Skip to content

California Attorney General Sues Delta Airlines for Not Having a Privacy Policy for Mobile App

Not having a privacy policy could be a problem, especially if you collect personally identifiable information from users located in California.  Delta Airlines is learning this tip the hard way.  Kamala Harris, the California Attorney General, filed a complaint in state court last week against Delta Airlines for not adhering with California state law. The state law at issue is the California Online Privacy Protection Act, which requires a website that collects personally identifiable information about individual consumers residing in California to conspicuously display a privacy policy.

The online service at issue here is the Fly Delta mobile app.  Delta has offered this app to consumers to allow them to receive alerts about flights, cancel flights, change seats, and a variety of other actions relating to their flight.  The issue here is that Delta is collecting personally identifiable information from the consumers who purchase the app without telling them that it was being collected, and also what they planned to do with it after it had been collected.  Examples of personally identifiable information include names, addresses, email addresses, and credit card information.

Harris advised many companies whose privacy policies did not comply with state law to adhere to the law.  Harris gave them 30 days to become compliant.  Delta did nothing, and as a result could be paying up to $2,500.00 per violation.  This instance is simply part of the larger battle Harris has been waging in California to get all companies in compliance with the privacy laws.

After the lawsuit was filed, Delta quickly published a Privacy Policy for the Fly Delta app.  This was in no doubt an effort to stop the bleeding, but there may be some issues with Delta’s current Privacy Policy.  Researchers have found that the Delta App collects what is called a unique device identifier (UDID).  This is a number that is associated with each mobile device used to access the app.  The problem is that this information is not covered in the Privacy Policy.

This is a good example of why it is important to understand that while you may be collecting information from your consumers like their name and address, there are other pieces of information that are collected automatically that might not seem so obvious.  Having a well drafted and conspicuously placed Privacy Policy is important for any Internet business, and Centre Law Group attorneys have years of experience preparing these contracts.

By Taylor Hume

2 Comments Post a comment
  1. It is approved for hypotrichosis of eyelashes, meaning hair loss.
    Sometimes excessive loss of eyelashes is caused
    by an incipient or advanced medical condition, such as an abnormality in
    the thyroid or pituitary glands. This kind of generation ended up being gummed towards the actresses
    lash line.

    August 7, 2013

Trackbacks & Pingbacks

  1. CalOPPA Amendment: What “Do Not Track” Means for You | InternetBiz Law

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: