Skip the navigation

California sues Delta Airlines for lack of mobile app privacy policy

Delta, which was warned in October, could face a penalty of $2,500 for each time its Fly Delta application has been downloaded

By Jeremy Kirk
December 6, 2012 10:41 PM ET

IDG News Service - California's attorney general has sued Delta Air Lines for failing to include a privacy policy within the company's mobile application, an alleged violation of the state's Online Privacy Protection Act.

The lawsuit, filed in Superior Court of San Francisco on Thursday, marks the first time the state has taken legal action to enforce the privacy law, which was enacted in 2004, according to a news release from Attorney General Kamala D. Harris. Delta also violates California's Unfair Competition Law, the lawsuit alleged.

Since 2010, Delta has distributed a mobile application called "Fly Delta" that allows people to manage their bookings, according to the suit. The application collects information such as a person's name, phone number, birth date, email address, frequent flyer account number and pin code, photo and geo-location data. It is alleged in the lawsuit that Delta customers do not know how their data is collected or used by the airline.

Delta could face a penalty of $2,500 for each time a non-compliant mobile application is downloaded, the attorney general's office said. The application has been downloaded millions of times from Google's Play and Apple's iTunes application markets, according to the lawsuit.

Delta, which has its headquarters in Atlanta, could not be immediately reached for comment.

Harris had been aggressive in pushing companies to comply with the law. Earlier this year, she created the Department of Justice's Privacy Enforcement and Protection Unit, which is charged with enforcing the Online Privacy Protection Act, federal privacy laws and those relating to personal data and data breaches.

In February, Harris reached an agreement with Amazon, Apple, Google, Hewlett-Packard, Microsoft and Research In Motion to ensure applications hosted on their platforms have conspicuous privacy policies. In June, Facebook also signed an agreement committing to a privacy policy.

In October, Harris warned companies and developers of the 100 most popular applications that did not have a privacy policy, including Delta.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Reprinted with permission from IDG.net. Story copyright 2014 International Data Group. All rights reserved.
Our Commenting Policies
Consumerization of IT: Be in the know
consumer tech

Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!