Delta Airlines was sued recently by the California Attorney General’s office – the first court action under the state’s new privacy law overseeing online data collection.

The suit relates to how Delta operates the mobile app, “Fly Delta,” for use on smartphones and other devices.  The app lets users check-in online for a flight, view reservations, reschedule cancelled or missed flights, pay for checked baggage, track baggage, access a frequent flyer account, take photos, or save a user’s geo-location.

“Despite collecting substantial personally identifiable information such as a user’s full name, telephone number, email address, frequent flyer account number and pin code, photographs, and geo-location, the Fly Delta application does not have a privacy policy,” according to a statement from the Attorney General’s office.

Delta was given 30 days to post a privacy policy on its mobile app. The policy has to state the personally identifiable information which is being collected and what Delta plans to do with it.


Image via www.itunes.apple.com

“California law is clear that mobile apps collecting personal information need privacy policies, and that the users of those apps deserve to know what is being done with their personal information,” Attorney General Kamala D. Harris said in a public statement. “Losing your personal privacy should not be the cost of using mobile apps, but all too often it is.”

Violators of the new law can be prosecuted under the state’s Unfair Competition Law and/or False Advertising Law. The lawsuit wants Delta to post the privacy policy and attempts to impose penalties of up to $2,500 for each violation.

Under a prior agreement with Harris, Amazon, Apple, Facebook, Google, Hewlett-Packard, Microsoft, and Research in Motion – the companies agreed to broaden privacy policies on mobile apps that collect personal information.

In October, Harris mailed letters to Delta and about 100 other companies that operate in California saying they were violating the state's privacy law. The first letters were sent to companies with the most popular apps on mobile platforms. These included Open Table and apps for Delta and United Airlines.

Delta does have a privacy policy on its website– but it is insufficient given the California law, the Attorney General claims. Comment from Delta on the lawsuit was not immediately available.