Dyer v. Northwest Airlines

Citation: Dyer v. Northwest Airlines Corp., 334 F.Supp.2d 1196 (D.N.D. 2004).

Factual Background
After September 11, 2001, the National Aeronautical and Space Administration (NASA) requested that Northwest Airlines provide detailed passenger data to aid NASA’s research in airline security. In response, the airline provided the names, addresses and credit card information of passengers who flew on the airline between July and December of 2001. The airline did not attempt to get the passenger’s permission to give out their personal information.

In March 19. 2004, a group of airline passengers (Plaintiffs) brought a suit against Northwest Airlines (Defendants) in response to the production of their personal information to NASA.

Trial Court Proceedings
The Plaintiffs initiated the claim in state court, but at the Defendants’ request the case was transferred to federal court.

The Plaintiffs brought two claims. The first alleged that the airline violated the Electronic Communications Privacy Act (ECPA) by disclosing the passengers’ personal information to the government. The second alleged breach of contract asserting that the airline breached its privacy policy posted on their website when they released the customer information to the government.

The ECPA forbids any provider of electronic communication services or remote computing services (generally internet service providers or telecommunications companies that provide internet service) from: (1) divulging the contents of the communications in the service’s electronic storage (18 U.S.C. § 2702(a)(1)); and (2) divulging any customer information or stored communications to the government (18 U.S.C. § 2702(a)(3)). Subsequently, the Defendants filed a 12(b)(6) motion to dismiss for failure to state a claim.

Plaintiffs conceded that no claim existed under § 2702(a)(1), but continued to assert the § 2702(a)(3) claim and breach of contract claim.

Upon review, the District Court granted the Defendant’s 12(b)(6) motion on the grounds that: (1) the Plaintiffs did not have a valid claim under the ECPA because the airline was not an “electronic communications provider “ as defined within the ECPA. Since the airline does not provide access to the internet itself, and it merely sells goods and services over the internet it does not fall within the protection of the ECPA; and (2) the Plaintiffs’ breach of contract claim failed as a matter of law because: (i) the airline privacy policy did not constitute a contract because broad statements of company policy generally do not constitute contracts; (ii) the Plaintiffs failed to show that they had even read the privacy policy; and (iii) they did not provide a claim for damages.