What Lawsuits Between The Points Guy And American Airlines Are All About

The Points Guy (owned by new media conglomerate Red Ventures) created an app that would let users track their miles, including American AAdvantage miles. Members would input their AAdvantage account numbers and passwords and the ‘TPG app’ would scrape data from AA.com.

American sent Red Ventures a cease and desist. Red Ventures did not want to comply, so they sought a declarative judgment in Delaware Court. American Airlines then filed suit in the Northern District of Texas claiming unauthorized use of their systems as well as trademark infringement.

  • The Points Guy says they’re just trying to help consumers. They do offer a free service to consumers, but their goal is to monetize that traffic (pitching users on credit cards).

  • American says they’re trying to protect consumers, that they don’t allow this sort of access for security reasons. Only they did allow this access with Award Wallet for 8 years under a security and revenue agreement that allowed AwardWallet.com to access accounts via an API, and American shut that down in December. It isn’t about security.

    Instead American Airlines wants its members on its website for monetization purposes, just like TPG wants people using its app for monetization purposes.

Ultimately though I think American is a bit short—sighted here. Members who check their account balances in an easy fashion each day via app (including Award Wallet’s) are,

  1. Better for security since they notice all account balance changes right away, not weeks or months later when they check their account. E.g. they’ll usually notice unauthorized withdrawals before any travel booked with their miles is consumed.
  2. Better for monetization they see every balance update and it drives them to the airline site more frequently than if they’re in the blind.
  3. Better for engagementwhen members keep their account numbers handy in the most convenient manner for them, it’s easier for them to interact with the program.

TPG isn’t on the side of angels here, they’re both fighting over consumer eyeballs, but the service that others like TPG are providing can be a net positive. And unquestionably companies have taken enforcement of computer access laws way too far. Fortunately courts have begun limiting the scope of website terms and conditions being applied to criminal law.

What American should have done was insist on a stake in the product (easier done perhaps with Award Wallet than TPG?) and the ability to communicate with competitor customers a certain number of times per year… Award Wallet has hundreds of thousands of airline elite customers in their database….. including the customers of American’s competitors. The smart move would be to market to those competitors’ customers, negotiated in exchange for access.

About Gary Leff

Gary Leff is one of the foremost experts in the field of miles, points, and frequent business travel - a topic he has covered since 2002. Co-founder of frequent flyer community InsideFlyer.com, emcee of the Freddie Awards, and named one of the "World's Top Travel Experts" by Conde' Nast Traveler (2010-Present) Gary has been a guest on most major news media, profiled in several top print publications, and published broadly on the topic of consumer loyalty. More About Gary »

More articles by Gary Leff »



  1. It is my understanding that Delta Air Lines has also filed a cease & desist against TPG for the exact same thing. It violates Delta’s security policies.

  2. I run APIs for my company and the last thing I want is mass ‘scraping’ of data from a single service through shared user credentials. I don’t know that we’d sue but we’d certainly limit traffic or lock accounts that appeared to be tampered with in this way. It’s a huge potential attack vector.

  3. Good analysis. It’s a bit like record companies and streaming. They felt threatened, which initially prevented them from seeing the opportunity.

  4. TPG sent an email basically saying they were on the side of frequent flyers and seeking support against AA. This is total BS. As someone who spent 40 years in IT and dealt with a lot of infringement issues TPG is ABSOLUTELY in the wrong and would never win at trial (before a judge not a jury so only the law, not sympathies, would prevail). AA owns the site and the miles are property of AA (not the members) so AA has every right to restrict unauthorized access.

    You can argue it isn’t “right” or even best overall business practices but legally AA is on solid ground

  5. Hmmm. I wonder who first suggested in the comments section that AA should exchange access for the ability to push ads? Who could it be?

    That said, nice flesh out of the whole issue – can’t see many, if any, flaws in the argument.

  6. I can track all of my bank accounts via a multitude of third party sites, with real currency as opposed to points/miles with questionable value, but tracking my Monopoly money is somehow a security risk? It’s a ridiculous argument.

    Nevertheless, I fear the airlines have the winning legal stance, even if what they’re doing is anti-consumer. I think it would take lawmakers protecting consumer rights to their earned benefits to set this right. Obviously not something we could count on Congress to act on, but perhaps even a few states passing consumer protections could turn the tide here.

    In the meantime, lawsuits like TPG’s may not go anywhere, but at least they put pressure on the airlines and bring the issue to a broader audience. Most of the companies impacted by them haven’t had the resources to fight this – Red Ventures can afford it and shame the airlines, even if they lose.

  7. This may go an an entirely (unwanted different direction for the airlines). How can AA own something that we already bought from them. You buy miles that you do not get to own ? This is the bigger issue IMO and I hope the DOJ files a lawsuit against AA and all other airlines that maintain this policy ?

  8. @Jerry – everyone signed up agreeing that the miles (and membership) did not belong to you.

