030(c)(4)(A)(i)(I).

Southwest’s Cases

Of all airlines, Southwest Airlines has been, by far, the most active in bringing CFAA causes of action in court.  Southwest’s experiences in litigating the “loss” element of the CFAA cause of action in the three cases are instructive.

Southwest v. FareChase.  In 2003, Southwest sued a software company that developed and licensed software that had the ability to send out “a robot, spider, or other automated scraping device” via the Internet to obtain fare, route, and schedule information from southwest.com, as well as a company that was using such software, pursuant to a license, for use by its corporate traveler customers.  Southwest Airlines Co. v. FareChase, Inc., 318 F. Supp. 2d 435, 437 (N.D. Tex. 2004).  In its complaint, Southwest claimed that the defendants’ activities directed at southwest.com were unauthorized and were deceiving Southwest’s customers by providing them with incomplete and inaccurate information.  Southwest alleged 12 causes of action in its complaint, including a CFAA cause of action.

The defendant that had been using the software moved to dismiss, among other things, Southwest’s CFAA claim pursuant to Federal Rule of Civil Procedure 12(b)(6) because the complaint supposedly had failed to adequately allege “loss” and unauthorized access to southwest.com.  The court rejected both arguments.

As to the “loss” issue, the court held that, because the complaint alleged “loss” aggregating at least $5,000 pursuant to Section 1030(e)(11), Southwest did not need to also allege “damage” to its computer or data pursuant to Section 1030(e)(8), as the defendant had contended.  The court also held that Southwest had adequately alleged unauthorized access under the CFAA because southwest.com’s Use Agreement, which was accessible from all pages on the site, specifically informed users that the use of “automated scraper devices” on the site was prohibited.

Southwest v. BoardFirst.  In 2006, Southwest sued BoardFirst to prevent it from continuing to assist Southwest customers trying to obtain “A” boarding passes, which allow the holder to board flights earlier during the boarding process.  Southwest Airlines Co. v. BoardFirst, L.L.C., 2007 WL 4823761 (N.D. Tex. 2007).  Southwest customers would provide their name, flight confirmation number, and credit card information to BoardFirst.  BoardFirst personnel then would log onto Southwest’s website using the customer’s personal information and attempt to secure an “A” boarding pass.  If BoardFirst obtained an “A” pass, the customer would be charged a fee.

In its complaint, Southwest alleged, among other things, that BoardFirst’s conduct violated the CFAA, and Southwest moved for summary judgment on its claims.  The court held that Southwest was not entitled to summary judgment on its CFAA claim.  The court agreed with Southwest that, by logging on to southwest.com, BoardFirst had been “intentionally access[ing]” Southwest’s computer within the meaning of the CFAA.  However, the court asked the parties to provide additional briefing on the issue of whether BoardFirst had acted “without authorization” or had “exceed[ed] authorized access,” as well as whether the court should apply the “rule of lenity” in interpreting the CFAA in the context of the case.  The rule of lenity “counsels courts to construe ambiguities in a criminal statute, even when applied in a civil setting, in a narrow way.”

The court then addressed whether Southwest had satisfied the CFAA requirement that it show a “loss” of more than $5,000 in a one year period due to BoardFirst’s conduct.  To support its “loss” claim, Southwest had submitted the declaration of its corporate representative on damages, which stated that “Southwest spent at least $6,500 within a single one year period in investigating and responding to BoardFirst’s unauthorized access to Southwest’s computer system.”

The court ruled that, although “investigative and responsive costs fit within the concept of ‘loss’ as used in the CFAA,” the corporate representative’s declaration was “fairly conclusory,” and thus inadequate to establish “loss,” because the declarant had failed “to identify the precise steps taken by Southwest in ‘investigating and responding to’ BoardFirst’s unauthorized access.”  This failure, according to the court, prevented it from being able to determine if Southwest’s response costs were “reasonable,” as required by the Act’s definition of the term “loss.”  However, Southwest did succeed in shutting down BoardFirst’s operations; on the basis of Southwest’s breach of contract claim, the court permanently enjoined BoardFirst from continuing to use southwest.com to obtain boarding passes for its customers.

Southwest v. Harris.  In 2007, Southwest sued eight defendants, alleging that they had engaged in brokering of the airline’s Rapid Rewards frequent flyer plan miles and awards.  In its complaint, Southwest advanced a CFAA cause of action, its only federal cause of action, as well as numerous state statutory and common law causes of action.

The defendants moved to dismiss the complaint for lack of subject matter jurisdiction, alleging that they had not “accessed” Southwest’s computer system within the meaning of the CFAA.  Southwest focused its opposition solely on the “access” element of the CFAA because that is the only one that the defendants had disputed, but, in deciding the motion, the United States Magistrate Judge decided to analyze all the elements of the CFAA cause of action, including whether Southwest had sustained a “loss” within the meaning of Sections 1030(c)(4)(A)(i)(I) and (e)(11).  Southwest Airlines Co. v. Harris, 2007 WL 3285616 at *3-4 (N.D. Tex. 2007).

In his ruling, the Magistrate Judge noted that, under the Act, Southwest was required to show that it had sustained a “loss aggregating at least $5,000 in value over a one-year period.”  The Magistrate Judge also noted that, under Section 1030(e)(11), the Act defines the term “loss” as “any reasonable cost to any victim, including the cost of responding to an offense, conducting a damage assessment, and restoring the data, program, system, or information to its condition prior to the offense, and any revenue lost, cost incurred, or other consequential damages incurred because of interruption of service.”

In its complaint, Southwest alleged that it had incurred a “loss” within the meaning of the Act because it had lost more than $5,000 in revenue in one year due to numerous passengers having traveled on its flights using awards that were void because defendants had brokered them in violation of the Rapid Rewards program’s terms.  Taking a narrow view of the Act’s definition of “loss,” the Magistrate Judge ruled that the form of loss alleged by Southwest did not fall under the definition set forth in Section 1030(e)(11) because the revenue at issue had not been lost “because of interruption of service.”  Accordingly, the Magistrate Judge recommended that the defendants’ motion to dismiss be granted, and the District Court accepted his recommendation.

The court in Harris is not alone in its view that lost revenue must result from a service interruption in order to constitute a “loss” within the meaning of Section 1030(e)(11).  In fact, this appears to be the majority view on this issue.  See Costar Realty Information, Inc. v. Field, 2010 WL 3369349 at *15 (D. Md. 2010).  However, some courts have ruled that lost revenue does constitute “loss” within the meaning of Section 1030(e)(11) even if it does not result from a service interruption.  See, e.g., Frees, Inc. v. McMillian, 2007 WL 2264457 at *6 (W.D. La. 2007).  This issue was recently addressed in a case brought by Alaska Airlines.

Alaska Airlines v. Carey

Brad Carey is no stranger to lawsuits brought against him by airlines seeking injunctive relief against, and damages arising from, his frequent flyer mileage brokering.  Northwest Airlines sued Carey for mileage brokering in 1991, and, the next year, the court granted the airline a permanent injunction and a stipulated judgment for $200,000.  United Airlines sued Carey for mileage brokering in 1992, and again in 2005 for violation of the permanent injunction entered against him in the first case in 1993.  In its summary judgment memorandum in the case discussed below, Alaska Airlines referred to Carey as “an incorrigible and devious scofflaw.”

In 2007, Alaska Airlines filed a lawsuit in the United States District Court for the District of Washington against Carey, his wife, and Carey Travel, Inc. seeking damages and injunctive relief related to Carey’s brokering of frequent flyer miles and award tickets.  Like other frequent flyer programs, the terms of Alaska Airlines’s program, which is known as the “Mileage Plan,” prohibit its members from selling, purchasing, or bartering miles or award tickets, and stipulate that miles and award tickets “are void if transferred for cash or other consideration.”

In its amended complaint, Alaska Airlines set forth eight causes of action, but its CFAA cause of action was the only federal statutory cause of action in its pleading and, thus, the sole basis for the court’s subject matter jurisdiction under 28 U.S.C. § 1331.

According to Alaska Airlines, Carey operated the following scheme in violation of the CFAA.  Carey would solicit Mileage Plan members to sell their miles to him.  He would pay the members a set number of cents per mile, and the members would provide him with their online Mileage Plan username and password.  Carey would then be contacted by persons looking to buy an Alaska Airlines ticket, and he would agree to sell them a ticket.  Carey would then log on to Alaska Airlines’s website using a Mileage Plan member’s username and password and purchase the requested ticket in the name of the buyer.  Carey would then pass the electronic ticket information to the buyer, along with the instruction that, if asked, the buyer should explain that the award ticket was received “free, free, free” as a gift.

In the litigation before the District Court, Alaska Airlines claimed that Carey was violating the CFAA by, “with intent to defraud,” accessing its computer system “without authorization” by using others’ account information without the airline’s permission for the sole purpose of fraudulently causing the airline to issue tickets and provide transportation based on void miles and award tickets.

