In Re JetBlue Airways Corp. Privacy Litigation

379 F. Supp. 2d 299, 2005 U.S. Dist. LEXIS 16002, 2005 WL 1813273

• Court: District Court, E.D. New York
• Decided: July 29, 2005
• Docket: 1:04-cv-01587
• Status: Published

Opinion

MEMORANDUM & ORDER

AMON, District Judge.

INTRODUCTION

A nationwide class of plaintiffs brings this action against JetBlue Airways Corporation (“JetBlue”), Torch Concepts, Inc. (“Torch”), Acxiom Corporation (“Acxiom”), and SRS Technologies (“SRS”) for alleged violations of the Electronic Communications Privacy Act of 1986 (“ECPA”), 18 U.S.C. § 2701, et seq. (1986), and violations of state and common law. Plaintiffs claim that defendants violated their privacy rights by unlawfully transferring their personal information to Torch for use in a federally-funded study on military base security. Plaintiffs seek a minimum of $1,000 in damages per class member, or injunctive relief to the extent that damages are unavailable, as well as a declaratory judgment. Defendants have moved to dismiss the Amended Complaint pursuant to Rule 12(b)(6) of the Federal Rules of Civil Procedure on the grounds that plaintiffs have failed to state a federal cause of action under the ECPA, that plaintiffs’ state law claims are federally preempted, and that plaintiffs have failed to state any claim under state law.

PROCEDURAL HISTORY

This case is a multidistrict consolidated class action. Initially, a total of nine putative class actions were brought, eight in the Eastern District of New York and one in the Central District of California, 1 on behalf of persons allegedly injured by Jet-Blue’s unauthorized disclosure of personally identifiable travel information. On February 24, 2004, the Judicial Panel on Multidistrict Litigation ordered, pursuant to 28 U.S.C. § 1407, that the action pending in the Central District of California be

transferred to this Court for coordinated or consolidated pretrial proceedings with the actions already pending in this district. Since that time, five more cases have been joined in the action. 2 The consolidated class filed its Amended Complaint in this Court on May 7, 2004.

STATEMENT OF FACTS

Unless otherwise indicated, the following facts set forth in plaintiffs’ Amended Complaint are presumed to be true for purposes of defendants’ motions to dismiss. JetBlue has a practice of compiling and maintaining personal information, known in the airline industry as Passenger Name Records (“PNRs”), on each of its adult and minor passengers. Information contained in PNRs includes, for example, passenger names, addresses, phone numbers, and travel itineraries. (Am. Compl. ¶ 38; PL’s Mem. at 4-5.) The PNRs are maintained, or temporarily stored, on JetBlue’s computer servers, and passengers are able to modify their stored information. (Am. Comply 39.) Acxiom, a world leader in customer and information management solutions, maintains personally-identifiable information on almost eighty percent of the U.S. population, including many Jet-Blue passengers, which it uses to assist companies such as JetBlue in customer and information management solutions. (Id. ¶ 22; PL’s Mem. at 4.)

The personal information that forms the basis of JetBlue’s PNRs is obtained from its passengers over the telephone and through its Internet website during the selection and purchase of travel arrangements. In order to encourage the provision of personal information in this manner, JetBlue created a privacy policy which provided that the company would use computer IP addresses only to help diagnose server problems, cookies to save consumers’ names, e-mail addresses to alleviate consumers from having to re-enter such data on future occasions, and optional passenger contact information to send the user updates and offers from JetBlue. (Am.Compl^ 36.) The JetBlue privacy policy specifically represented that any financial and personal information collected by JetBlue would not be shared with third parties and would be protected by secure servers. JetBlue also purported to have security measures in place to guard against the loss, misuse, or alteration of consumer information under its control. (Id. ¶ 37.)

In the wake of September 11, 2001, Torch, a data mining company similar to Acxiom, presented the Department of Defense (“DOD”) with a data pattern analysis proposal geared toward improving the security of military installations in the United States and possibly abroad. Torch suggested that a rigorous analysis of personal characteristics of persons who sought access to military installations might be used to predict which individuals pose a risk to the security of those installations. (Id. ¶ 42.) DOD showed interest in Torch’s proposal and added Torch as a subcontractor to an existing contract with SRS so that Torch could carry out a limited initial test of its proposed study. The SRS contract was amended to include airline PNRs as a possible data source in connection with Torch’s study. (Id. ¶ 43.) Because Torch needed access to a large national-level database of personal information and because no federal agencies approached by Torch would grant access to their own governmental databases, Torch indepen dently contacted a number of airlines in search of private databases that might contain adequate information tp serve its requirements. (Id. ¶¶ 43-^16.) These airlines declined to share their passengers’ personal information unless the Department of Transportation (“DOT”) and/or the Transportation Security Administration (“TSA”) were involved and approved of such data sharing. (Id. ¶ 46.)

Unable to obtain the data through its own devices, Torch asked members of Congress to intervene on its behalf with the airlines or federal agencies. (Id. ¶ 47.) Torch also contacted the DOT directly. (Id. ¶ 48.) Following a series of meetings, the DOT and the TSA agreed to assist Torch in obtaining consent from a national airline to share its passenger information. (Id. ¶ 51.) On July 30, 2002, the TSA sent JetBlue a written request to supply its data to the DOD, and JetBlue agreed to cooperate. (Id. ¶¶ 53-54.) In September 2002, JetBlue and Acxiom collectively transferred approximately five million electronically-stored PNRs to Torch" in connection with the SRS/DOD contract. (Id. ¶¶ 53, 55.) Then, in October 2002, Torch separately purchased additional data from Acxiom for use in connection with the SRS contract. This data was merged with the September 2002 data to create a single database of JetBlue passenger information including each passenger’s name, address, gender, home ownership or rental status, economic status, social security number, occupation, and the number of adults and children in the passenger’s family as well as the number of vehicles owned or leased. (Id. ¶ 56.) Using this data, Torch began its data analysis and created a customer profiling scheme designed to identify high-risk passengers among those traveling on JetBlue. (Id. ¶¶ 57-58.)

In- or about September 2003, government disclosures and ensuing public investigations concerning the data transfer to Torch prompted JetBlue Chief Executive Officer David Neelman to acknowledge that the transfer had been a violation of JetBlue’s privacy policy. (Id. ¶¶ 63, 65-66.) A class of plaintiffs whose personal information was among that transferred now brings this action against JetBlue, Torch, Acxiom, and SRS, seeking monetary damages, including punitive damages, and injunctive relief. (Id. ¶ 5.) Plaintiffs assert five causes of action against all defendants: (1) violation of the Electronic Communications Privacy Act of 1986 (“ECPA”), 18 U.S.C. § 2701, et seq., (2) violation of the New York General Business Law and other similar state consumer protection statqtes, (3) trespass to property, (4) unjust enrichment,.and (5) declaratory judgment. 3 In addition, plaintiffs bring a sixth claim for breach of contract against JetBlue. All defendants have moved for dismissal pursuant to Rule 12(b)(6) of the Federal Rules of Civil Procedure. Defendants argue that plaintiffs have failed to state a claim under federal or state law and that the state law claims asserted are expressly preempted by the Airline Deregulation Act, 49 U.S.C. § 41713(b) (1997), or impliedly preempted by the federal government’s pervasive occupation of the field of aviation security. The federal government filed a statement of interest arguing that no defendant violated the ECPA and urging dismissal of the federal claim.

DISCUSSION

I. Legal Standard for Rule 12(b)(6) Motion to Dismiss

In deciding a motion to dismiss pursuant to Rule 12(b)(6) of the Federal Rules of Civil Procedure for failure to state a claim upon which relief can be granted, a court must accept the factual allegations in the complaint as true and draw all reasonable inferences in favor of the plaintiff. See Press v. Chemical Inv. Servs. Corp., 166 F.3d 529, 534 (2d Cir.1999). The Court need not accept general, conclusory allegations as true, however, when they are belied by more specific allegations in the complaint. Hirsch v. Arthur Andersen & Co., 72 F.3d 1085, 1092 (2d Cir.1995). Dismissal is proper “only where it appears beyond doubt that the plaintiff can prove no set of facts in support of the claim which would entitle him to relief.” Scotto v. Almenas, 143 F.3d 105, 109-10 (2d Cir.1998) (quoting Branham v. Meachum, 77 F.3d 626, 628 (2d Cir.1996)). With these standards in mind, the Court turns to analysis of the claims raised in plaintiffs’ Amended Complaint.

II. Electronic Communications Privacy Act

Plaintiffs allege that all defendants violated § 2702 of the Electronic Communications Privacy Act of 1986 (“ECPA”), 18 U.S.C. § 2701, et seq. (1986), by divulging stored passenger communications without the passengers’ authorization or consent. 4 (Am.CompLIffl 74-84.) Section 2702 provides, in pertinent part, that:

(1) a person or entity providing an electronic communication service to the public shall not knowingly divulge to any person or entity the contents of a communication while in electronic storage by that service ...

(2) a person or entity providing remote computing service to the public shall not knowingly divulge to any person or entity the contents of any communication which is carried or maintained on that service....

18 U.S.C. § 2702(a). The statute defines “electronic communication service” as “any service which provides to users the ability to send or receive wire or electronic communications.” 18 U.S.C. § 2510(15). The term “electronic communication” includes “any transfer of signs, signals, writing, images, sounds, data, or intelligence of any nature transmitted in whole or in part by wire, radio, electronic, photoelectronic or photoptical system that affects interstate or foreign commerce.” 5 18 U.S.C. § 2510(12). “[R]emote computing service” refers to “the provision to the public of computer storage or processing services by means of an electronic communication system.” 18 U.S.C. § 2711(2).

Plaintiffs allege that the JetBlue Passenger Reservation Systems 6 constitute an “electronic communication service” within the meaning of the statute. (Am. Comply 76.) Plaintiffs argue that, on a Rule 12(b)(6) motion to dismiss, this Court should not go beyond this allegation in evaluating the merits of their claim. (Pl.’s Mem. at 12-13.) JetBlue, supported by a Statement of Interest filed by the federal government, counters that plaintiffs have failed to state a viable claim under the ECPA, because § 2702 applies only to persons or entities providing a remote computing service or electronic communication service to the public and, as a commercial airline, it provides neither of these. Torch, Acxiom, and SRS argue that, for the same reasons, they too are outside the scope of § 2702. Plaintiffs’ claim against those defendants rests on a theory of aiding and abetting or conspiracy with Jet-Blue. (See Tr. of Oral Argument at 65.)

The starting point for statutory analysis is the plain meaning of the language of the statute. United States v. Ripa, 323 F.3d 73, 81 (2d Cir.2003). “In ascertaining the plain meaning of the statute, [a] court must look to the particular statutory language at issue, as well as the language and design of the statute as a whole.” K Mart Corp. v. Cartier, Inc., 486 U.S. 281, 291, 108 S.Ct. 1811, 100 L.Ed.2d 313 (1988). In this case, the plain meaning of the statute supports defendants’ interpretation. The term “electronic communication service,” as defined, refers to a service that provides users with capacity to transmit electronic communications. 7 Although JetBlue operates a website that receives and transmits data to and from its customers, it is undisputed that it is not the provider of the electronic communication service that allows such data to be transmitted over the Internet. Rather, JetBlue is more appropriately characterized as a provider of air travel services and a consumer of electronic communication services. 8 The website that it operates, like a telephone, enables the company to communicate with its customers in the regular course of business. Mere operation of the website, however, does not transform JetBlue into a provider of internet access, just as the use of a telephone to accept telephone reservations does not transform the company into a provider of telephone service. Thus, a company such as JetBlue does not become an “electronic communication service” provider simply because it maintains a website that allows for the transmission of electronic communications between itself and its customers.

This reading of the statute finds substantial support in the case law. Although the Second Circuit has not yet had occasion to construe the term “electronic communication service,” a number of courts in this and other circuits have done so, some in cases factually similar to this case. The weight of this persuasive authority holds that companies that provide traditional products and services over the Internet, as opposed to Internet access itself, are not “electronic communication service” providers within the meaning of the ECPA. 9 In Crowley v. Cybersource Corp., the court held that online merchant Amazon.com was not an electronic communication service provider despite the fact that it maintained a website and receives electronic communications containing personal information from its customers in connection with the purchase of goods. 166 F.Supp.2d 1263 (N.D.Cal.2001). Similarly, in Andersen Consulting LLP v. UOP, the court drew a distinction between companies that purchase Internet services and those that furnish such services as a business, and found that a company that purchases Internet services, such as e-mail, just like any other consumer, is not an electronic communication service provider within the meaning of the ECPA. 991 F.Supp. 1041, 1043 (N.D.Ill.1998).

Relying on these authorities, a number of courts have specifically addressed the applicability of the term “electronic communication service” to national airlines that operate on-line reservations systems similar to that maintained by JetBlue. Almost without exception, 10 those courts have concluded that the term does not encompass companies that sell air travel over the Internet but are not in the business of selling Internet access itself. See Copeland v. Northwest Airlines Corp., No. 04-2156 MW (W.D.Tenn. Feb. 28, 2005) (agreeing with the reasoning of numerous courts that have found that the ECPA does not apply to businesses selling their products and services over the Internet); Dyer v. Northwest Airlines Corporations, 334 F.Supp.2d 1196, 1199 (D.N.D.2004) (“[Bjusinesses offering their traditional products and services online through a website are not providing an ‘electronic communication service’.”); In re Northwest Airlines Privacy Litigation, 2004 WL 1278459, at *2 (D.Minn. June 6, 2004) (“Defining electronic communication service to include online merchants or service providers like Northwest stretches the ECPA too far.”). The facts underlying those cases are indistinguishable from those present here.

Plaintiffs argue that the decisions in the Northwest Airlines cases are not persuasive because they rely on questionable and inapposite authorities. Specifically, plaintiffs observe that the cases rest heavily on Crowley, which in turn rests principally on Andersen. Because Andersen concerned a company that only provided e-mail services to a hired contractor for use in connection with a specific project, and because that company did not provide the general public with the ability to send or receive wire or electronic communications, plaintiffs argue that the import of the ease is limited to private communications loops and does not reach the JetBlue or Amazon.com models, which, through their websites, offer their products and services to the public at large. However, apart from considering the limited scope of the e-mail system at issue, the Andersen case also addressed the significance under the ECPA of the fact that Andersen, the hired contractor, could communicate with third-parties over the Internet using the e-mail capabilities provided by the defendant company. The court held that “[t]he fact that Andersen could communicate to third-parties over the Internet and that third-parties could communicate with it did not mean that [the hiring company] provided an electronic communication service to the public.” Andersen, 991 F.Supp. at 1043. Indeed, as discussed, the hiring company was not considered an independent provider of Internet services for the simple reason that, like any other consumer, it had to purchase Internet access from an electronic communication service provider. Id. This particular distinction did not turn on the existence of there being a private communication loop.

Notably, the only court within the Second Circuit to have considered the meaning of the term “electronic communication service” reached a result similar to that in Andersen and Crowley without relying on those cases. See In re Doubleclick Inc. Privacy Litigation, 154 F.Supp.2d 497 (S.D.N.Y.2001). Grounding its analysis in the wording of the statute itself, the Doub-leclick court began by identifying “Internet access” as the relevant “electronic communication service,” or “service which provides to users thereof the ability to send or receive wire or electronic communications.” Id. at 508. Examples of providers in the Internet world, the court determined, include such internet service providers as “America Online, Juno and UUNET, as well as, perhaps, the telecommunications companies whose cables and phone lines carry the traffic.” Id. at 511 n. 20; see also Dyer, 334 F.Supp.2d at 1199 (“The ECPA definition of ‘electronic communications service’ clearly includes internet service providers such as America Online, as well as telecommunications companies whose cables and phone lines carry internet traffic.”). Websites, by contrast, were held to be “users” of the “electronic communication service” of Internet access. Doubleclick, 154 F.Supp.2d at 508-09.

Plaintiffs’ attempt to distinguish the case law is unavailing. They contend that Doubleclick and Crowley bear little if any relation to this case because the plaintiffs in those cases failed to allege that any party was a provider of an electronic communication service. (Pl.’s Mem. at 13; Tr. of Oral Argument at 40.) Although it is true that the plaintiffs in Crowley initially failed to make such an allegation, it is clear from the court’s opinion that they ultimately did argue that Amazon.com is an electronic communication service provider. That argument was considered by the court and rejected on the merits. Crowley, 166 F.Supp.2d at 1270. And though the plaintiffs in Doubleclick did not allege that any party was an electronic communication service provider, see Doubleclick, 154 F.Supp.2d at 511 n. 20, the court had cause to undertake a detailed analysis of the meaning of the term as set forth in § 2510(15) of the ECPA. See id. at 508-12. As § 2510(15) contains the sole definition of “electronic communication service” that applies throughout the statute, the Double-Click court’s analysis of that term is relevant to the instant case.

Based upon the foregoing, this Court finds as a matter of law that JetBlue is not an electronic communication service provider within the meaning of the ECPA. The Court notes plaintiffs’ argument that dismissal of the ECPA claim on a 12(b)(6) motion is premature because discovery is needed to understand the flow of information between the potential airline customer and JetBlue but finds it unpersuasive. (Tr. of Oral Argument at 38, 42.) Regardless of how the data is stored and transmitted, plaintiffs have not alleged facts that could give rise to a finding that Jet-Blue is an electronic communication service provider within the meaning of the ECPA.

Plaintiffs have also failed to establish that JetBlue is a remote computing service. Plaintiffs simply make the allegation without providing any legal or factual support for such a claim. As discussed, the term “remote computing service” is defined in the ECPA as “the provision to the public of computer storage or processing services by means of an electronic communication system.” 18 U.S.C. § 2711(2). The statute’s legislative history explains that such services exist to provide sophisticated and convenient data processing services to subscribers and customers, such as hospitals and banks, from remote facilities. See S.Rep. No. 99-541 (1986), reprinted in 1986 U.S.C.C.A.N. 3555, 3564. By supplying the necessary equipment, remote computing services alleviate the need for users of computer technology to process data in-house. See id. Customers or subscribers may enter into time-sharing arrangements with the remote computing service, or data processing may be accomplished by the service provider on the basis of information supplied by the subscriber or customer. Id. at 3564-65. Although plaintiffs allege that JetBlue operates a website and computer servers (Am. Compile 36, 39), no facts alleged indicate that JetBlue provides either computer processing services or computer storage to the public. As such, under the plain meaning of the statute, JetBlue is not a remote computing service.

For the foregoing reasons, JetBlue as a matter of law is not liable under § 2702 of the ECPA. Because the sole basis for plaintiffs’ ECPA claim against Torch, Acx-iom, and SRS is an aiding and abetting or conspiracy theory, the claim against those defendants cannot stand absent liability on the part of JetBlue. Accordingly, all defendants’ motions to dismiss are granted with respect to the ECPA claim.

III. Supplemental Jurisdiction

In addition to the federal statutory claim, plaintiffs bring three state and common law claims against defendants Torch, Aexiom, and SRS and four state and common law claims against JetBlue. As a general rule, “where federal law claims are dismissed before trial, the state claims should be dismissed as well.” Marcus v. AT&T Corp., 138 F.3d 46, 57 (2d Cir.1998); see also Valencia ex rel. Franco v. Lee, 316 F.3d 299, 305 (2d Cir.2003) (“[I]n the usual case in which all federal-law claims are eliminated before trial, the balance of factors to be considered under the pendent jurisdiction doctrine—judicial economy, convenience, fairness, and comity—will point toward declining to exercise jurisdiction over the remaining state-law claims.”). “Dismissal of the pendent state law claims is not, however, ‘absolutely mandatory.’ ” Marcus, 138 F.3d at 57 (quoting Baylis v. Marriott Corp., 843 F.2d 658, 665 (2d Cir.1988)); see also United Mine Workers of America v. Gibbs, 383 U.S. 715, 726, 86 S.Ct. 1130, 16 L.Ed.2d 218 (1966) (pendent jurisdiction is “a doctrine of discretion”); Valencia, 316 F.3d at 305 (“In providing that a district court ‘may’ decline to exercise [supplemental] jurisdiction, [28 U.S.C. § 1367(a)] is permissive rather than mandatory.”). Though a district court’s discretion to exercise supplemental jurisdiction is “not boundless,” Valencia, 316 F.3d at 305, the doctrine of pendent jurisdiction is “designed to allow courts to deal with cases involving pendent claims in the manner that most sensibly accommodates a range of concerns and values.” Carnegie-Mellon v. Cohill, 484 U.S. 343, 350, 108 S.Ct. 614, 98 L.Ed.2d 720 (1988).

In Valencia, the Second Circuit set forth factors that a district court should consider when deciding whether to exercise supplemental jurisdiction after all federal law claims have been dismissed from a case. See Valencia, 316 F.3d at 305-06; Drake v. Laboratory Corp. of America Holdings, 323 F.Supp.2d 449, 453 (E.D.N.Y.2004) (discussing Valencia). These factors include: (1) whether state law claims implicate the doctrine of preemption; (2) considerations of judicial economy, convenience, fairness, and comity, including the stage of proceedings when the federal claims are dismissed; (3) the existence of novel or unresolved questions of state law; and (4) whether the state law claims concern the state’s interest in the administration of its government or require the balancing of numerous important state government policies. Id.; see also Baylis, 843 F.2d at 665 (“One factor that may sometimes favor retaining pendent jurisdiction is when a state claim is closely tied to questions of federal policy and where the federal doctrine of preemption may be implicated.”).

In this case, defendants advocate the exercise of pendent jurisdiction on two grounds. First, defendants note that federal preemption doctrine is substantially implicated in the resolution of any state law claims. Although not determinative, this is “an important factor supporting the exercise of supplemental jurisdiction.” Drake, 323 F.Supp.2d at 454 (citing Valencia for the proposition that the Second Circuit has upheld the retention of jurisdiction where “the remaining state law claims implicate[d] the doctrine of preemption”); Charley v. St. John’s Queens Hosp., 869 F.2d 160, 167 n. 4 (2d Cir.1989) (“While not determinative, the implication of federal labor policy and preemption issues would lend support to a decision by the district to exercise pendent jurisdiction over a state law claim.”); Marcus, 138 F.3d at 57 (“Because the remaining state law claims implicate the doctrine of preemption, we cannot say that the district court’s exercise of supplemental jurisdiction in this case was an abuse of its discretion.”). Second, defendants contend that a decision to decline supplemental jurisdiction would frustrate the purpose of multi-district litigation to conserve resources by consolidating claims raised in courts around the country that address the same operative facts. This argument obviously goes to the matter of judicial economy and counsels in favor of the exercise of supplemental jurisdiction. Plaintiffs counter, citing basic principles of supplemental jurisdiction doctrine, that the Court should decline to exercise jurisdiction in the event that the federal claim is dismissed. Plaintiffs do not analyze the question in terms of the factors set forth in Valencia.

The Court concludes that the primacy of preemption questions raised, combined with the objectives underlying multi-dis-trict litigation, make it appropriate to exercise supplemental jurisdiction in this case. In addition, the case does not raise novel or unresolved questions of state law that are best reserved for state courts, nor does it implicate competing state policies or matters of state governance. Accordingly, the balance of factors set forth in Valencia counsels in favor of this Court’s retention of supplemental jurisdiction. The Court therefore accepts supplemental jurisdiction over the question of preemption as well as all state and common law claims that are not deemed preempted by federal law. See Axess Intern., Ltd. v. Intercargo Ins. Co., 183 F.3d 935, 943 (9th Cir.1999) (a district court lacks the power to adjudicate affirmative defense of preemption if it declines to exercise supplemental jurisdiction over state law claims).

IV. Federal Preemption of State and Common Laiu Claims

The Supremacy Clause of the United States Constitution provides that federal law “shall be the supreme Law of the Land; ... any Thing in the Constitution or Laws of any State to the Contrary notwithstanding.” U.S. Const. Art. VI, cl. 2. Accordingly, “[u]nder the doctrine of preemption, a corollary to the Supremacy Clause, any state or municipal law that is inconsistent with federal law is without effect.” Greater New York Metro. Food Council, Inc. v. Giuliani, 195 F.3d 100, 104-05 (2d Cir.1999) (abrogated on other grounds); see also Cipollone v. Liggett Group, Inc., 505 U.S. 504, 516, 112 S.Ct. 2608, 120 L.Ed.2d 407 (1992) (“state law that conflicts with federal law is ‘without effect’ ”). In light of principles of federalism, there is, however, a presumption against preemption. See New York State Conf. of Blue Cross & Blue Shield Plans v. Travelers Ins. Co., 514 U.S. 645, 654, 115 S.Ct. 1671, 131 L.Ed.2d 695 (1995). “Consideration of issues arising under the Supremacy Clause start[s] with the assumption that the historic police powers of the States [are] not to be superseded by ... Federal Act unless that [is] the clear and manifest purpose of Congress.” Cipollone, 505 U.S. at 516, 112 S.Ct. 2608, 120 L.Ed.2d 407 (1992) (quoting Rice v. Santa Fe Elevator Corp., 331 U.S. 218, 230, 67 S.Ct. 1146, 91 L.Ed. 1447 (1947) (internal quotation marks omitted)). Congressional intent is therefore “the ultimate touchstone of pre-emption analysis.” Id.; see also FMC Corp. v. Holliday, 498 U.S. 52, 56, 111 S.Ct. 403, 112 L.Ed.2d 356 (1990) (“In determining whether federal law preempts a state statute, we look to congressional intent.”).

There are two basic types of preemption, express and implied. See Cipollone, 505 U.S. at 516, 112 S.Ct. 2608. Express preemption is achieved by way of an explicit statement in a statute’s language, or an “express congressional command.” Id. Implied preemption occurs either when state law actually conflicts with federal law (i.e., conflict preemption), or “if federal law so thoroughly occupies a legislative field as to make reasonable the inference that Congress left no room for the States to supplement it” (i.e., field preemption). Id. (citations and internal quotation marks omitted). In this case, defendants argue that plaintiffs’ claims are both expressly and impliedly preempted. Each argument is addressed in turn.

A. Express Preemption

The Airline Deregulation Act of 1978 (“ADA”) contains an express preemption clause, which provides that states “may not enact or enforce a law, regulation, or other provision having the force and effect of law related to a price, route, or service of an air carrier....” 49 U.S.C. § 41713(b) (1997). In this case, plaintiffs allege that the collection of certain of their personal information under a false promise of privacy violated New York General Business Law § 349 and other similar state statutes, and that dissemination of the same information without their knowledge or consent amounted to breach of contract, trespass to property, and unjust enrichment. Defendants argue that plaintiffs’ state and common law claims are all preempted by the express preemption provision of the ADA.

The Supreme Court has twice visited the question of express preemption by the ADA clause. First, in Morales v. Trans World Airlines, the Court determined that fare advertising provisions of guidelines promulgated by the National Association of Attorneys General (“NAAG”), which explained in detail how existing state laws applied to airline industry advertising and frequent flyer programs, were preempted. 504 U.S. 374, 379, 391, 112 S.Ct. 2031, 119 L.Ed.2d 157 (1992). At issue in the case was an effort by several states to apply their general consumer protection laws to halt allegedly deceptive airline advertisements that were inconsistent with standards articulated in the guidelines. Id. at 378-79, 112 S.Ct. 2031. In reaching its decision, the Court determined that the phrase “relating to” as used in the ADA clause means “having a connection with or reference to” such that the statute expressly preempts state enforcement actions having a connection with or reference to airline rates, routes, or services. Id. at 384, 112 S.Ct. 2031. Because “the obligations imposed by the [NAAG] guidelines would have a significant impact upon the airlines’ ability to market their product, and hence a significant impact upon the fares they charge,” id. at 390, 112 S.Ct. 2031, they were found to “relate to” airline rates and therefore were deemed preempted. Id. In so holding, the Court made clear that it did not intend to preempt all state laws as applied to airlines, as “[s]ome state actions may affect [airline fares] in too tenuous, remote, or peripheral a manner” to have pre-emptive effect. Id.

Thereafter, in American Airlines, Inc. v. Wolens, the Supreme Court determined that the ADA clause also preempted claims under the Illinois Consumer Fraud and Deceptive Business Practices Act (“Consumer Fraud Act”), 815 Ill. Comp. State. § 505 (1992), concerning frequent flyer program modifications that devalued credits that members had already earned. 513 U.S. 219, 228, 115 S.Ct. 817, 130 L.Ed.2d 715 (1995). Calling the Illinois law “paradigmatic of the consumer protection legislation underpinning the NAAG guidelines” at issue in Morales, the Court ruled that those guidelines “highlight the potential for intrusive regulation of airline business practices inherent in state corn sumer protection legislation typified by the Consumer Fraud Act.” Id. at 227-28, 115 S.Ct. 817. Thus, “[i]n light of ... the ADA’s purpose to leave largely to the airlines themselves, and not at all to the States, the selection and design of marketing mechanisms appropriate to the furnishing of air transportation services,” the Court held the claims preempted. Id. at 228, 115 S.Ct. 817. More generally, the Court ruled “that the ADA’s preemption prescription bars state-imposed regulation of air carriers....” Id. at 222, 115 S.Ct. 817.

The Wolens court drew a distinction, however, based upon the nature of the claims advanced by the plaintiff. In concluding that a claim for breach of contract was not preempted, the Court determined, as a general rule, that the ADA does not preclude adjudication of a contractual claim where the suit seeks recovery “solely for the airline’s alleged breach of its own, self-imposed undertakings” and does not allege violation of any state-imposed obligations. Id. at 228, 115 S.Ct. 817. Thus, while the ADA preemption clause “stops States from imposing their own substantive standards with respect to rates, routes, or services,” it does not prevent them “from affording relief to a party who claims and proves that an airline dishonored a term the airline itself stipulated.” Id. at 232-33, 115 S.Ct. 817. Courts may therefore be called upon to enforce the parties’ bargain “with no enlargement or enhancement based on state laws or policies external to the agreement.” Id. at 233, 115 S.Ct. 817. Where, however, the adjudication of a contract claim requires reference to state laws or policies, that claim may be preempted. See id.

In its most thorough analysis to date of the ADA preemption clause, the Second Circuit commented on the difficulty of applying the clause, noting that it sets forth an “illusory test” that defies bright line rules and can only be applied on a case-by-case basis. See Abdu-Brisson v. Delta Airlines, Inc., 128 F.3d 77, 85-86 (2d Cir.1997) (quoting California Div. of Labor Standards Enforcement v. Dillingham Const., N.A, Inc., 519 U.S. 316, 335, 117 S.Ct. 832, 136 L.Ed.2d 791 (1997) (Scalia, J., concurring) (labeling the ERISA preemption clause an “illusory test”)); see also Travel All Over The World v. Kingdom of Saudi Arabia, 73 F.3d 1423, 1433 (7th Cir.1996) (“Morales does not permit us to develop broad rules concerning whether certain types of common-law claims are preempted by the ADA. Instead, we must examine the underlying facts of each case to determine whether the particular claims at issue ‘relate to’ airline rates, routes or services.”). According to Abdu-Brisson, a court must inquire into the purpose, or objectives, behind the federal statute in question, here the ADA. See Abdu-Brisson, 128 F.3d at 82. “In possible preemption areas where common federal and state interests exist, courts should seek, if possible, some reasonable and uniform accommodation which does not frustrate either the full congressional purposes and objectives or state policies ...” Id. at 86. Where this is not possible, and where the relation of state laws to airline rates, routes and services is not merely tenuous/remote, or peripheral, then federal law must prevail. Id. “Although the policies behind the ADA are several, the primary motivation for the reform — as the name of the statute indicates — was to deregulate the industry.” Id. at 84. The statute “was based on a Congressional assumption that maximum reliance on competitive market forces would best further efficiency, innovation, and low prices as well as variety [and] quality ... of air transportation services ....” Id. (quoting Morales, 504 U.S. at 378, 112 S.Ct. 2031, and 49 U.S.C.A. §§ 40101(a)(6) & 40101(a)(12) (2000) (internal quotation marks omitted)). Thus, the chief objective driving enactment of the statute was competition among airlines. Abdu-Brisson, 128 F.3d at 84. And the purpose animating the preemption clause was “[t]o ensure that the States would not undo federal deregulation with regulation of their own....” Morales, 504 U.S. at 378, 112 S.Ct. 2031.

This understanding led the Second Circuit to reverse a district court determination that the ADA preempted an age discrimination claim brought under state and city human rights laws. See Abdu-Brisson, 128 F.3d at 80. The district court below had concluded that claims involving medical benefit and pay scale provisions sufficiently related to airline prices, and that claims regarding the personnel seniority list related to services inasmuch as they would impact transportation itself by disrupting flight deck relationships and causing turmoil among the airline’s pilots. Id. at 81-82. Describing the district court’s analysis as “not unreasonable considering the difficulties inherent in applying the imprecise ADA preemption standard,” the Circuit held that “the district court’s approach would sweep too many state regulatory statutes under the rug of ADA preemption.” Id. at 82. In reaching its decision, the Circuit noted the Supreme Court’s recent narrowing of the ERISA preemption provision and drew analogies to the ADA provision based on similar language. Id. “Related to,” the Circuit held, “appears to be developing, to some degree, to mean whether state law actually ‘interferes’ with the purposes of the feder al statute, in this case airline deregulation.” 11 Id. (citing Travelers Ins. Co., 514 U.S. at 655, 115 S.Ct. 1671).

For a claim to be preempted, however, the underlying state law need not expressly refer to air carrier rates, routes or services. Rather, as established by Wolens and Morales, a claim is preempted if application of the state rule of decision would have a significant economic effect upon airline rates, routes, or services. United Airlines, Inc. v. Mesa Airlines, Inc., 219 F.3d 605, 609 (7th Cir.2000) (Easterbrook, J.); Travel All Over The World, 73 F.3d at 1432.

1. Neiv York General Business Law and Other State Consumer Protection Statutes

Plaintiffs claim that, in violation of the New York General Business Law and other consumer protection statutes, 12 all defendants engaged in unfair or deceptive acts and practices by knowingly and surreptitiously conspiring to obtain and by obtaining, maintaining, and manipulating class members’ personal data that was received in direct violation of JetBlue’s privacy policy. (Am.Compl.1ffl 93-94.) This claim fits squarely within the range of state law actions that the Supreme Court concluded, in Wolens and Morales, are expressly preempted by the ADA, because it represents a direct effort to regulate the manner in which JetBlue communicates with its customers in connection with reservations and ticket sales, both of which are services provided by the airline to its customers. See In re Northwest, 2004 WL 1278459, at *4 (privacy policy-related claims under the Minnesota Deceptive Trade Practices Act “at least relate to Northwest’s services”); Copeland, No. 04-2156 Ml/v, at 8 (claims against Northwest under the Tennessee Consumer Protection Act concerning disclosure of passengers’ personal information are expressly preempted by the ADA); Travel All Over The World, 73 F.3d at 1434 (airline “services” include ticketing as well as the transportation itself); Hodges v. Delta Airlines, Inc., 44 F.3d 334, 336 (5th Cir.1995) (en banc) (ticketing is an element of the air carrier service bargain that Congress intended to deregulate and broadly protect from state regulation).

Where a state law claim is said to relate to an airline service, courts in this and other circuits apply a tripartite test for preemption set forth in Rombom v. United Air Lines, Inc., 867 F.Supp. 214 (S.D.N.Y.1994) (Sotomayor, D.J.). See Donkor v. British Airways, Corp., 62 F.Supp.2d 963, 972 n. 5 (E.D.N.Y.1999) (collecting federal district court and appellate cases that cite the Rombom test). First, a court must determine “whether the activity at issue in the claim is an airline service.” Rombom, 867 F.Supp. 214 at 221. Second, “[i]f the activity impli cates a service, the court must then determine whether the claim affects the airline service directly or tenuously, remotely, or peripherally.” Id. at 222. If the effect is only incidental, the state law claim is not preempted. Id. Where the activity in question directly implicates a service, the court should proceed to the third prong of the preemption inquiry, “whether the underlying tortious conduct was reasonably necessary to the provision of the service.” Id. If the challenged conduct did not occur during the course of the service in question or did not further the provision of the service in a reasonable manner, then there is no express preemption and the state court action should continue. Id. The Rombom court observed that this three-factor analysis is important because “[c]on-fining the question of whether the tasks implicated in the complaint ... are services under the [ADA] is inadequate.” Id. at 221. “The manner in which an ... activity is conducted also bears on the question of preemption.” Id.

Applying the Rombom test to the facts of this case, the first prong is clearly satisfied. As this claim concerns the lawfulness of representations made by Jet-Blue in the course of communicating with potential passengers, the relevant activity for purposes of preemption analysis is the provision of reservations and the sale of tickets to travel with JetBlue. In arguing that the service in question is the disclosure of passenger data for use in a military base security study, plaintiffs misconstrue the issue. (See Pl.’s Mem. at 32-33.) The second prong is also met, as an attempt to regulate the representations and commitments that JetBlue makes in connection with reservations and ticket sales directly affects the airline’s provision of those services. Finally, the third prong is satisfied because the communication of company policy concerning data collection and disclosure is reasonably necessary to the facilitation of reservations and ticket sales. In this regard, it is important to note that although the unauthorized disclosure of plaintiffs’ personal information is at issue in this § 349 claim, the principal focus of the claim is the allegedly deceptive steps taken to obtain that information. Thus, the complained-of conduct did occur in the course of the provision of the service of reservations and ticket sales, and as stated, the communication of company policy with respect to collection and use of data obtained in the course of that service is reasonably related to the provision of the service. Because the Court finds that this claim is preempted based on its relation to JetBlue’s services, the Court need not address the argument that it is also preempted by virtue of its relation to JetBlue’s rates and routes.

2. Common Law Claims

In addition to the state statutory claims, plaintiffs bring a claim for breach of contract against JetBlue and claims for trespass to property and unjust enrichment against all defendants. As set forth below, none of these claims is preempted. The breach of contract claim falls within the exception carved out in Wolens for the enforcement of self-imposed contractual undertakings. Neither of the tort claims relates to JetBlue’s rates, routes, or services in the same way that the state statutory claim does.

a. Breach of Contract

The basis for plaintiffs’ breach of contract claim is the allegation that JetBlue’s published privacy policy constitutes a self-imposed contractual obligation by and between the airline and the consumers with whom it transacted business, including plaintiffs and the members of the class. (Am.CompU 88.) Plaintiffs further allege that JetBlue breached this contract when it disclosed its passengers’ personal information, without their consent, in violation of its privacy policy. (Id. ¶ 90.) JetBlue argues that this claim is preempted because the Court will have to resort to external sources of law, including federal regulations, 13 to determine if the privacy policy became a term in the Contract of Carriage. (JetBlue Reply Mem. at 18-19.) JetBlue also argues that, if that the privacy statement is determined to constitute a contract, the Court will have to look outside the “terms” of that contract, to state law damages schemes, to determine recoverable damages. (JetBlue Mem. at 22; JetBlue Reply Mem. at 19.) In JetBlue’s view, “even a self-imposed undertaking that requires resort to state law to address its breach is, by that resort to state law, preempted.” (JetBlue Mem. at 22.)

These arguments are misplaced. In Wolens, the Supreme Court sought to preclude states from undoing federal deregulation of the airline industry. In carving out the exception for the enforcement of contracts, the Court recognized that the application of state law to honor private bargains does not threaten to undermine federal deregulation in the same way that enforcement of state public policy would. See generally Fondo v. Delta Airlines, Inc., 2001 WL 604039, at *2 (S.D.N.Y. May 31, 2001) (“[P]rivate contractual agreements and common law remedies for their breach do not implicate state policies enacted for the purpose of regulating airlines.”) This explains, for example, why the ADA preempts many claims for punitive damages, which tend to implicate public policies, see Travel All Over The World, 73 F.3d at 1432 n. 8, and may not be awarded in New York breach of contract cases unless public rights are involved, Norman v. Trans World Airlines, Inc., 2000 WL 1480367, at *6, 2000 U.S. Dist. LEXIS 14618, at *19-20 (S.D.N.Y. Oct. 5, 2000) (citing Durham Indus., Inc. v. North River Ins. Co., 673 F.2d 37, 41 (2d Cir.1982), ce rt. denied, 459 U.S. 827, 103 S.Ct. 61, 74 L.Ed.2d 64 (1982)), but generally does not preempt claims for compensatory damages.

JetBlue’s suggestion that courts may never look to generalized canons of contract interpretation to determine the parameters of private agreements without implicating the doctrine of preemption is unsupportable. If JetBlue’s position were correct, there would be very little left of the Wolens exception, as most contractual arrangements that become the subject of litigation present some question that requires resort to general principles of state contract law. The critical distinction between principles of contract law that fall within and without the Wolens exception is whether they “seek to effectuate the intent of the parties rather than the State’s public policies.” See In re EVIC Class Action Litigation, Inc., 2002 WL 1766554, at *9 (S.D.N.Y. July 31, 2002) (quoting Wolens, 513 U.S. at 233 n. 8, 115 S.Ct. 817).

The relief plaintiffs seek in connection with the breach of contract claim is limited to actual damages. 14 (See Am. Compl. ¶ 91.) Resolution of this claim will require the Court to determine whether the privacy policy gave rise to a contractual obligation and, if so, what damages rules apply. These determinations must be made with reference to state law, but that state law does not impose any substantive standards with respect to airline rates, routes, or services. See Wolens, 513 U.S. at 232-33, 115 S.Ct. 817 (holding that the ADA preemption clause “stops States from imposing their own substantive standards with respect to rates, routes, or services, but not from affording relief to a party who claims and proves that an airline dishonored a term the airline itself stipulated”); see also Mesa Airlines, Inc., 219 F.3d at 609 (“When all a state does it use [rules against force and fraud] to determine whether [a contractual] agreement was reached, ... it transgresses no federal rule.”). Accordingly, plaintiffs’ breach of contract claim is not expressly preempted by the ADA, and JetBlue’s motion to dismiss this claim as preempted is therefore denied.

b. Trespass to Property

Plaintiffs allege that the transfer by Jet-Blue of data containing passengers’ personal information amounts to trespass to property. (Am.Compl^ 100.) To date, no federal court has specifically addressed the preemptive effect of the ADA clause on state law claims for trespass to property. 15 Defendants argue that “[t]he manner in which an airline handles and utilizes passenger information is intimately intertwined with its rates, routes, and services and is, in fact, regulated by federal law.” 16 (JetBlue Mem. at 19.)

The thrust of defendants’ argument with regard to rates and routes is that prevention of future terrorist attacks on military installations will protect the integrity of routes and avoid negative impacts on the financial prospects of air carriers. (See id. at 19-20.) More specifically, defendants claim that a successful military base security study could ultimately improve the safety of commercial air travel and possibly reduce rates to the extent that JetBlue is able to transfer the costs of certain security improvements to the federal government. (See Tr. of Oral Argument at 17-18.) Defendants further urge that “[i]n order for Plaintiffs to succeed in stating any common law claim, they must ... scrub historical context from all of Jet-Blue’s actions.... ” (JetBlue Reply Mem. at 13.) The historical context to which defendants allude begins, of course, with the events of September 11, 2001.

Although defendants raise emotionally compelling concerns about the potential of state tort liability to chill airline participation in security studies, they fail to establish how a claim for trespass to property that pertains to the dissemination of plaintiffs’ information directly relates to airline rates or routes. In pointing to the potential economic and safety benefits of a successful security study, the connection that plaintiffs suggest to rates and routes is attenuated at best. The Second Circuit has held that indirect effects on an airline’s competitive position do not meet the test for preemption of state law claims. See Abdu-Brisson, 128 F.3d at 84 (indirect effects of state law claims on an airline’s competitive position do not warrant preemption). Here, it is nothing more than conjecture that the security study could actually have an effect on the integrity of routes or result in any reduction of Jet-Blue’s rates. Accordingly, the impact of plaintiffs’ claim on JetBlue’s rates and routes is “too tenuous, remote or peripheral ... to have pre-emptive effect.” See Morales, 504 U.S. at 390, 112 S.Ct. 2031 (citation and internal quotation marks omitted).

Defendants’ argument based on airline services also fails the Rombom, test. Rombom, 867 F.Supp. at 221. With regard to the first prong of that test, whether the activity at issue is an airline service, defendants claim that the assembly and use of passenger information supplied during the purchase of air transportation constitutes an integral part of an airline’s services. (JetBlue Reply Mem. at 16.) Defendants further claim that compiling the data into a PNR for the airline’s use relates to services because the PNR reflects the airline’s copy of the passenger’s travel arrangements and enables the airline to determine flight capacity and schedules and to define routes. (Id. at 16-17.) The problem with this argument is that plaintiffs’ trespass to property claim concerns the unauthorized disclosure of PNR data to a third party which has no role in determining flight capacity, schedules, or routes. Moreover, the disclosure of this information is not alleged to have any relation to JetBlue’s manipulation or use of the data to determine flight capacity, schedules, or routes. Thus, to the extent that use of PNR data for these purposes constitutes an airline service within the meaning of the ADA, the trespass to property claim at issue in this case does not implicate that service. As defendants have not proffered any other basis upon which the Court might conclude that the trespass to property claim implicates a service, they have not met their burden of establishing that the claim is preempted by the ADA.

As a final matter, the Court notes that defendants’ proffered justification for the dissemination of plaintiffs’ data is not the proper focus of preemption analysis under the ADA clause. Preemption analysis is based on the nature of the state law claim asserted by a plaintiff and its relation, if any, to airline rates, routes, and services, not the answer or affirmative defense asserted by the defendant. See Parise v. Delta Airlines, Inc., 141 F.3d 1463, 1466 n. 3 (11th Cir.1998) (the only question relevant to preemption analysis is whether the basis of a cause of action asserted by a plaintiff, without reference to the answer or any affirmative defense, relates to rates, routes, or services of an air carrier). Accordingly, as understandable as defendants’ motivations may have been, it is not relevant for purposes of express preemption analysis that defendants disclosed the PNR data in response to changed market conditions and security concerns occasioned by the events of September 11, 2001.

c. Unjust Enrichment

Plaintiffs allege that all defendants in this case were unjustly enriched by the disclosure of confidential information concerning JetBlue passengers. (Pl.’s Mem. at 60.) Specifically, they claim that Jet-Blue received remuneration from Torch or another party in exchange for disclosing PNR data, and that the other defendants profited as contractors or subcontractors on the Department of Defense study as a result of JetBlue’s contribution of the data. (Id. at 60-61; Am. Compl. ¶¶ 107-108.) Defendants make the very same preemption argument in connection with this claim as they make in connection with the trespass to property claim, that a successful military base security study could affect routes by improving the safety of commercial air travel and rates by transferring the cost of certain security improvements to the federal government.

Few federal courts have considered the preemptive effect of the ADA clause on claims for unjust enrichment. Of those that have, most found that the claims at issue directly related to air carrier rates or services and held those claims preempted. See, e.g., Lehman v. USAIR Group, Inc., 930 F.Supp. 912, 915-16 (S.D.N.Y.1996) (claim expressly referred to the collection of air transportation excise tax, which relates to rates because it directly impacts the ticket price); All World Professional Travel Services, Inc. v. American Airlines, Inc., 282 F.Supp.2d 1161 (C.D.Cal.2003) (claim premised on airline’s imposition of a fee for processing refunds for tickets that could not be used in the days immediately following September 11, 2001); Dugan v. FedEx Corp., 2002 WL 31305208 (C.D.Cal. Sept. 27, 2002) (claim challenged air carrier’s contractual limitation of liability for damage to contents of packages that occurred during shipment); Deerskin Trading Post, Inc. v. United Parcel Service of America, Inc., 972 F.Supp. 665 (N.D.Ga.1997) (plaintiff alleged defendant inappropriately ■ based prices on the dimensional weight of packages rather than the actual weight). But the nature of the claims at issue in those cases had quite a different relation to airline rates, routes, and services than the unjust enrichment claim in this case. Unjust enrichment claims premised on the imposition of fees or collection of taxes quite obviously relate to airline rates. In this case, the unjust enrichment claim, like the trespass to property claim, seeks to remedy conduct without any cognizable relation to JetBlue’s rates, routes, or services. Accordingly, it is not preempted by the ADA.

B. Implied Preemption

Because the information at issue in this case was turned over for a security study at the behest of a federal agency, defendants argue that plaintiffs’ claims are impliedly preempted by the federal government’s pervasive occupation of the field of aviation security. Field preemption occurs “if federal law so thoroughly occupies a legislative field as to make reasonable the inference that Congress left no room for the States to supplement it.” Cipollone v. Liggett Group, Inc., 505 U.S. 504, 516, 112 S.Ct. 2608, 120 L.Ed.2d 407 (1992) (citations and quotation marks omitted). Although in this case the state laws at issue are not specific to aviation security, and therefore in a strict sense do not fall within that field, the Supreme Court has recognized that field preemption analysis may be understood as a species of conflict preemption, which exists where a state law “stands as an obstacle to the accomplishment and execution of the full purposes and objectives of Congress.” English v. General Elec. Co., 496 U.S. 72, 79, 110 S.Ct. 2270, 110 L.Ed.2d 65 (1990) (quoting Hines v. Davidowitz, 312 U.S. 52, 67, 61 S.Ct. 399, 85 L.Ed. 581 (1941)). Thus, to the extent that plaintiffs’ state law claims would have the effect of undermining federal efforts in the field, field preemption analysis is properly implicated.

“As is always the case in preemption analysis, Congressional intent is the ‘ultimate touchstone.’ ” Freeman v. Burlington Broadcasters, Inc., 204 F.3d 311, 320 (2d Cir.2000) (quoting Cipollone, 505 U.S. at 516, 112 S.Ct.2608). Intent for the federal government to exclusively occupy a field “may be inferred from a ‘scheme of federal regulation ... so pervasive as to make reasonable the inference that Congress left no room for the States to supplement it,’ or where an Act of Congress ‘touch[es] a field in which the federal interest is so dominant that the federal system will be assumed to preclude enforcement of state laws on the same subject.’ ” English v. General Elec. Co., 496 U.S. at 79, 110 S.Ct. 2270 (quoting Rice v. Santa Fe Elevator Carp., 331 U.S. 218, 230, 67 S.Ct. 1146, 91 L.Ed. 1447 (1947)).

In practice, “[i]t is often a perplexing question whether Congress has precluded state action or by the choice of selective regulatory measures has left the police power of the States undisturbed except as the state and federal regulations collide.” Rice, 331 U.S. at 230-31, 67 S.Ct. 1146. A court’s analysis “must begin with the assumption ... that the historic police powers of the State are not preempted by federal law unless that [is] the clear and manifest purpose of Congress.” Vango Media, Inc. v. City of New York, 34 F.3d 68, 72 (2d Cir.1994) (citation and internal quotation marks omitted) (alteration in original); see also Rice, 331 U.S. at 230, 67 S.Ct. 1146. “Under well-established principles ... state law should be displaced only to the extent necessary to protect the achievement of the aims of federal law.” Ray v. Atlantic Richfield Co., 435 U.S. 151, 182-83, 98 S.Ct. 988, 55 L.Ed.2d 179 (1978) (Marshall, J., concurring in part and dissenting in part) (citations and internal quotation marks omitted). As such, whenever possible, courts “should reconcile the operation of both statutory schemes with one another rather than holding [the state scheme] completely ousted.” Id. (alteration in original).

Defendants contend that a “mosaic of federal laws and regulations” evince an intent on the part of Congress for the federal government to completely occupy the field of aviation security and national security as it relates to the dissemination of passenger information by commercial airlines for the prevention of terrorist attacks. (See JetBlue Mem. at 23; JetBlue Reply Mem. at 23-24.) This mosaic begins with the creation of the Federal Aviation Agency, later renamed the Federal Aviation Administration (“FAA”), as an agency within the Department of Transportation. The FAA was created in the wake of a “series of fatal air crashes between civilian and military aircraft operating under separate flight rules,” United States v. Christensen, 419 F.2d 1401, 1404 (9th Cir.1969) (quoting H. Rep. No. 2360 (1958), reprinted in 1958 U.S.C.C.A.N. 3741, 3742), in order “to provide for the safe and efficient use of the navigable air space by both civil and military operations.” H. Rep. No. 2360 (1958), reprinted in 1958 U.S.C.C.A.N 3741, 3741. The Administrator was charged inter alia to prescribe rules and regulations “necessary to provide adequately for national security and safety in air commerce.” Federal Aviation Act of 1958 (“FAA Act”), Pub.L. No. 85-726, § 601(a)(6); 72 Stat. 731, 775 (1958). It is undisputed that FAA regulations have preemptive effect in certain discrete fields such as pilot certification, aircraft noise, airspace management and flight operations.

Defendants posit that federal regulatory control is particularly dominant in the area of aviation security. (JetBlue Mem. at 25.) In support, they cite several legislative enactments beginning with the 1961 passage of a statute criminalizing air piracy. Enacted immediately after the first hijacking of a U.S. commercial aircraft, this statute, combined with “related rules issued under the regulatory authority of the Administrator, provide[s] the basis for the antihijacking program.” United States v. Davis, 482 F.2d 893, 898 (9th Cir.1973). This authority was supplemented by the Antihijacking Act of 1974, Pub.L. No. 93-366, 88 Stat. 409 (1974), which included the Air Transportation Security Act of 1974, Pub.L. No. 93-366, 88 Stat. 415 (1974), and thus provided ongoing authority for the FAA Administrator to regulate passenger screening as well as research and development of systems, procedures, and facilities designed to guard against acts of aircraft piracy. The FAA Act was subsequently amended by the International Security and Development Cooperation Act of 1985, Pub.L. No. 99-83, 99 Stat. 190 (1985), which prescribes measures for improving security standards in foreign air transportation.

After the bombing of Pan Am Flight 103 over Lockerbie, Scotland, Congress again amended the FAA Act by enacting the Aviation Security Improvement Act of 1990, Pub.L. No. 101-604, 104 Stat. 3066 (1990). This Act established a Director of Intelligence and Security in the office of the Secretary of Transportation and provided inter alia for security improvements at airports. Id. §§ 101, 103. The Act also called for the FAA Administrator to “establish and carry out a program to accelerate and expand the research, development, and implementation of technologies and procedures to counteract terrorist acts against civil aviation.” Id. § 107.

Following the terrorist attacks of September 11, 2001, Congress passed two free-standing statutes: the Aviation and Transportation Security Act, Pub.L. No. 101-71, 115 Stat. 597 (2001), and the Homeland Security Act of 2002, Pub.L. No. 107-296, 116 Stat. 2135 (2002). In addition to broadening authority for aviation security measures, the Aviation and Transportation Security Act transferred responsibility that previously fell upon the FAA to a newly created administrative body, the Transportation Security Administration (“TSA”). See 49 U.S.C. § 114. The Homeland Security Act removed the TSA from the Department of Transportation and placed it under the jurisdiction of the Department of Homeland Security, see Homeland Security Act § 403, which in defendants’ view emphasizes the role of the commercial airline industry in the realm of national security. The TSA is the entity that requested JetBlue provide its PNR data for use in the security study.

The TSA is specifically charged with management of security information. 49 U.S.C. § 114(h). Among its enumerated powers and responsibilities, it is tasked to “identify and undertake research and development activities necessary to enhance transportation security,” 49 U.S.C. § 114(f)(8), and to establish policies and procedures requiring air carriers to use information supplied by government agencies to identify high-risk passengers. 49 U.S.C. § 114(h)(3)(A). Notably, it also has specific Congressional authorization to “consider [in consultation with the Transportation Security Oversight Board] requiring passenger air carriers to share passenger lists with appropriate Federal agencies for the purpose of identifying individuals who may pose a threat to aviation safety or national security.” 49 U.S.C. § 114(h)(4). Presumably, after undertaking the appropriate consultative process, the TSA would have had authority to require JetBlue to share its passenger lists for use in the Torch security study. It bears noting that the TSA did not exercise that authority prior to the events at issue in this case and instead issued a request with which JetBlue voluntarily complied. The data transfer by JetBlue is therefore not insulated from state law liability as a result of any direct conflict with federal regulatory action on this issue. 17

Defendants cite a host of additional functions entrusted to the TSA and other federal entities, 18 as well as a litany of security-related regulations enacted by the TSA, to round out the argument that the field of aviation security — particularly as it relates to information sharing among air carriers and federal agencies — is entirely preempted by federal law. Though only a small subset relates specifically to the collection and dissemination of passenger information, the breadth of these regulations and responsibilities is extensive.

Even if field preemption could be established in the area of aviation security — a question on which the Court expresses no final opinion at this time — it is at least an issue of fact, on the record now before the Court, whether or not the actions complained of in this case properly implicate the field of aviation security. Plaintiffs allege, and defendants do not dispute, that the purpose of the JetBlue data transfer was to support a study designed to prevent attacks on military installations following the September 11, 2001 attack on the Pentagon. According to plaintiffs’ Amended Complaint, Torch considered that data pattern analysis of personal characteristics of persons who sought access to military installations might help predict which persons pose a risk to the security of those installations. (Am.ComplV 42.) Although defendants suggest that the study specifically aimed to identify potential terrorists arriving by air in areas near military bases (JetBlue Mem. at 3), the facts pled only establish that a large, national level database was needed to assess the efficacy of Torch’s data analysis tool for predicting terrorist behavior, not that the database had to concern commercial airline passengers in particular. (See Am. Compl. ¶ 43.)

Indeed, according both to plaintiffs’ Amended Complaint and to an official report of the Department of Homeland Security (“DHS”) Privacy Office, Torch initially approached a number of federal agencies unrelated to aviation that operate governmental databases containing personal information suitable for use in testing its program. When each of those agencies refused to participate in the study, Torch turned its attention to commercial sources of personal information, including airlines and data aggregators which were thought to maintain databases containing adequate cross-sections of personal characteristics. (Id. ¶¶ 44-45; Department of Homeland Security Privacy Office, Report to the Public on Events Surrounding JetBlue Data Transfer (“DHS Report”), Feb. 20, 2004, at 4). Unable to obtain the necessary personal information, Torch then turned to members of Congress, asking them to intervene on the company’s behalf with airlines or federal agencies. (Am Compl. ¶ 47.) Although the agency that ultimately became involved on Torch’s behalf was the TSA, and although the supplier of the database used happened to be JetBlue, the record before the Court does not establish that the study was inherently or necessarily focused on aviation-based threats to military base security or that data concerning commercial airline passengers was essential to advance the study’s purposes. Indeed, the official DHS Report found that “[wjhile one form of base security may have included preventing terrorist attacks by air directed at military installations, the overarching purpose was the prevention of unauthorized or unwanted entry onto military bases via a variety of forms of entry.” DHS Report at 5. The primary purpose of the study thus was something “other than transportation security.” Id. at 9.

The Court appreciates that JetBlue’s decision to cooperate with Torch was likely motivated, at least in part, by a legitimate interest in advancing efforts to reduce threats to aviation security. The fact that the TSA encouraged JetBlue’s involvement could well have been persuasive, and in the wake of September 11, 2001, the potential for hijacked commercial airliners to be used as instruments of attack on military bases can hardly be denied. Nonetheless, even if defendants were acting with the best of intentions and an eye to aviation security concerns, the record before the Court does not establish as a matter of law that the data transfer at issue in this case properly implicates the field of aviation security. At the very least, there is a question of fact about whether the complained of conduct implicates that field. And as plaintiffs argue, the Court simply cannot assume that Congress intended to relieve airlines of the state law consequences of everything an airline might believe it does for national security reasons, particularly where such conduct is neither mandated nor even permitted by any federal law.

Discovery would be needed to establish whether aviation security is the relevant field in which to ground implied preemption analysis. Accordingly, the issue of implied preemption cannot be resolved on a Rule 12(b)(6) motion to dismiss, and all state and common law claims other than that arising under the New York General Business Law will be addressed on their merits.

V. Failure to State a Claim Under State or Common Law

In addition to arguing that plaintiffs’ state and common law claims are preempted, defendants argue that plaintiffs have failed to state a cause of action for any claim under state law. The Court need not address the merits of the claim raised under the New York General Business Law and similar state statutes, as that claim is expressly preempted by the ADA. Each of the claims that survives preemption analysis is addressed in turn below. For purposes of resolving this motion, all parties agree that New York law applies. {See Tr. of Oral Argument at 9.)

JetBlue is the only defendant charged with breach of contract in this case. Plaintiffs allege that they made reservations to fly with JetBlue in reliance on express promises made by JetBlue in the company’s privacy policy. (PL’s Mem. at 50; Am. Compl. ¶ 93.) The substance of the contract alleged is therefore a promise by JetBlue not to disclose passengers’ personal information to third parties. (Pl.’s Mem. at 48.) Plaintiffs allege that JetBlue breached that promise, thereby causing injury. (Id. at 51.)

An action for breach of contract under New York law requires proof of four elements: (1) the existence of a contract, (2) performance of the contract by one party, (3) breach by the other party, and (4) damages. Rexnord Holdings, Inc. v. Bidermann, 21 F.3d 522, 525 (2d Cir.1994). JetBlue contends that plaintiffs have failed to plead facts sufficient to establish the existence of a contract or that they suffered damages. (JetBlue Mem. at 33.)

With regard to the existence of a contract, plaintiffs contend that JetBlue undertook a “self-imposed contractual obligation by and between [itself] and the consumers with whom it transacted business” by publishing privacy policies on its website or otherwise disclosing such policies to its consumers. (See Am. Compl. ¶ 88.) Plaintiffs maintain that “these self-imposed public assurances ... created an obligation under the contract-of-carriage and a duty on the part of JetBlue and the persons with whom it did business not to act in derogation of JetBlue’s privacy policy....” (Id. ¶ 38.) JetBlue counters that its “stand-alone privacy statement” — which “could only be accessed and viewed by clicking on a separate stand-alone link” on the bottom of JetBlue’s website — is not a term in the contract of carriage. (JetBlue Mem. at 32 n. 19 & 33.) It further notes in this connection that “the entire transaction of purchasing transportation can be done on JetBlue’s website (or by phone or in person) without ever viewing, reading, or relying on JetBlue’s website privacy statement....” (Id. at 32 n. 19.) Although plaintiffs do allege that the privacy policy constituted a term in the contract of carriage, they argue alternatively that a stand-alone contract was formed at the moment they made flight reservations in reliance on express promises contained in JetBlue’s privacy policy. (See Am. Compl. ¶ 38; Pl.’s Mem. at 50-51.) JetBlue posits no persuasive argument why this alternative formulation does not form the basis of a contract.

JetBlue further argues that failure to allege that plaintiffs read the privacy policy defeats any claim of reliance. (See JetBlue Reply Mem. at 25.) Although plaintiffs do not explicitly allege that the class members actually read or saw the privacy policy, they do allege that they and other class members relied on the representations and assurances contained in the privacy policy when choosing to purchase air transportation from Jet-Blue. (Am.ComplJ 93.) Reliance presupposes familiarity with the policy. It may well be that some members of the class did not read the privacy policy and thus could not have relied on it, but the issue of who actually read and relied on the policy would be addressed more properly at the class certification stage. For purposes of this motion, the Court considers an allegation of reliance to encompass an allegation that some putative members of the class read or viewed the privacy policy. The Court recognizes that contrary authority exists on this point, but considers the holding in that case to rest on an overly narrow reading of the pleadings. See In re Northwest, 2004 WL 1278459, at *6 (“[Absent an allegation that Plaintiffs actually read the privacy policy, not merely the general allegation that Plaintiffs ‘relied on’ the policy, Plaintiffs have failed to allege an essential element of a contract claim: that the alleged ‘offer’ was accepted by Plaintiffs.”). Accordingly, failure to specifically allege that all plaintiffs and class members read the policy does not defeat the existence of a contract for purposes of this motion to dismiss.

JetBlue also argues that plaintiffs have faded to meet their pleading requirement with respect to damages, citing an absence of any facts in the Amended Complaint to support this element of the claim. Plaintiffs’ sole allegation on the element of contract damages consists of the statement that JetBlue’s breach of the company privacy policy injured plaintiffs and members of the class and that JetBlue is therefore liable for “actual damages in an amount to be determined at trial.” (Am.ComplJ 91.) In response to JetBlue’s opposition on this point, plaintiffs contend that the Amended Complaint is “replete” with facts demonstrating how plaintiffs were damaged (PL’s Mem. at 47), but cite to nothing more than the boilerplate allegation referenced above and another allegation in the Amended Complaint that they were “injured” (see Am. Compl. ¶ 5). At oral argument, when pressed to identify the “injuries” or damages referred to in the Amended Complaint, counsel for plaintiffs stated that the “contract damage could be the loss of privacy” (Tr. of Oral Argument at 52), acknowledging that loss of privacy “may” be a contract' damage. The support for this proposition was counsel’s proffer that he had never seen a case that indicates that loss of privacy cannot as a matter of law be a contract damage. In response to the Court’s inquiry as to whether a further specification of damages could be set forth in a second amended complaint, counsel suggested only that perhaps it could be alleged or argued that plaintiffs were deprived of the “economic value” of their information. Despite being offered the opportunity to expand their claim for damages, plaintiffs failed to proffer any other element or form of damages that they would seek if given the opportunity to amend the complaint.

