Air Travel Disruptions and DOT Aviation Consumer Protection Rules
On July 19, 2024, a widespread technology outage caused by a faulty software update from cybersecurity firm CrowdStrike resulted in significant disruptions across various sectors, notably impacting airlines. Major U.S. carriers, including Delta, American, United, Allegiant, and Spirit Airlines, faced extensive delays and cancellations, leading to chaos at airports. Over the weekend, more than 7,500 flights were canceled and 32,500 flights were delayed. The situation was particularly severe for Delta Air Lines, which continued to cancel a significant number of flights even after other airlines had largely recovered from the disruption.
This incident draws parallels to the Southwest Airlines meltdown in late December 2022, caused by a combination of winter storms and internal system failures, which led to a DOT investigation and a $140 million fine against the airline. The DOT’s ongoing response to the recent outage includes launching an investigation into Delta’s handling of the crisis and reminding airlines of their obligations under aviation consumer protection rules.
The federal response to such disruptions involves multiple layers of consumer rights protections established through statutes, regulations, and airline policies known as contracts of carriage. Despite the 1978 deregulation of the airline industry, which removed federal control over many airline operations, the government continues to enforce specific consumer protections. These include prompt refunds for canceled or significantly changed flights and the refunding of fees for ancillary services not received by passengers.
DOT’s current aviation consumer protection rules, outlined in 14 C.F.R. Part 259, were recently reinforced by the airline ticket refunds final rule issued in April 2024. This rule mandates automatic and timely refunds for consumers affected by cancellations or significant schedule changes, with specific timeframes for processing these refunds depending on the method of payment.
In response to the recent outage, there is a renewed focus on whether airlines should be held accountable for service disruptions caused by factors beyond their control, such as technology failures. Additionally, there is consideration of integrating IT system security and resilience into the criteria for determining an airline’s operational fitness. The possibility of requiring airlines to develop contingency plans for computer system outages as part of their customer service plans is also under discussion.
As federal agencies and lawmakers continue to investigate and address the fallout from the CrowdStrike-induced outage, these deliberations will likely shape future policies aimed at minimizing the impact of similar disruptions on passengers and ensuring robust consumer protections in the airline industry (CRS report IN12395).