Jan 27, 2024, 10:52 pm
AC files suit against seats.aero
Oct 19, 2023, 2:29 pm
#1
Moderator, Air Canada; FlyerTalk Evangelist
Original Poster
Join Date: Feb 2015
Location: YYC
Programs: AC SE MM, FB Plat, WS Plat, BA Silver, DL GM, Marriott Plat, Hilton Gold, Accor Silver
Posts: 16,778
AC files suit against seats.aero
As was recently speculated about in the cowtool reward search thread, AC has filed suit against seats.aero.
You can read the complaint for yourself here. It contains a fair amount of detail not only on the alleged scraping and why AC thinks this is wrong (being neither a coder nor a lawyer, the allegation about "forged" API credentials seems interesting to me - if you have to forge some credential to access this data, is it really publicly available in the way US courts have previously deemed acceptable?), but also on the measures AC has used to try to shut them down.
AC is also going after them for using the AC/Aeroplan name and logo.
Note: the creator of seats.aero has posted a reply in this thread.
You can read the complaint for yourself here. It contains a fair amount of detail not only on the alleged scraping and why AC thinks this is wrong (being neither a coder nor a lawyer, the allegation about "forged" API credentials seems interesting to me - if you have to forge some credential to access this data, is it really publicly available in the way US courts have previously deemed acceptable?), but also on the measures AC has used to try to shut them down.
AC is also going after them for using the AC/Aeroplan name and logo.
Note: the creator of seats.aero has posted a reply in this thread.
Last edited by Adam Smith; Oct 19, 2023 at 3:31 pm Reason: Add link
Oct 19, 2023, 2:38 pm
#4
Join Date: Jul 2013
Location: MLL / AC Cafe
Programs: It's hard to get status when the website won't let me book flights.
Posts: 5,706
Assuming they can prove the unauthorized access/impersonation, and that the brownouts were caused by the excessive load, they will likely be successful in getting damages as well.
Oct 19, 2023, 2:43 pm
#5
A FlyerTalk Posting Legend
Join Date: Sep 2012
Location: SFO
Programs: AC SE MM, BA Gold, SQ Silver, Bonvoy Tit LTG, Hyatt Glob, HH Diamond
Posts: 44,353
I've seen a lot of evidence of private "bots" for points brokers that I would think are hitting AC much harder than anything available to the public.
I don't care to comment on the law, but I'm happy to comment on the facts.
Oct 19, 2023, 2:46 pm
#6
Join Date: May 2013
Location: west coast best coast
Programs: TINDER GOLD, STARBUCKS GOLD, COSTCO EXECUTIVE!!
Posts: 3,989
16. As a result of its commitment to air travel, superior service, consumer experience. and its employees, Air Canada has earned numerous awards, including:
2024 APEX Five Star Global Airline Award
2024 APEX Five Star Global Airline Award
- Best Airline in Canada from Skytrax World Airline Awards
- Best Airline Staff in Canada from Skytrax World Airline Awards
Best Low-Cost Airline in Canada (Air Canada Rouge) from Skytrax World Airline
Awards - Favorite Airline in North America (Fifth Consecutive Year) from the Trazee Awards
- Best Airline for Onboard Entertainment for the fifth consecutive year from Global
Traveler - Passenger Choice Award for Best Entertainment in North America from the Airline
Passenger Experience Association (APEX)
Airline Program of the Year, Best Promotion and Best Redemption Ability for Air Canada's Aeroplan loyalty program from the Freddie Awards
Oct 19, 2023, 2:47 pm
#7
Join Date: Jul 2013
Location: MLL / AC Cafe
Programs: It's hard to get status when the website won't let me book flights.
Posts: 5,706
Well, the key is prove. You can claim whatever you want, but you have to be able to actually prove it did the harm they are claiming. However, they've engaged with some fantastic companies according to the suit, so I would assume, barring any gross negligence, they will be able to prove it.
Oct 19, 2023, 2:48 pm
#8
Join Date: Sep 2011
Location: Ideally YOW, but probably not
Programs: AC SE*MM
Posts: 1,827
I am not a lawyer so I can't comment on the trademark stuff or other claims, although from what I know of this area they seem specious.
But as a software engineer the technology part (from what I can read in the complaint) ... is some horseshit. There are technological solutions to this problem, but AC didn't implement them and basically tried to use an Akamai front end to block access (and and a robots.txt file - lol) along with some legalese on their webpage to claim that this isn't allowed. They're also not forging credentials, they're just altering the HTTP header which isn't a crime. Neither is screen scraping, which has been upheld repeatedly (https://www.eff.org/deeplinks/2022/0...peals-declares).
Whatever software engineer wrote up the technology part of the complaint for ACs lawyers should be ashamed of themselves. I hope this guy has the EFF on speed dial and I hope AC loses. If you don't want people grabbing this information put it behind an authenticated API call, not on the open internet.
But as a software engineer the technology part (from what I can read in the complaint) ... is some horseshit. There are technological solutions to this problem, but AC didn't implement them and basically tried to use an Akamai front end to block access (and and a robots.txt file - lol) along with some legalese on their webpage to claim that this isn't allowed. They're also not forging credentials, they're just altering the HTTP header which isn't a crime. Neither is screen scraping, which has been upheld repeatedly (https://www.eff.org/deeplinks/2022/0...peals-declares).