The parties argued the issue of the sufficiency of damage allegations under New York state law. Based on this Court’s review of the cited state authorities, it seems plain that had supplemental jurisdiction been declined and had the cases brought in New York proceeded in state court, the contract actions would have been dismissed based upon state pleading rules. See Smith v. Chase Manhattan Bank, USA, N.A., 293 A.D.2d 598, 600, 741 N.Y.S.2d 100 (2d Dep’t 2002) (allegation of contract damages consisting solely of “all to the damage of the class” is insufficient to support a claim for breach of contract); Gordon v. Dino De Laurentiis Corp., 141 A.D.2d 435, 436, 529 N.Y.S.2d 777 (1st Dep’t 1988). Neither side has addressed whether the result would be the same or different under the pleading requirements of Rule 8 of the Federal Rules of Civil Procedure, which in fact applies to this proceeding. See Charles A. Wright & Arthur R. Miller, Federal Practice and Procedure § 1204 (3d ed. 1998 & Supp.2005). Even if federal pleading rules require less specification, the result should not be different.

It is apparent based on the briefing and oral argument held in this case that the sparseness of the damages allegations is a direct result of plaintiffs’ inability to plead or prove any actual contract damages. As plaintiffs’ counsel concedes, the only damage that can be read into the present complaint is a loss of privacy. At least one recent case has specifically held that this is not a damage available in a breach of contract action. See Trikas v. Universal Card Services Corp., 351 F.Supp.2d 37, 46 (E.D.N.Y.2005). This holding naturally follows from the well-settled principle that “recovery in contract, unlike recovery in tort, allows only for economic losses flowing directly from the breach.” Young v. U.S. Dep’t of Justice, 882 F.2d 633, 641 (2d Cir.1989) (citations omitted); see Katz v. Dime Savings Bank, FSB, 992 F.Supp. 250, 255 (W.D.N.Y.1997) (non-economic loss is not compensable in a contract action).

Plaintiffs allege that in a second amended complaint, they could assert as a contract damage the loss of the economic value of their information, but while that claim sounds in economic loss, the argument ignores the nature of the contract asserted. Citing the hoary case of Hadley v. Baxendale, the Second Circuit reminded the parties to the case before it that “damages in contract actions are limited to those that ‘may reasonably be supposed to have been in the contemplation of both parties, at the time they made the contract, as the probable result of the breach of it.’ ” Young, 882 F.2d at 641 n. 9 (quoting Hadley v. Baxendale, 9 Ex. 341, 156 Eng.Rep. 145 (1854)). A similarly basic principle of contract law is that the “purpose of contract damages is to put a plaintiff in the same economic position he or she would have occupied had the contract been fully performed.” Katz, 992 F.Supp. at 255. Plaintiffs may well have expected that in return for providing their personal information to JetBlue and paying the purchase price, they would obtain a ticket for air travel and the promise that their personal information would be safeguarded consistent with the terms of the privacy policy. They had no reason to expect that they would be compensated for the “value” of their personal information. In addition, there is absolutely no support for the proposition that the personal information of an individual JetBlue passenger had any value for which that passenger could have expected to be compensated. It strains credulity to believe that, had JetBlue not provided the PNR data en masse to Torch, Torch would have gone to each individual JetBlue passenger and compensated him or her for access to his or her personal information. There is likewise no support for the proposition that an individual passenger’s personal information has or had any compensable value in the economy at large.

Accordingly, plaintiffs having claimed no other form of damages apart from those discussed herein and having sought no other form of relief in connection with the breach of contract claim, JetBlue’s motion to dismiss the claim is granted.

Plaintiffs allege that defendants committed trespass to property by participating in the transfer of data containing their personal and private information. (Am.CompLf 100.) Because their claim concerns an alleged trespass to something other than real property, it is most accurately treated as a claim for trespass to chattels. 19 See generally Kronos, Inc. v. AVX Corp., 81 N.Y.2d 90, 95, 595 N.Y.S.2d 931, 612 N.E.2d 289 (1993). To state a claim for trespass to chattels under New York law, plaintiffs must establish that defendants “intentionally, and without justification or consent, physically interfered with the use and enjoyment of personal property in [plaintiffs’] possession,” and that plaintiffs were thereby harmed. School of Visual Arts v. Kuprewicz, 3 Misc.3d 278, 771 N.Y.S.2d 804, 807 (NY.Sup.Ct.2003); see also Register.com, Inc. v. Veno, Inc., 356 F.3d 393, 404 (2d Cir.2004) (“A trespass to a chattel may be committed by intentionally ... using or intermeddling with a chattel in the possession of another, where the chattel is impaired as to its condition, quality, or value.”) (quoting Restatement (Second) of Torts §§ 217(b), 218(b) (1965)) (internal quotation marks omitted); City of Amsterdam v. Daniel Goldreyer, Ltd., 882 F.Supp. 1273, 1281 (E.D.N.Y.1995) (“A trespass to chattel occurs when a party intentionally damages or interferes with the use of property belonging to another.”). Where the trespass alleged is to an intangible property right arising under a contract, actual injury to the claimed property interest must be shown. Kronos, 81 N.Y.2d at 95, 595 N.Y.S.2d 931, 612 N.E.2d 289.

Preliminarily, in order to sustain this cause of action, plaintiffs must establish that they were in possession of the PNR data that was transferred to Torch. Kelman v. Wilen, 283 A.D. 1113, 131 N.Y.S.2d 679, 680 (2d Dep’t 1954) (possession is an essential element of a cause of action in trespass). Plaintiffs argue that the limitations placed on the use of PNR data by the JetBlue privacy policy granted them continued possessory interests over their personal information, entitling them to pursue legal action if ever those limits are exceeded. 20 (PL’s Mem. at 53.) Plaintiffs provide no legal support for this argument, and the Court has serious doubts as to its validity. Although defendants raise several arguments in response, none is directly responsive to plaintiffs’ position. In any event, the Court need not determine whether plaintiffs enjoy a continued possessory interest in their personal data, because even assuming arguendo that they do, plaintiffs have not established an actual injury sufficient to sustain a claim for trespass to chattels. See Kronos, 81 N.Y.2d at 95, 595 N.Y.S.2d 931, 612 N.E.2d 289.

Under New York law, liability only obtains on this cause of action if a defendant causes harm to “the [owner’s] materially valuable interest in the physical condition, quality, or value of the chattel, or if the [owner] is deprived of the use of the chattel for a substantial time.” Kuprewicz, 771 N.Y.S.2d at 807-08 (quoting Restatement (Second) of Torts § 218, com. e (1965)); City of Amsterdam v. Daniel Goldreyer, Ltd., 882 F.Supp. 1273, 1281 (E.D.N.Y.1995) (“A trespass to chattel occurs when a party intentionally damages or interferes with the use of property belonging to another.”). In addition, “the defendant must act with the intention of interfering with the property or with knowledge that such interference is substantially certain to result.” Kuprewicz, 771 N.Y.S.2d at 808. In this case, plaintiffs allege rather generically that they .have suffered “actual damages” or, in the alternate, “an irreparable injury for which there is no adequate remedy at law” as a result of the data transfer. (Am. Compl. ¶ 101; see also Pl.’s Mem. at 53.) They do not, however, allege that the quality or value of their personal information was in any way diminished as a result of defendants’ actions, nor do they allege any facts that could sustain such a showing. The only type of harm plaintiffs allege anywhere in the Amended Complaint is harm to their privacy interests, and even if then-privacy interests were indeed infringed by the data transfer, such a harm does not amount to a diminishment of the quality or value of a materially valuable interest in their personal information. Plaintiffs also have not been deprived of the use of their personal information at any point, let alone for a substantial period of time. See Kuprewicz, 771 N.Y.S.2d at 807-08. Thus, plaintiffs have not established that they suffered the type of harm that may be redressed through a claim for trespass to chattels.

C. Unjust Enrichment

Plaintiffs claim that “[e]ach defendant was unjustly enriched by the disclosure of confidential information concerning JetBlue passengers.” (Pl.’s Mem. at 60.) In order to state a claim for unjust enrichment under New York law, a plaintiff must prove that (1) the defendant was enriched, (2) the enrichment was at plaintiffs expense, and (3) the circumstances were such that equity and good conscience require the defendant to make restitution. Dolmetta v. Uintah Nat. Corp., 712 F.2d 15, 20 (2d Cir.1983); Violette v. Armonk Associates, L.P., 872 F.Supp. 1279, 1282 (S.D.N.Y.1995).

As a threshold matter, the claim against Torch, Acxiom, and SRS must be dismissed for failure to allege a legally cognizable relationship between plaintiffs and those defendants. Under New York law, the cause of action for unjust enrichment falls under the umbrella of quasi-contract, or contract implied-in-law. Michele Pommier Models, Inc. v. Men Women N.Y. Model Management, Inc., 14 F.Supp.2d 331, 338 (S.D.N.Y.1998), aff'd, 173 F.3d 845 (2d Cir.1999) (unpublished opinion). To recover under this theory, a plaintiff must establish that it conferred a benefit on the defendant, thereby resulting in that defendant’s unjust enrichment. Id. This requires proof of a legally cognizable relationship between the parties. Id. Critically, “[i]t is not enough that the defendant received a benefit from the activities of the plaintiff; if the services were performed at the behest of someone other than the defendant, the plaintiff must look to that person for recovery.” Id. Plaintiffs in this case do not allege any facts to support a finding of “direct dealings or an actual, substantive relationship” between themselves and any defendant other than JetBlue. 21 See In re Motel 6 Securities Litigation, 1997 WL 154011, at *7 (S.D.N.Y. April 2, 1997).

As to the first element in the claim against JetBlue, plaintiffs argue that defendants in this case engaged in the complained-of conduct for their own commercial benefit. (Am.Compl^ 107.) Plaintiffs speculate that JetBlue “received some form of remuneration from Torch or another party as a result of its disclosure of information.” (Pl.’s Mem. at 61.) However, according to JetBlue, the data was made available to Torch for no consideration at the request of the Transportation Security Administration (JetBlue Reply Mem. at 29), and the only benefit JetBlue derived was “the potential for increased safety on its flights and the potential to prevent the use of commercial airlines as weapons that target military bases.” (Jet-Blue Mem. at 39). Plaintiffs do not allege any facts to the contrary, and as JetBlue contends, plaintiffs may not create an issue of fact for purposes of surviving a motion to dismiss simply “by asserting a ‘belief that is supported by no reasonable inquiry, information or fact.” (JetBlue Reply Mem. at 29.) Thus, plaintiffs have failed to establish that JetBlue was enriched by the complained-of conduct.

In addition, the circumstances of this case are not such that equity and good conscience require JetBlue to make restitution to this class of plaintiffs. Under New York law, the granting of equitable relief on a theory of unjust enrichment requires the “indispensable ingredient” of an injustice as between the two parties involved. Banco Espirito Santo de Investimiento, S.A. v. Citibank, N.A., 2003 WL 23018888, at *18 (S.D.N.Y. Dec. 22, 2003) (citation omitted); see also Indyk v. Habib Bank Ltd., 694 F.2d 54, 57 (2d Cir.1982) (the granting of equitable relief on a theory of unjust enrichment requires that the enrichment have been unjust as between the two parties to the transaction). Plaintiffs have not alleged facts to suggest that JetBlue obtained any benefit that rightfully belonged to them or that they were otherwise subjected to any injustice by virtue of JetBlue’s conveyance of their personal data to Torch. See Bugarsky v. Marcantonio, 254 A.D.2d 384, 678 N.Y.S.2d 737, 738 (2d Dep’t 1998) (appellant was entitled to dismissal of unjust enrichment claim “as there was no showing that he obtained any benefit that in equity and good conscience he should not have obtained or possessed because it rightfully belonged to another”). To the contrary, as plaintiffs themselves acknowledge, the purpose of the data transfer was to advance a project that “arose out of a desire to prevent attacks on military installations.” (Am.ComplV 42.) Thus, even assuming arguendo that JetBlue was enriched at plaintiffs’ expense, plaintiffs have failed to demonstrate that equity and good conscience require restitution by Jet-Blue. For these reasons, the unjust enrichment claim as against all defendants is dismissed.

D. Declaratory Judgment

Plaintiffs seek a declaratory judgment stating that defendants violated the Electronic Communications Privacy Act, the New York General Business Law and other similar statutes listed in connection with the deceptive practices claims, as well as plaintiffs’ common law rights against trespass to property, invasion of privacy, 22 breach of contract, and unjust enrichment. As plaintiffs have failed to state viable claims against any defendant, this application is denied.

CONCLUSION

For the reasons set forth above, defendants’ Rule 12(b)(6) motions to dismiss are granted. The Clerk of the Court is directed to enter judgment in accordance with this Order.

SO ORDERED.

1 . The cases filed in the Eastern District of New York were: Florence v. JetBlue Airways Corp., et al., 03-CV-4847; Richman v. JetBlue Airways Corp., et al., 03-CV-4859; Hakim v. JetBlue Airways Corp., et al., 03-CV-4895; Seidband v. JetBlue Airways Corp., 03-CV-4933; Block v. JetBlue Airways Corp., 03-CV-4963; Singleton v. JetBlue Airways Corp., 03-CV-5011; Fleet v. JetBlue Airways Corp., 03-CV-5017; and Mortenson v. JetBlue Airways Corp., et al., 03-CV-5209. The case filed in ■ the Central District of California was Turrett v. JetBlue Airways Corp., 03-CV-6785.

2 . These cases include: Bauman v. JetBlue Airways Corp., et al., 03-CV-5091; Lee v. JetBlue Airways Coip., et al., 03-CV5330; Wites v. JetBlue Airways Corp., 03-CV-5629; Howe v. JetBlue Airways Corp., et al., 03-CV-5633; and Unger v. JetBlue Airways Corp., 04-CV-2094.

3 . Plaintiffs initially brought an additional claim for invasion of privacy against all defendants. That claim was withdrawn in response to defendants' motions to dismiss.

4 . Plaintiffs initially asserted a claim under § 2701 of the statute as well, but later withdrew that claim at oral argument on defendants' motions. (See Tr. of Oral Argument at 65.)

5 . The statute expressly excludes from the definition of "electronic communication”: (a) any wire or oral communication; (b) any communication made through a tone-only paging device; (c) any communication from a tracking device; and (d) electronic funds transfer information stored by a financial institution in a communications system used for the electronic storage and transfer of funds. 18 U.S.C. § 2510(12)(A)-(D).

6 .JetBlue maintains an Internet website through which passengers can select and purchase travel itineraries.

7 . Oft-cited examples include internet service providers such as America Online or Juno. See, e.g., In re Doubleclick Inc. Privacy Litigation, 154 F.Supp.2d 497, 511 n. 20 (S.D.N.Y.2001).

8 . JetBlue purchases its Internet access from a third party provider, a global distribution system called Open Skies. (See JetBlue Reply Mem. at 3-4 n. 2.)

9 . Although plaintiffs cite potentially countervailing authority that either implies or assumes the applicability of the ECPA to entities other than Internet service providers, the cases to which plaintiffs refer do not provide anything but passing consideration of § 2702 liability or the meaning of term "electronic communication service.” See, e.g., In re Pharmatrak Privacy Litigation, 329 F.3d 9, 18 (1st Cir.2003) (transmission of completed on-line forms to pharmaceutical company websites constitutes an electronic communication); Lopez v. First Union Nat’l Bank of Florida, 129 F.3d 1186, 1189-90 (11th Cir.1997), cert. denied, 531 U.S. 1052, 121 S.Ct. 656, 148 L.Ed.2d 559 (2000) (reversing Rule 12(b)(6) dismissal of § 2702 claim against bank that disclosed contents of electronic wire transfer, because allegations in plaintiff's complaint must be accepted as true and defendant had merely denied the allegation that it was an electronic communication service); United States v. Mullins, 992 F.2d 1472, 1474, 1478 (9th Cir.1993), cert. denied 510 U.S. 994, 114 S.Ct 556, 126 L.Ed.2d 457 (1993) (referring to American Airlines’ computerized travel reservation system as an electronic communication service in rejecting Fourth Amendment challenge to criminal conviction obtained through monitoring of that system by American Airlines personnel). Plaintiffs concede, as they must, that these cases are but “footprints in the sand.” (Tr. of Oral Argument at 42.)

10 . The only case to reach a different result was a criminal case that had cause to consider American Airlines' status as a provider of an electronic communication service insofar as such stat.us pertained to the appellant's Fourth Amendment challenge to his conviction. See United States v. Mullins, 992 F.2d 1472, 1474, 1478 (9th Cir.1993), cert. denied 510 U.S. 994, 114 S.Ct. 556, 126 L.Ed.2d 457 (1993) (finding American Airlines, through its computerized reservation system, which enables travel agents to gather flight information and directly input travel reservations or make changes to existing reservations through the use of PNRs, to be "a provider of wire or electronic communication service”). The case did not provide any explanation of or legal support for its conclusion that American Airlines is an electronic communication service provider. See id. at 1478.

11 . Other courts have been understandably reluctant to narrow the Supreme Court's preemption analysis in Morales based upon subsequent interpretations of the ERISA provision. See United Airlines, Inc. v. Mesa Airlines, Inc., 219 F.3d 605, 608 (7th Cir.2000) (Easterbrook, J.) ("[I]f developments in pension law have undercut holdings in air-transportation law, it is for the Supreme Court itself to make the adjustment. Our marching orders are clear: follow decisions until the Supreme Court overrules them.”).

12 . Plaintiffs raise claims. under forty-nine state statutes prohibiting unfair and deceptive acts and practices. The New York General Business Law is among them. Also cited is the Minnesota Deceptive Trade Practices Act, which formed the basis of claims adjudicated in In re Northwest, 2004 WL 1278459, and the Illinois Consumer Fraud and Deceptive Business Practices Act, which was the statute at issue in Wolens, 513 U.S. 219, 115 S.Ct. 817, 130 L.Ed.2d 715. (See Am. Compl. ¶ 97.)

13 . The federal regulations to which JetBlue refers concern incorporation by reference in a contract of carriage with an air carrier. 14 C.F.R. § 253.4. Given that preemption doctrine stands to guard against state regulation in an area reserved for federal law, it is unclear to the Court how reference to federal regulations implicates questions of preemption. See generally Travel All Over The World, 73 F.3d 1423, 1432 ("The question of whether a State has 'enacted or enforced a law’ cannot depend on the existence of federal regulations in the same area.”).

14 . Although the Amended Complaint includes a prayer for injunctive relief and punitive damages, as well as a declaratory judgment, the section of the Amended Complaint dealing with the breach of contract claim asserts only a prayer for actual damages. (See Am. Compl. ¶¶ 5, 91.)

15 . At least one court that took a decidedly broad view of the ADA clause in deeming a privacy claim preempted proceeded to address the plaintiffs’ trespass to property claim on the merits, see In re Northwest, 2004 WL 1278459, at *4, thereby lending some support to the proposition that such claims are not expressly preempted.

16 . The federal law to which defendants refer does no more than govern reporting on passenger manifests in the event of disasters, see 49 U.S.C. § 44909; 14 C.F.R. Pt. 243, and correction of cargo manifests and air waybills in the event of shortages and overages, see 12 C.F.R. § 122.49(a) & (b).

17 . Regulations issued pursuant to Congressional authorization after litigation is commenced are also relevant to preemption analysis because they bear upon the issue of Congressional intent to occupy a field. See French v. Pan Am Express, Inc., 869 F.2d 1, 5 n. 5 (1st Cir.1989). In that regard, the Court notes that on November 15, 2004, the TSA issued a final order requiring aircraft operators to provide certain specified PNR data for use in testing the "Secure Flight" system, an aviation passenger pre-screening program designed to identify passengers known or reasonably suspected to be engaged in terrorist activity. The final order specifically mentions 49 U.S.C. § 114(f)(8) as one of the bases for the TSA's authority for requiring the PNR data. See Notice of Final Order for Secure Flight Test Phase, 69 Fed. Reg. 65,619 (Nov. 15, 2004).

18 . In particular, defendants note that airlines operating flights to or from the United States must provide U.S. Customs with electronic access to their PNR databases so that Customs may obtain "any and all PNR data elements relating to the identity and travel plans of a passenger.” 19 C.F.R. § 122.49b. PNR data “that is made available to Customs electronically may, upon request, be shared with other Federal agencies for the purpose of protecting national security.” Id. There is no requirement for air carriers to collect any PNR information that they would not ordinarily collect on their own. Id.

19 . Plaintiffs do not oppose this construction, as evidenced by their Corrected Omnibus Opposition to Defendants' Motions to Dismiss. (See PL’s Mem. at 51.)

20 . This argument was rejected by the In re Northwest court which held, as a matter of law, that the PNRs in question were not the property of the class action plaintiffs. In re Northwest, 2004 WL 1278459, at *4. The court observed that the plaintiffs had voluntarily provided Northwest with some of the information that was included in the PNRs, and found that the information itself may be the plaintiffs' property. Id. But, the court held, "when that information was compiled and combined with other information to form a PNR, the PNR itself became Northwest's property.” Id. As Northwest could not wrongfully take its own property, the plaintiffs’ claim for trespass to property failed. Id. As no party briefed this particular issue with reference to New York law, the Court declines to rest its decision on this finding of the In re Northwest court.

21 . Plaintiffs merely claim, in their Memorandum of Law, that Acxiom, SRS, and Torch “each took on a quasi-contractual relationship with JetBlue's aggrieved passengers based on their disclosure and receipt of their personal information from JetBlue." (PL's Mem. at 62.)

22 . Presumably, this request is now withdrawn with respect to the invasion of privacy claim, which plaintiffs voluntarily dismissed.