Transport Airlines

Delta gets sued by California for mobile app privacy violations

Dec 07, 2012 1:27 am

Skift Take

The California AG was also considering suing United, but didn’t, so looks like it complied and Delta didn’t in time. At $2,500 per app violation, it could rack up a hefty fine on this one.

— Rafat Ali

Turnkey Analytics to Track Your Competitors


California sued Delta Airlines Inc. on Thursday, alleging the Atlanta-based company is breaking state law by not warning users that the airline is collecting sensitive information each time customers contact the company on its “Fly Delta” mobile application.

Attorney General Kamala Harris filed the suit in San Francisco Superior Court in the first legal test of the state’s 8-year-old Online Privacy Protection Act.

California is the only state with such a law, which requires companies to prominently notify users of their mobile apps about what personally identifiable information is being collected and how it will be used.

Harris says the company missed a 30-day window to comply with the privacy law on its “Fly Delta” app, which is designed for use on smartphones and other mobile devices. Customers can log on to check in for a flight, review reservations, book flights and pay for checked baggage.

The lawsuit alleges the site lacks privacy warnings even though it collects the customer’s full name, telephone number, email and mailing address, along with more sensitive information like birth dates and credit card numbers.

Delta spokesman Anthony Black said company policy prohibits him from commenting on pending litigation.

Harris, a Democrat, is seeking an injunction barring Delta from distributing the application until it posts a privacy policy. She is asking for a penalty of up to $2,500 for each violation, though the lawsuit leaves it up to a judge to determine what constitutes a violation.

“California law is clear that mobile apps collecting personal information need privacy policies, and that the users of those apps deserve to know what is being done with their personal information,” Harris said in a statement announcing the lawsuit.

Harris previously reached an agreement with seven companies to warn users about their privacy policy in a consistent, prominent way before consumers download the mobile application. The companies agreeing to comply with California’s law are Amazon, Apple, Facebook, Google, Hewlett-Packard, Microsoft, and Research in Motion.

Copyright (2012) Associated Press. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Download (PDF, 609KB)

Tags: , , ,

Next Up

More on Skift

Daily Travel Startup Watch: Dash, The Bach And More
TripAdvisor CEO Exuberant About ‘Phenomenal’ Restaurant Opportunity
Commerce and Travel Platform Deem Secures $50 Million in Funding
A Modern Business Traveler’s Plea to the Corporate Travel World