If you’ve ever suspected that the price you saw online wasn’t quite the same price someone else saw for the exact same product, you may have been right. And now Congress wants answers.
On March 5, 2026, House Oversight Committee Chairman James Comer sent formal letters to the CEOs of five major consumer platforms — Booking Holdings, Expedia Group, Uber, Lyft, and Instacart — demanding documents and detailed explanations of how their pricing algorithms work, what personal data feeds into them, and what financial benefit those systems generate. The companies have until March 19 to respond.
The investigation targets a practice that has been quietly spreading through consumer-facing industries for years: surveillance pricing.
What Surveillance Pricing Actually Is
Surveillance pricing is not the same as dynamic pricing — the familiar model where airline tickets cost more on busy travel days, or hotel rates climb during a major event. Dynamic pricing responds to demand. Surveillance pricing responds to you, specifically.
The way it works: a company collects data about an individual consumer — their location, browsing history, purchase history, device type, demographic profile, even behavioral signals like mouse movements and how long they linger on a product page — and uses that data to build a personal profile. An algorithm then uses that profile to determine the highest price that particular individual is likely to accept before abandoning the purchase.
In other words, the price you’re shown isn’t the market price. It’s your price. Calculated to extract the maximum amount you’re personally willing to pay.
Chairman Comer described it directly in his letters: companies are using consumer data to build profiles based on “geolocation, demographics, browsing history, purchase history, device type, battery life, and even mouse clicks” to assign different prices to different individuals for identical goods and services. His concern, stated plainly, is that this gives companies the ability to “weaponize personal data” to expand profit margins at the direct expense of consumers who have no idea it’s happening.
Who’s Being Investigated and What They’re Saying
The five companies named in the investigation represent some of the most active collectors of real-time consumer behavioral data in the country. All five have pushed back.
Uber stated it does not engage in surveillance pricing and does not personalize prices based on individual characteristics, past behavior, or device information — describing its pricing as a function of location, time, and demand. Expedia said it does not increase prices based on user data or activity and does not personalize pricing on the basis of protected personal characteristics. Instacart issued the most categorical denial, stating it does not engage and has never engaged in surveillance pricing, and that no personal, demographic, or user-level behavioral data is used by retailers to set item prices on its platform.
The committee is not taking those denials as final answers. The document requests specifically include internal communications about revenue management algorithms, technical documentation on how those systems function, and data on the financial impact of algorithmic pricing strategies. The committee wants to see the evidence behind the claims, not just the claims.
This Isn’t Just a Congressional Concern
The House investigation is the most visible action so far, but it’s not operating in a vacuum. In January 2026, California Attorney General Rob Bonta announced a broad state-level probe into the use of personal data to set individualized prices. Multiple states — including Colorado, Georgia, Louisiana, Maryland, Illinois, Minnesota, Tennessee, and California — are actively considering legislation during their 2026 sessions that would ban the practice outright.
Federal legislation is also in motion. The One Fair Price Act, introduced following an investigative report into Instacart’s pricing practices, would explicitly prohibit companies from using consumers’ personal data to set individualized prices at the point of sale. Whether it advances in the current Congress remains to be seen, but its introduction signals that surveillance pricing has moved from a niche consumer protection concern to a mainstream legislative priority.
Consumer advocates have welcomed the scrutiny. Consumer Reports, responding to the committee’s announcement, noted that personal data “shouldn’t be used against us to figure out the most we are willing to pay at checkout.”
Why This Matters Beyond the Companies Named
The five companies receiving letters are not the only businesses using algorithmic pricing informed by consumer data. They are among the most prominent. The broader ecosystem of retail, travel, hospitality, insurance, financial services, and subscription platforms has been moving in this direction for years, accelerated by the availability of richer behavioral data and more capable machine learning systems.
What the investigation signals to that broader market is that the regulatory and legislative tolerance for opaque, personalized pricing is narrowing — and narrowing quickly. Companies that have been collecting and monetizing behavioral data without clear disclosure to consumers are now operating in a climate where that practice has a name, congressional investigators are asking for documents about it, and multiple state legislatures are preparing to outlaw it.
The committee was careful to draw a distinction in its framing. Chairman Comer stated explicitly that the investigation is not opposed to AI tools that help companies align prices with genuine demand fluctuations, consumer preferences, and operational costs. The concern is specifically with systems that exploit personal data to charge individuals the maximum extractable amount without their knowledge or consent — and with the lack of any transparency obligation that would allow consumers to understand why the price they see is the price they see.
That distinction — between AI-assisted efficiency and AI-assisted exploitation — is likely to define where regulation lands. But until clearer rules exist, the legal and reputational exposure for companies operating in the gray area between the two is growing.
The Deeper Issue: Your Data Is Already Being Used Against You
The surveillance pricing investigation is part of a larger story that most businesses have been slow to reckon with. The personal data your customers generate when they interact with your website, app, or platform — their browsing behavior, location signals, device characteristics, purchase history — has legal strings attached to it that are tightening at the state and federal level simultaneously.
The same data practices that power algorithmic pricing are the same practices that have generated CCPA class actions, CIPA wiretapping lawsuits, and FTC enforcement actions. The regulatory momentum isn’t moving in one direction on one issue. It’s converging across multiple legal frameworks on a single underlying question: are you collecting and using personal data in ways your customers know about and have agreed to?
For most businesses, the honest answer involves more uncertainty than it should.
If Your Business Collects Consumer Data, Your Exposure Is Bigger Than This Investigation
The companies under congressional scrutiny are large platforms with legal teams already preparing their responses. For mid-size businesses that collect behavioral data through analytics tools, advertising pixels, personalization engines, or pricing software, the exposure is often larger relative to their legal resources — and far less visible. Book a demo below.