    Though even more of a different direction would be tax. There is probably a tax argument that if Amex and Chase tax your points (e.g., Amex taxes transfers to US flyer programs, and Chase taxes bonus points), you could argue that by the very terms of the programs, they’re not your points and you don’t own them…. so the owner of the points (i.e. the programs) should be taxed.

    As for TPG and security risks, completely agree with the above views. API’s are security risks. And it’s effort for American, Delta to verify that third parties meet internal security standards. It’s easier for them to say no.

  9. Jerry and khati, Good points. I guess if I do not own my points (even if I buy them for cash from AA), AA should pay any taxes owed. But the security issue is likely going to prevent outside access. I, like most, here have many airline, hotel, etc. points and tracking them one by one vs. consolidated view is a pain.

  10. It’s an bunch of mumble and jumble in my opinion. I somehow am on the AA side. The FF miles are the property of AA. I believe AA Miles are not meantime to be traded, sold, or exchanged as valuables. AA reserve the right to revoke any account. I remember I used my miles once for my sister in law who was stranded in Japan because of summer high travel season and no economy seats were available, and I redeemed a First Class Ticket for her. She obviously has a name that is not related to me, Of course if AA did ask, I can justify it. I normally use my miles for my family vacations. There are sites where you can buy or sell miles, but again you run into the risk of losing your AA account privileges. My father and uncle used to own several Chinese Restaurants in California. We used to give out free appetizer for frequent customer with certain amount spent. This was an unwritten rule, and appreciated by our customers. If they resell these, we would not be too happy either. Customer data also are the most private and valuable commodity, and I think people are giving up more they realized.

  11. The airlines say the miles belong to them, not us? In that case, I’d like the airlines to give us (the taxpayers) back the money we gave them in the last couple years. After all, IT’S OUR MONEY, NOT THEIRS!

  12. Lots of business received government grants and loans. Do you tell your restaurants, hospitals, General Motors their money is your money? According to your logic, does your employers tell you how your money is theirs and how you should spend it?

  13. While I agree that this dustup suffers from a lack of creative problem solving, I just don’t see how your suggestion would be remotely sustainable: the moment TPG agrees to allow AA to market based on competitor data is the moment every other program terminates access. It’s the sort of agreement that you can’t allow everyone to have, but those without such an agreement have no reason to permit it. If it is true that loyalty transaction data has actionable value (which I agree with you), it makes it even more crazier that any program would allow TPG, let alone competitors, mine it for value.

  14. @Mike

    Not a one of those airline employees deserved the REDICULOUS handouts given to the airlines. Not one.

  15. @Mike

    See the recent Washington Post article:

    “Taxpayers spent billions bailing out airlines. Did the industry hold up its end of the deal?”

    Questions have emerged about what worked, and what didn’t, after one of Washington’s most powerful industries was propped up by federal money

  16. @Mike

    Are you seriously suggesting that the airlines receiving free handouts is the same as me receiving a paycheck from my employer for work performed??? What a JOKE!!!

  17. Clearly I’m not violating the terms of use when I sign into my AA account. What if I write a program that signs in for me? Would AA be able to stop me from running my program on my computer? What if I add the ability to check my miles balance, etc and keep that (along with similar information from my other accounts) in a file so all my information is in one place. Would AA be able to claim I can’t run my program on my computer?

    Now what if I give my program to a friend so he can do what I’m doing?

    Seems like AA is trying to regulate how I can and cannot log into and access the information in my account using my computer. Not only is it hard to imagine how having my program logging in represents a higher security risk that my logging myself in (or if it does the risk is to me not AA and I’m choosing to take that risk) but that AA should be able to tell me what programs I can and cannot write and run to access my account.

    Perhaps those of us that don’t want AA telling us how to use our computers should think about filing friend of the court briefs or risk having the airlines coming after everyone who dares to use Awardwallet to keep track of their, oops the airline’s miles that we earned or paid for.

  18. All these people complain about being hacked and then give their passwords to random companies! It is a security nightmare. This is the same reason I do not use Mint to logon to my bank accounts. The more companies that have access to your account, the greater chances of being hacked.

    And @Steve, yes AA can regulate who uses their computers. It is their data, their program. If you do not like it, you can use a different airline.

  19. Someone has no idea how government and airlines relationship work does it? Airlines routine received government funds for transporting government employees and maintaining scheduled flights even at flight that are empty. It’s much cheaper to keep the airlines flying them rather than having MAC to keep the regular schedule flights. I don’t know what they call it now days, when I was in the Army it was called SATO, government travel agency. They have access to issue tickets directly from all the legacy carriers, as they are all received subsidies. This is the old days when you needed a ticket to exchange for boarding. I flew frequently on Northwest Airlines to Okinawa and there were barely a few passengers, and almost always they were American Military Personnel and family members.

  20. @JohnC What you said about AA isn’t correct. They can write whatever they want into their terms of use. Whether a court would allow it to be enforced is an entirely different matter.

  21. I personally think that the points data is mine (not the airlines) and I should be able to allow whoever I want to access my data as my agent. The airlines should not have the right to interfere in the relationship.

Comments are closed.