Skip to content
    Thomas JankowskiThomas Jankowski — home
    Back to writing
    May 8, 2025 · updated May 8, 2026 · 3 min read

    United deployed AI to catch skiplaggers. The Texas jury said skiplagging is legal.

    United deployed AI to catch skiplaggers. The Texas jury said skiplagging is legal — by Thomas Jankowski, aided by AI
    AI deployed, jury ruled— TJ x AI

    By early 2025 the major U.S. carriers had each deployed some version of AI-driven skiplagger detection. United's system tracked passengers who consistently booked itineraries with hidden-city characteristics and skipped the final leg. Delta operated an Atlanta-based enforcement team running similar tracking. American began locking AAdvantage accounts of passengers flagged by the airline's system. The category-wide pattern was airlines deploying AI capability against their own customers, framed internally as fare-integrity protection and externally as not-yet-disclosed.

    OMAAT documented United instructing front-line gate staff to report suspected skiplaggers to a centralized enforcement system. The framing was operational. The reality was that the AI was the front-end and the front-line staff were the human enforcement layer.

    In May 2025 a Texas federal jury ruled that hidden-city booking remains legal. The ruling is the latest in a multi-year arc — an October 2024 federal ruling had previously upheld the same legal frame; the May 2025 jury ruling reaffirmed it. The legal floor is, by mid-2025, set. The carrier can deploy AI to detect the practice and can refuse to do business with passengers it identifies. The carrier cannot make the practice itself illegal. The customer's defense is the law.

    That is the operator-class frame for adversarial-AI-against-customers.

    The pattern is broader than skiplagging. The arc is: operator deploys AI to detect customer behavior the operator wants to discourage; the AI becomes the enforcement front-end; the legal frame either accepts the deployment or constrains it; the customer's defense is whatever the legal frame protects. The skiplagging case is the cleanest visible example because the customer behavior is itself legal and the AI is being deployed to enforce a contractual rule the customer signed. Other categories have similar shape with different legal frames.

    What's the category that's been named? AI-as-enforcement-against-customers exists and is growing. Every operator-customer relationship where the customer can extract value the operator did not intend is a candidate category for adversarial AI deployment. Insurance: AI to detect claim patterns the insurer wants to deny. Banking: AI to detect account-behavior the bank wants to flag. SaaS: AI to detect usage-patterns the vendor wants to upsell or terminate. Healthcare: AI to detect billing-or-prescribing patterns the payer wants to deny. The pattern recurs.

    What does the legal frame look like in 2025? Not yet calibrated for this deployment shape. The skiplagging case got a clean answer from a Texas jury because the underlying customer behavior was a contract-vs-statutory question with established precedent. Most adversarial-AI-against-customer deployments are not in categories with that clarity. The legal frame is going to have to develop case-by-case across multiple jurisdictions, and the development will take a decade. In the interim, the operator deploying the AI captures the operating leverage; the customer absorbs the cost of the deployment until the legal frame catches up.

    Where's the trade-press framing failing the part that holds? The trade-press read of these deployments is "fraud detection" or "policy enforcement." The structural read is "operator deploying AI to capture value the customer was getting under the legacy frame." Both readings are accurate at the description level. Only the second one captures the operator-level shift the AI deployment represents. The reframe matters because operators using the trade-press framing don't recognize the legal-and-reputational risk they're taking on. The AI is, in operating terms, more aggressive than the press release admits.

    The thing that crosses pillars is that adversarial-AI-against-customers is the same shape that recurs in healthcare prior-auth, in insurance underwriting, in employment screening, and in B2B SaaS abuse detection. Each of those categories has its own version of the skiplagging-vs-airlines arc playing out. The arcs are at different stages. Airlines are in the post-legal-clarity stage; healthcare prior-auth is in the regulatory-frame-still-developing stage; employment screening is in the early-legal-litigation stage.

    Operators in any of these categories have to decide whether to deploy adversarial AI ahead of the legal frame or wait for clarity. Operators who deploy ahead capture leverage; they also absorb litigation and reputational risk. Operators who wait absorb less risk and capture less leverage. The right answer depends on the category's specific legal trajectory and the operator's risk tolerance.

    What survives all of this is that the airlines' skiplagger-detection deployment is the leading visible case study of an operator shift that is going to play out across a long list of regulated and lightly-regulated categories. The Texas jury's May 2025 ruling sets the legal floor for the airline category. Each adjacent category will get its own jury ruling on its own arc. The operators paying attention now are the operators who will deploy the next generation of adversarial AI with awareness of where the legal floor is going to land.

    United deployed AI to catch skiplaggers. The Texas jury said skiplagging is legal. The category continues. The next category's jury hasn't ruled yet. Operators are deploying AI against the unresolved-legal-frame anyway.

    —TJ