Whatever software engineer wrote up the technology part of the complaint for ACs lawyers should be ashamed of themselves. I hope this guy has the EFF on speed dial and I hope AC loses. If you don't want people grabbing this information put it behind an authenticated API call, not on the open internet.
Oct 19, 2023, 3:00 pm
#9
Join Date: Oct 2021
Location: BKK
Programs: AC*SE • LH*SEN • BA*G • AA*EXP • MB*A • WOH*G • HH*G
Posts: 188
Perhaps if AP had a search tool that actually offers a feature like 'calendar view', then maybe we wouldn't be anticipating such demand for tools like seats.aero to begin with.
...that's not to say demands for rooms.aero wouldn't exist, though.
...that's not to say demands for rooms.aero wouldn't exist, though.
Last edited by Jason77W; Oct 20, 2023 at 9:37 am
Oct 19, 2023, 3:02 pm
#10
Join Date: Jul 2013
Location: MLL / AC Cafe
Programs: It's hard to get status when the website won't let me book flights.
Posts: 5,706
I am not a lawyer so I can't comment on the trademark stuff or other claims, although from what I know of this area they seem specious.
But as a software engineer the technology part (from what I can read in the complaint) ... is some horseshit. There are technological solutions to this problem, but AC didn't implement them and basically tried to use an Akamai front end to block access (and and a robots.txt file - lol) along with some legalese on their webpage to claim that this isn't allowed. They're also not forging credentials, they're just altering the HTTP header which isn't a crime. Neither is screen scraping, which has been upheld repeatedly (https://www.eff.org/deeplinks/2022/0...peals-declares).
Whatever software engineer wrote up the technology part of the complaint for ACs lawyers should be ashamed of themselves. I hope this guy has the EFF on speed dial and I hope AC loses. If you don't want people grabbing this information put it behind an authenticated API call, not on the open internet.
But as a software engineer the technology part (from what I can read in the complaint) ... is some horseshit. There are technological solutions to this problem, but AC didn't implement them and basically tried to use an Akamai front end to block access (and and a robots.txt file - lol) along with some legalese on their webpage to claim that this isn't allowed. They're also not forging credentials, they're just altering the HTTP header which isn't a crime. Neither is screen scraping, which has been upheld repeatedly (https://www.eff.org/deeplinks/2022/0...peals-declares).
Whatever software engineer wrote up the technology part of the complaint for ACs lawyers should be ashamed of themselves. I hope this guy has the EFF on speed dial and I hope AC loses. If you don't want people grabbing this information put it behind an authenticated API call, not on the open internet.
While this doesn't let Air Canada off the hook for their lack of robust security measures, it does provide them with a stronger position in the lawsuit. Both parties seem to have lessons to learn here. Air Canada needs to up their technological game to prevent such incidents, and the scraper needs to recognize the ethical and legal boundaries of his actions.
Oct 19, 2023, 3:09 pm
#12
FlyerTalk Evangelist
Join Date: May 2015
Location: BOS, YVR, ZRH
Programs: *G
Posts: 17,405
Including the details about the Discord messages, the case against the scraper gains more weight. The individual was aware his activities were causing disruptions and took deliberate actions to circumvent barriers. This puts a different spin on the "open door" analogy. It's not just walking into an open house anymore; it's more like finding the door locked, then actively picking the lock to get in.
While this doesn't let Air Canada off the hook for their lack of robust security measures, it does provide them with a stronger position in the lawsuit. Both parties seem to have lessons to learn here. Air Canada needs to up their technological game to prevent such incidents, and the scraper needs to recognize the ethical and legal boundaries of his actions.
While this doesn't let Air Canada off the hook for their lack of robust security measures, it does provide them with a stronger position in the lawsuit. Both parties seem to have lessons to learn here. Air Canada needs to up their technological game to prevent such incidents, and the scraper needs to recognize the ethical and legal boundaries of his actions.
Oct 19, 2023, 3:14 pm
#13
Join Date: Aug 2014
Location: YYZ
Programs: Ex-Bonvoyed, Hyatt, Hilton, BR, AC, AA
Posts: 1,298
I just don't see a whole lot of merit in seats.aero's position. Air Canada has told them, in no uncertain terms, that their access is not welcomed and has put in barriers to accessing the relevant data. Saying it's "not very secure" isn't really a strong argument, anymore than I can break into a house and claim it's public because the lock isn't very good, when there's a huge sign outside saying no trespassing and an effort made at securing the property.
Oct 19, 2023, 3:15 pm
#14
Join Date: Apr 2013
Location: YVR
Programs: Ice Cream Club, AC SE MM, Bonvoy Life Plat
Posts: 2,803
Oct 19, 2023, 3:15 pm
#15
Join Date: Oct 2013
Location: YOW
Programs: AC SE, FOTSG Platinum
Posts: 5,731
They might well be worse, but if Seats is the only one with a legal entity AC can identify to pursue in court, they're going to be the lightning rod.