California files lawsuit against Delta Air Lines and its mobile app

California law requires application developers to conspicuously post detailed privacy policies about their programs. A couple months ago, app developers for mobile and traditional applications were put on notice to provide detailed privacy information to consumers about the type of data that is collected, what parts of that data contains personally identifiable information, and what is done with that data once it is collected.

In October, California’s Attorney General, Kamala Harris sent letters to 100 app makers (Delta Air Lines among them) who did not incorporate privacy policies with their applications and gave them 30 days to make their privacy policies available or respond to the AG’s letter.

Delta Air Lines said it intended to respond to the letter. It has a privacy policy on its website, but it does not make a reference to the airline’s mobile application. The Fly Delta App allows flyers to handle the common tasks for airline applications, like flight check-in and baggage checks.

However, the State of California contends in its civil lawsuit against Delta that the application gathers “substantial” personally identifiable information including, “names, phone numbers, email address, frequent-flier numbers, photographs, credit-card numbers and locations.” Since Delta is apparently not adhering to the law, stemming from legislation passed in 2004 and reinforced with the California Online Privacy Protection Act (COPPA), passed in 2012, and the airline did not respond to the Attorney General’s letter, the state filed the first lawsuit in connection with a smartphone application on privacy grounds.

The lawsuit states, "Users of the Fly Delta application do not know what personally identifiable information Delta collects about them, how Delta uses that information, or to whom that information is shared, disclosed, or sold." California is the only state which applies its privacy laws to mobile applications. As the state exerts its influence through this law, other states typically follow suit and adopt similar legislation.  For Delta, if it is found to be in violation of this law, it will face fines of $2,500 per non-compliant app downloaded by a California resident.

source: The Wall Street Journal