The District Court agreed with Alaska Airlines that Carey had violated the CFAA, and it entered summary judgment in its favor and a permanent injunction against the defendants.  The Ninth Circuit agreed as well, affirming the District Court’s rulings in all respects.  Alaska Airlines, Inc. v. Carey, 2009 WL 3633894 (W.D. Wash. 2009), amended, 2010 WL 2196446 (W.D. Wash. 2010), aff’d, 2010 WL 3677783 (9th Cir. 2010).  However, neither the District Court’s order granting summary judgment, its amended order granting summary judgment, nor the Ninth Circuit’s memorandum opinion affirming the District Court’s decision contains an extensive discussion of the CFAA cause of action.  Only the transcript of the District Court’s oral decision at the hearing on Alaska Airlines’s motion for summary judgment offers insight into either court’s thinking on the CFAA issues.

At the summary judgment hearing, the District Court ruled that Alaska Airlines had proven the elements of its CFAA cause of action.  As to the unauthorized access element, the court held that using a frequent flyer program member’s online username and password, even with the member’s permission, to perpetrate a fraud against the airline constitutes “access[ing] a protected computer without authorization” in violation of the CFAA.  In ruling in this manner, the court rejected Carey’s contention that his access was authorized because the selling Mileage Plan members had given him permission to use their website login information.  The court pointed out that the victim of Carey’s fraud was Alaska Airlines and that the airline owned and operated its site, solely determined authorized access to it, and had not given Carey the authority to use its site to perpetrate a fraud against it.

In addition, the court ruled at the summary judgment hearing that Alaska Airlines had proven the “loss” element of its CFAA cause of action:

The statutory dollar value, the Court is satisfied, is met in aggregating the cost of policing the system in order for Alaska Airlines to maintain the continued integrity and viability of its frequent flyer system.

The fact of damage here is not a close question in my judgment.  Not only do we have the in excess of $5,000 spent by Alaska Airlines to fulfill its business interest in maintaining the integrity of its mileage system, but as in the Texas case of Frequent Flyer Depot v. American Airlines, it is also clear to me that there has been a loss of goodwill.  Any time a valid frequent flyer mile customer does not have a seat available on a plane because of someone who improperly aggregated miles and obtained a travel award in violation of the terms and conditions, that results in a loss of goodwill, a loss of respect and confidence in the system that Alaska Airlines and, I might add, most other carriers have promoted and spent a goodly amount of money in advertising and promoting for their economic advantage.

The District Court was able to conclude that Alaska Airlines had incurred costs in excess of $5,000 in a one-year period responding to Carey’s offenses because the airline had submitted, in support of its summary judgment motion, the declaration of its Director, Customer Loyalty & Marketing Programs, in which he attested that the airline had expended over $5,000 in manpower in a one-year period while “tracking and attempting to curtail Defendants’ abuses of the system.”  The court relied on this declaration in ruling that Alaska Airlines had satisfied the “loss” element of its CFAA cause of action.

CFAA Pointers

The CFAA is a potentially powerful weapon against mileage brokers, “screen scrapers” and others who threaten an airline’s revenues through conduct that involves accessing the airline’s computers.  But, in general, judges appear to be reluctant to award relief under the CFAA because the law is relatively new and it was originally enacted as a criminal statute designed to stop computer hackers, and a mileage broker is very different from a hacker.  This means that, knowingly or unknowingly, judges are likely to apply “the rule of lenity” in analyzing whether an airline has proven the elements of a CFAA claim.  However, if an airline takes the following steps, it can substantially increase the odds of obtaining favorable and relatively quick relief under the CFAA:

  • The frequent flyer program’s rules should contain a term that clearly states that a member is not authorized to allow a third party to use the member’s user identification or password in order to log in to the member’s account to perform any transaction that violates the program’s terms.  This term would make it difficult for a mileage broker to successfully argue, using an agency theory, that he did not violate the CFAA because the member had given him “authorization” to “access” the airline’s computer by using the member’s login information.
  • To combat automated “screen scraper” devices, the terms of use of an airline’s website should specifically prohibit such devices, and the terms of use should be accessible from all pages on the site.  This term would help an airline satisfy the requirement that it show that the CFAA offender had accessed the airline’s computer “without authorization.”
  • An airline should focus on proving its damages as soon as online fraud or abuse is detected.  At the outset in most fraud cases, the plaintiff’s focus is primarily on proving liability, and the computation of damages is often left for discovery or for an expert witness to handle at a later time.  However, to help prosecute a CFAA claim, an airline must prepare to prove its “loss” before the litigation and as soon as the offending conduct is identified.  If the defendant moves to dismiss a CFAA cause of action on the grounds that the airline has failed to properly plead a “loss” (i.e., the defendant makes a “factual attack” on subject matter jurisdiction grounds), the airline will be required to oppose the motion with admissible evidence.  Such evidence must be collected before the case is filed.
  • To ensure that an airline has sufficient evidence of “loss,” as soon as online fraud or abuse is detected, the airline personnel (or outside contractors) investigating and responding to the offending conduct should keep daily logs describing the tasks they have performed and the time spent performing them.  It is critically important that the logs (and the contractor invoices, if any) describe how the tasks performed were in direct response to the CFAA violations.  Otherwise, there is a substantial risk that a court will hold that the airline has failed to prove that the employee time, or other response costs incurred, constitute “reasonable” costs within the meaning of Section 1030(e)(11).
  • In the court complaint, in addition to alleging revenue and goodwill loss due to the defendant’s CFAA offenses, an airline should separately allege that, as “the cost of responding to” such offenses, it has incurred aggregated costs exceeding $5,000 in a one-year period.  “The cost of responding to an offense” is considered “loss” under the CFAA.  Courts have held that employee response time counts toward the $5,000 threshold.  Once the airline has its “foot in the door” as to the CFAA by proving that its response costs exceeded $5,000 in a one-year period, then it can seek to recover revenue under common law fraud and other causes of action that was lost for reasons other than an “interruption of service.”
  • If damages are relatively unimportant, difficult to prove, or likely to be impossible to recover, and an airline’s primary objective is to stop the defendant’s online fraud or abuse, then the airline should consider dismissing its damages request at some point, particularly where a state statute could provide a cause of action for attorneys’ fees and costs.  (In the Carey case, the court awarded Alaska Airlines attorneys’ fees of over $122,000 and litigation expenses of over $4,500 in connection with its successful claim that the defendants had violated the Washington Consumer Protection Act.)  Streamlining the case in this manner would increase the likelihood that an airline would be able to obtain a permanent injunction at the summary judgment stage and end the case without having to engage in potentially costly and time-consuming damages-related discovery.

Appeals court upholds temporary injunction against frequent flyer mileage brokers

March 8, 2009

Frequent Flyer Depot, Inc., George Pirkle and Robert Pirkle v. American Airlines, Inc. (Tex. Ct. App. Feb. 26, 2009).  American’s AAdvantage frequent flyer program prohibits the purchase or sale of the program’s mileage credit or award tickets and makes such mileage or tickets void if transferred for cash or other consideration.  American sued Frequent Flyer Depot, and its owners, George and Robert Pirkle, for brokering AAdvantage mileage credit and award tickets.  In its petition, American stated causes of action for tortious interference with contract, tortious interference with prospective relations, fraud and misappropriation.

In September 2008, the trial court granted the airline’s request for a temporary injunction and issued an order enjoining the brokers from purchasing, brokering, bartering, selling, offering for sale or soliciting AAdvantage mileage credit or award tickets through the completion of the trial.  The brokers appealed the temporary injunction order, disputing its imposition for seven separate reasons:  “the underlying suit is pre-empted by federal law; the injunction does not preserve the status quo; there is no enforceable contract between American and its AAdvantage® members prohibiting members from selling their rewards points to third parties; the hearing on the temporary injunction should have been continued for appellants to obtain discovery on their antitrust-related counterclaims; American failed to show an imminent injury; American has an adequate remedy; and principles of equity bar the imposition of an injunction.”

The appeals court rejected all of the brokers’ arguments.  Most notably, the court held that American’s contract with its AAdvantage members is based on mutuality of obligation and thus is enforceable.  The brokers contended that the contract lacks mutuality of obligation, and thus is unenforceable, because it allows American to unilaterally change the terms of the program with or without notice and to terminate the program with six months notice.  The brokers argued that if the contract is not enforceable, then the airline cannot state a cause of action for interfering with that contract.  The court disagreed, noting that the contract does impose sufficient obligations on American to support a finding of mutuality, including the obligations to provide customers with mileage credit when certain conditions are met and to issue award tickets in exchange for such credit.

The court’s other noteworthy ruling is that American was able to prove irreparable injury by showing that the brokers’ conduct disrupted the airline’s business by forcing it to divert personnel resources to deal with void brokered tickets and that the airline was not required to provide evidence that use of award tickets brokered by the defendants actually resulted in the displacement of fare-paying passengers from specific flights.

Note:  In May 2008, the federal district court in Alaska Airlines v. Carey, which is pending in the state of Washington, rejected a similar mutuality of obligation argument that had been made by the frequent flyer mileage brokers in that case.

Update:  On December 30, 2009, Frequent Flyer Depot and the Pirkles filed a petition for a writ of certiorari with the U.S. Supreme Court, which denied the petition on March 29, 2010.


Airline battles frequent flyer mileage brokers in federal court

May 26, 2008

Alaska Airlines, Inc. v. Carey (W.D. Wash. Apr. 15, 2008).  The terms and conditions Alaska Airlines’ frequent flyer program, known as the Mileage Plan, prohibit its members from selling, purchasing or bartering miles or award tickets, and they state that miles and award tickets “are void if transferred for cash or other consideration.”

In 2007, Alaska Airlines filed a lawsuit against Bradley and Celeste Carey and their company, Carey Travel, Inc., seeking damages arising from, and injunctive relief against, the defendants’ brokering of plan miles and award tickets.  According to the airline, the defendants have operated a scheme in which they buy miles from plan members (which renders the miles void), redeem the miles for award tickets and then sell those tickets to their customers, who use them to travel on the airline’s flights.  In essence, according to the airline, the defendants have tortiously induced plan members to violate the plan and have fraudulently caused the airline to issue tickets and provide transportation based on void miles and award tickets.

In response, the defendants made a novel argument.  They moved to dismiss most of the counts of the complaint on the grounds that the contract between the airline and plan members, which consists of the plan’s terms and conditions, is “both illusory AND unconscionable.”  The defendants argued that contract is illusory because it is “unilaterally modifiable” by the airline, and that it is unconscionable because it is one-sided (particularly because it gives the airline the right to terminate the plan) and because plan members have no opportunity to bargain over the terms and conditions.  The defendants contended that because the contract does not exist or is unenforceable, the airline’s causes of action that are premised on the existence of such contract, such as its cause of action for tortious interference with contract, fail to state a claim for relief.

The court denied the motion to dismiss, holding that defendants had raised this issue too early in the case and indicating that the defendants could proceed with discovery and then file a motion for summary judgment on this issue.  Undaunted, the defendants moved that the court reconsider its order, boldly suggesting that perhaps the court had not “looked at, reviewed, or carefully studied” the plan’s terms and conditions.

The court denied the motion for reconsideration.  Exercising considerable restraint, the court indicated that it had in fact carefully reviewed the terms and conditions and, as proof, pointed out that it had cited certain terms and conditions in its prior order.  The court then noted that contract provisions allowing a party to terminate a contract do not render the contract illusory where the termination can only be exercised upon the occurrence of specified conditions.  The court held that because the contract requires that the airline give 180 days advance notice before terminating the plan, the termination provision did not render the contract illusory.  The court also noted that if the airline decided to eliminate the advance notice provision and terminate the plan immediately, a plan member might have a good argument that the contract, as interpreted by the airline, was illusory, but “that is not this case.”

Note:  In March, after the court issued its order denying the motion to dismiss, the defendants filed a 41-page class action counterclaim and third party complaint alleging, among other things, that Alaska Airlines, “its favored frequent flyer mile broker, Points.com” and Delta Airlines, American Airlines, Northwest Airlines and Continental Airlines (as “unnamed co-conspirators”), have violated federal antitrust statutes by conspiring to eliminate all frequent flyer mileage brokers and monopolize the mileage market and that an in-house attorney and a senior manager of Alaska Airlines are also liable for these antitrust violations.  The defendants filed a similar counterclaim in a case that United Airlines had brought against them in 2005 for brokering Mileage Plus miles and awards.

Update:  On October 30, 2009, the court entered an order granting summary judgment for Alaska Airlines and a permanent injunction against the defendants.  On April 2, 2010, the court awarded Alaska Airlines attorneys’ fees of $122,273 and litigation expenses of $4,545 in connection with its successful claim that the defendants had violated the Washington Consumer Protection Act.  On September 16, 2010, the Ninth Circuit affirmed the trial court’s summary judgment and permanent injunction rulings, as discussed here.


Follow

Get every new post delivered to your Inbox.