California Claims Delta|Air Lines Filches Data


     SAN FRANCISCO (CN) – Delta Air Lines illegally collects consumers’ personal information through its Fly Delta mobile app, and has no privacy policy on it, the California attorney general claims in court.
     Delta’s app has been downloaded “millions of times,” and collects customers’ locations, photographs, street addresses, telephone numbers, email addresses, credit and debit card numbers and expiration dates, gender and passport details, according to the complaint. And it does all this without a privacy policy, which is required by state law, the attorney general says in the Superior Court complaint.
     “The innovations of the 21st century have created new challenges to privacy,” the complaint states. “Today, consumers regularly use computers, smartphones, tablets, and other electronic devices to share and store sensitive personal information, including their full name, date of birth, contact information, photographs, bank accounts, credit card numbers, and location information. If a consumer stores this information on a smartphone or other device connected to the Internet, the consumer’s personal information may be accessed by mobile applications that can collect the stored personal information and share it with third parties, sometimes without the consumer’s knowledge or consent. Accordingly, it is imperative that consumers are clearly and conspicuously informed of the personal information that is collected from them, how that information is used, and with whom it is shared so that the consumer is empowered to make an educated choice about whether to allow a mobile application to access such information.”
     Since 2004, the California Online Privacy Protection Act (CalOPPA) has required that mobile-device apps come with a privacy policy.
     Delta claims on its website that the Fly Delta app “puts everything you need to know in the palm of your hand.”
     Customers can download the free app to their smartphones to change seats, get flight status and gate information, and track bags, among other things.
     But for more than two years, Delta has offered the app without having a privacy policy “in the application itself, in the platform stores from which the application may be downloaded, or on Delta’s website,” according to the complaint. “Users of the Fly Delta application do not know what personally identifiable information Delta collects about them, how Delta uses that information, or to whom that information is shared, disclosed, or sold.”
     The state adds: “The Fly Delta app has been available for download from the Google Play (formerly known as Android Market) and Apple iTunes marketplaces since at least October of 2010. Since that time, Delta has provided updated versions of the Fly Delta app on Apple iTunes approximately 15 times. The current versions of the Fly Delta app were last released June 15, 2012 (Google) and June 22, 2012 (Apple). The Fly Delta app has been downloaded by consumers millions of times since October of 2010 without the conspicuously posted privacy policy required by CalOPPA.” (Parentheses in complaint.)
     Attorney General Kamala Harris says the state notified Delta by letter of its privacy violations on Oct. 26, more than 30 days before filing the complaint.
     “On or about October 30, 2012, several media sources reported that Delta had released a statement that said: ‘We have received the letter from the attorney general and intend to provide the requested information,'” the complaint states.
     But the attorney general says Delta has not done it.
     The state seeks civil penalties and an injunction.

%d bloggers like this: