Flying Under Surveillance: Personalized Airfare Pricing, Meaningful Consent, and the Limits of Consumer Protection Law
- Adshaya Shanmugathasan
- 3 minutes ago
- 7 min read
A recent proposed class action lawsuit against the airline JetBlue has brought the controversial concept of surveillance pricing to the forefront of the travel industry. The complaint, filed in a New York federal court, alleges that the airline uses sophisticated tracking tools such as browsing history, location, and device type to monitor user behavior and adjust ticket prices in real-time. The filing claims that JetBlue tracks customers searching for fares to raise the prices they encounter when they later return to the site. While JetBlue disputes these claims, asserting that prices are driven solely by seat availability and demand, the lawsuit highlights a growing regulatory gap. Existing privacy and consumer protection laws provide limited guidance on whether companies can use personal data to infer a consumer’s willingness to pay and adjust prices accordingly, raising concerns about meaningful consent and transparency in algorithmic pricing systems.
Dynamic Pricing, Surveillance Pricing, and Discrimination Risks
Surveillance-based pricing is different from traditional dynamic pricing. Dynamic pricing adjusts fares based on market conditions such as demand, seasonality, and seat availability, and is generally accepted as a legitimate commercial practice. Surveillance pricing, by contrast, uses personal data to estimate an individual consumer’s willingness to pay and may tailor prices accordingly. This shift can produce unequal or discriminatory effects. Even if sensitive characteristics are not explicitly used, AI systems may rely on proxies such as location, device type, browsing behaviour, or travel urgency that correlate with socioeconomic status or vulnerability. Depending on the data, design, and effects of the system, individualized pricing may undermine consumer autonomy, exploit vulnerability, or produce unequal treatment that consumers cannot readily detect or challenge. In extreme cases, algorithms could identify consumers in urgent or emotionally sensitive situations, such as emergency travel, and adjust prices accordingly. While technically efficient, this form of individualized pricing is unfair, non-transparent, and crosses the acceptable boundaries of behavioural profiling by undermining consumer autonomy, compromising personal integrity, and enabling unequal treatment based on observed behaviour.
The Legal Challenge
A central piece of the legal challenge involves a viral social media exchange in which a customer reported a $230 price jump for a funeral-related flight after an initial search. In a now-deleted response, a JetBlue representative suggested the customer clear cookies or use an incognito window, an exchange the lawsuit argues is a tacit admission that browsing behavior influences pricing. While JetBlue maintains this response was a mistake by a customer service employee and that clearing cookies would not actually change available fares, the incident has fueled long-standing traveler suspicions about the transparency of AI-driven pricing.
The controversy highlights a broader regulatory challenge at the intersection of privacy and consumer protection law. Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) already regulates many of the data practices that enable personalized pricing, including the collection, use, and disclosure of personal information for profiling and inference. However, privacy law does not directly determine whether the resulting commercial practice, such as using personal information to estimate willingness to pay and offer individualized fares, is fair or appropriate. The issue is that many consumers do not meaningfully understand when that data is used to influence pricing outcomes. Although airlines may disclose data practices through privacy policies and consent mechanisms, these disclosures often do not clearly communicate that information such as travel patterns, browsing behaviour, or loyalty program activity may be analyzed to infer willingness to pay and influence individualized pricing. As airlines increasingly use AI to process large datasets, including consumer behaviour, competitor pricing, and market trends, existing legal frameworks must address whether and how the use of personal information for individualized fares should be constrained to ensure meaningful transparency and consumer protection.
Cross-Border Data and the Reach of Canadian Privacy Law in Airline Practices
Canadian privacy law provides a framework for regulating airlines’ cross-border use of consumer data, but leaves unresolved how that data may be used to personalize prices and other commercial outcomes. Three lines of authority define the current framework. First, foreign organizations may be subject to PIPEDA where their activities have a real and substantial connection to Canada. Second, airline-specific privacy obligations require carriers to provide access to and transparency regarding passenger data, while raising questions about whether transparency alone is sufficient in the context of algorithmic pricing. Third, PIPEDA applies to automated systems that generate inferences from personal information, including inferences used to predict consumer behaviour and inform individualized pricing decisions.
First, Lawson v. Accusearch Inc. establishes that PIPEDA may apply to foreign organizations where their collection and use of Canadians’ personal information creates a real and substantial connection to Canada. The Federal Court held that jurisdiction depends not on where an organization is located, but on whether its data practices involve Canadian personal information. Subsequent decisions, including A.T. v. Globe24h.com, have reinforced that foreign organizations targeting Canadians may be subject to PIPEDA. This principle is particularly relevant to airlines and travel platforms that collect and process passenger data across borders, as they cannot avoid Canadian privacy obligations simply by storing or processing information abroad. However, while Accusearch confirms PIPEDA’s jurisdictional reach, it does not address whether existing privacy obligations adequately respond to emerging uses of passenger data, such as algorithmic pricing.
Second, the OPC’s Report of Findings #2011-002 involving KLM Royal Dutch Airlines demonstrates both the application and limits of PIPEDA in the aviation context. The OPC confirmed that foreign airlines with a real and substantial connection to Canada are subject to PIPEDA when collecting passenger information, including booking data and passenger name records. The investigation also reinforced airlines’ obligations to provide access to personal information and maintain transparency regarding its collection, use, retention, and disclosure. However, the case focused on procedural failures rather than how passenger data may be used for commercial purposes. It therefore illustrates that while transparency obligations are an important privacy safeguard, transparency alone may be insufficient to address the privacy interests implicated by surveillance pricing, where consumers may not understand how their data contributes to individualized pricing decisions.
Third, the OPC’s investigation into Cadillac Fairview Corporation Limited (CFCL) demonstrates that PIPEDA applies not only to the collection of personal information but also to the generation of inferences through automated systems. The OPC found that CFCL’s use of Anonymous Video Analytics to create biometric representations and infer characteristics such as age range and gender constituted the use of personal information subject to consent and transparency requirements. This principle applies directly to surveillance pricing: where airlines use passenger data to infer characteristics such as willingness to pay, purchasing behaviour, or consumer preferences, those inferences and the processing used to generate them remain subject to PIPEDA. Organizations therefore cannot avoid privacy obligations merely because algorithmic systems derive new information from existing personal data.
Meaningful Consent and Algorithmic Inference
Meaningful consent is a cornerstone of Canadian privacy law, yet it becomes increasingly difficult to apply in the context of AI-driven airfare pricing. While consumers may consent to the collection of personal data for purposes such as website functionality, analytics, or marketing, they may not understand that the same data may also be used to infer their willingness to pay for a flight. Under PIPEDA, meaningful consent requires that individuals understand the nature, purposes, and consequences of data use. Consent is also limited by section 5(3), which requires organizations to collect, use, or disclose personal information only for purposes that a reasonable person would consider appropriate in the circumstances. These requirements are particularly relevant where organizations rely on extensive passenger data to generate inferences that influence individualized pricing decisions. OPC guidance on online behavioural advertising recognizes that information used to create behavioural profiles, including tracking data, inferred interests, and linkable identifiers, may constitute personal information under PIPEDA where it can be connected to an identifiable individual. Accordingly, AI systems complicate meaningful consent not because inferred information falls outside privacy law, but because consumers may not understand that organizations are generating and using such inferences. Where algorithmic pricing systems are opaque and difficult to explain, consent risks becoming formalistic rather than substantive, functioning more as a procedural requirement than an informed choice about how personal information influences economic outcomes. Even meaningful consent would not resolve the analysis if the pricing purpose itself failed section 5(3)’s reasonable-person test.
The Limits of Privacy and Consumer Protection Law
The rise of surveillance pricing demonstrates the limits of relying on privacy law alone to regulate personalized pricing. PIPEDA already governs many practices that enable surveillance pricing, including the collection, use, and disclosure of personal information for profiling and inference. However, privacy law does not directly regulate the fairness of the resulting commercial decisions, such as whether a consumer should receive a higher airfare because their data suggests greater willingness to pay. Those concerns fall more squarely within consumer protection and competition law.
Consumer protection law may also struggle to address surveillance pricing. Existing frameworks, including the Competition Act and provincial consumer protection legislation, generally target false, misleading, or deceptive representations and, in some cases, material omissions. However, personalized pricing does not necessarily involve an express misrepresentation. Consumers may simply be shown different prices without being informed that personal information or algorithmic profiling influenced the outcome. The difficulty is determining whether failing to disclose the use of personal data and algorithmic systems to individualize prices constitutes a material omission or an unfair practice under existing consumer protection frameworks. This regulatory uncertainty is reflected in legislative initiatives such as Ontario’s Bill 104, which would prohibit personalized algorithmic pricing by deeming it an unfair practice under consumer protection law, rather than merely imposing additional transparency requirements. These developments highlight a regulatory gap at the intersection of privacy and consumer protection law, where data-driven pricing practices may avoid scrutiny because they operate through opaque algorithmic systems and are not clearly disclosed to consumers.
Regulatory Gaps and the Need for Reform
Current Canadian law provides tools to address certain aspects of surveillance pricing, but its application to emerging algorithmic pricing practices remains limited. PIPEDA may regulate the collection and use of personal information underlying individualized pricing, while consumer protection and competition frameworks may address deceptive or anti-competitive outcomes. However, existing laws do not clearly require organizations to disclose when personal data is used to influence individualized prices or provide a comprehensive framework for governing algorithmic pricing practices.
To address the regulatory gap where surveillance pricing exploits opaque algorithms, Canada must shift from passive consent to an active, multi-layered oversight framework. This requires moving beyond traditional consent models, which often function as a mere procedural requirement for general data collection, toward clear disclosure that explicitly informs consumers when their specific travel patterns, browsing history, or other personal information are being used to infer a willingness to pay. Furthermore, the introduction of algorithmic audits would allow regulators to scrutinize opaque and constantly evolving systems to ensure that data inputs do not lead to unfair or discriminatory commercial outcomes. Such reforms must also impose strict limits on vulnerability-based profiling to prevent algorithms from identifying and price-gouging consumers in emotionally sensitive situations, such as those requiring emergency travel. Finally, this oversight should be a coordinated effort between privacy and consumer protection authorities. Legislative initiatives such as Ontario’s Bill 104 demonstrate one possible approach by prohibiting personalized algorithmic pricing as an unfair consumer practice, while privacy law continues to regulate the collection and use of the personal information that enables such pricing.
The opinion is the author's, and does not necessarily reflect CIPPIC's policy position.
