Advertisement

July 28, 2014

California Attorney General Flexes Muscle on Mobile Privacy: AG Sues Delta for Lack of Privacy Policy on Mobile Application

Yesterday, California’s Attorney General Kamala Harris filed the state’s first suit under California’s Online Privacy Protection Act.  The lawsuit, against Delta Air Lines, followed the Attorney General’s warning letters to Delta and many other companies in October to post privacy policies with their mobile apps to inform users of what personally identifiable information is being collected and how the information is used by the company (previously covered by FTC Beat here).

California’s Online Privacy Protection Act mandates that commercial operators of websites and online services, including mobile and social apps, conspicuously post a privacy policy if they collect personally identifiable information from California residents.  In addition to posting a privacy policy, operators must abide by the promises and representations made in those policies.

In the complaint against Delta, the AG contends that Delta has operated a mobile app called “Fly Delta” since at least 2010.  Individuals can use the Fly Delta app to check in for flights, view reservations, rebook  flights, pay for checked baggage, and access a user’s frequent flyer account, among other actions.  The California AG alleges that the Fly Delta app lacks a privacy policy, despite the fact that Delta’s app collects substantial amounts of personal information, including full names, telephone numbers, email addresses, photographs, and geo-locations.  According to the complaint, “Users of the Fly Delta application do not know what personally identifiable information Delta collects about them, how Delta uses that information, or to whom that information is shared, disclosed, or sold.”  The AG asserts that Delta’s conduct violates the Online Privacy Protection Act and California’s Unfair Competition Law.

Delta will, of course, have a chance to defend itself and could argue that its general website policy covers its mobile applications.  Many companies maintain a general privacy policy that covers their website, their mobile applications, and even their social networks.   The complaint acknowledges Delta’s website privacy policy though contends that it is not “reasonably accessible to consumers of the Fly Delta app” and that the app collects different information than is collected through the website.

The lawsuit seeks an injunction to prevent Delta from distributing its application and requests penalties of up to $2,500 for each violation (in other words, each time the app is downloaded).   According to the complaint, the Fly Delta app “has been downloaded by consumers millions of times since October of 2010 without the conspicuously posted privacy policy required by” the Online Privacy Protection Act. The Attorney General’s action in filing the lawsuit demonstrates that she intends to follow through on her earlier warnings to companies to ensure their compliance with the Online Privacy Protection Act.  Other companies who received similar warning letters included Open Table and United Continental.

Companies offering mobile apps and commercial websites should ensure that they post and abide by privacy policies when they are collecting personal information.  Further, if a general privacy policy is meant to cover a company’s app, it should so state and it would be prudent for it to be easily accessible through the mobile app.   The California Attorney General’s lawsuit against Delta is a sure sign that California will continue to follow through on its efforts to mandate compliance with its Online Privacy Protection Act, and other states may follow California’s lead.

© 2012 Ifrah PLLC

About the Author

Member

Michelle’s unfailing dedication to her clients is evidenced by the fact that her first client, whom she worked with as a first-year associate almost 20 years ago, remains an active client. She establishes strong and lasting relationships by committing herself to client service. Michelle understands her clients’ business goals, guides them in their use of new technologies, and communicates with them as their business activities unfold.

Michelle’s practice is focused on helping her clients establish powerful and lasting relationships with their customers and...

202-524-4149

Boost: AJAX core statistics

Legal Disclaimer

You are responsible for reading, understanding and agreeing to the National Law Review's (NLR’s) and the National Law Forum LLC's  Terms of Use and Privacy Policy before using the National Law Review website. The National Law Review is a free to use, no-log in database of legal and business articles. The content and links on www.NatLawReview.com are intended for general information purposes only. Any legal analysis, legislative updates or other content and links should not be construed as legal or professional advice or a substitute for such advice. No attorney-client or confidential relationship is formed by the transmission of information between you and the National Law Review website or any of the law firms, attorneys or other professionals or organizations who include content on the National Law Review website. If you require legal or professional advice, kindly contact an attorney or other suitable professional advisor.  

Some states have laws and ethical rules regarding solicitation and advertisement practices by attorneys and/or other professionals. The National Law Review is not a law firm nor is www.NatLawReview.com  intended to be  a referral service for attorneys and/or other professionals. The NLR does not wish, nor does it intend, to solicit the business of anyone or to refer anyone to an attorney or other professional.  NLR does not answer legal questions nor will we refer you to an attorney or other professional if you request such information from us. 

Under certain state laws the following statements may be required on this website and we have included them in order to be in full compliance with these rules. The choice of a lawyer or other professional is an important decision and should not be based solely upon advertisements. Attorney Advertising Notice: Prior results do not guarantee a similar outcome. Statement in compliance with Texas Rules of Professional Conduct. Unless otherwise noted, attorneys are not certified by the Texas Board of Legal Specialization, nor can NLR attest to the accuracy of any notation of Legal Specialization or other Professional Credentials.

The National Law Review - National Law Forum LLC 4700 Gilbert Ave. Suite 47 #230 Western Springs, IL 60558  Telephone  (708) 357-3317 If you would ike to contact us via email please click here.