Home > Uncategorized > A Good Read – California Attorney General Sues Delta Over Alleged Non-Disclosure of Personally Identifiable Information (PII) Collected by Delta’s “Fly Delta” App

A Good Read – California Attorney General Sues Delta Over Alleged Non-Disclosure of Personally Identifiable Information (PII) Collected by Delta’s “Fly Delta” App

December 8, 2012

This is an interesting discussion.  On December 6, 2012, the California Attorney General filed a lawsuit against Delta Air Lines over Delta’s alleged failure to sufficiently post disclosure of its collection and use of personally identifiable information (PII) that Delta collects when someone uses its Fly Delta application.  The Attorney General did not file suit over use of the alleged PII, but only over Delta’s alleged failure to disclose or to sufficiently disclose to app users the alleged collection and use or possible use of the PII.   To find a copy of the Attorney General’s news release with a link to a copy of the Complaint Click Here.

First, let me say that I have read the Complaint, which is filed in the Superior Court of the State of California for the City and County of San Francisco, and I compliment the wording of the 8 page Complaint which is reasonably detailed and easy to understand.  The Attorney General argues that whereas Delta does have a disclosure policy on its website, the app (1) also should have a disclosure policy, that is (2) more detailed and explanatory about the collection and use of personally identifiable information.  The Complaint is a definite worthwhile read for legal counsel, risk managers, and designers of applications, websites and online services.

Without getting into the specifics of the claims that have been alleged or evaluation of possible liability and defenses, I note that the Attorney General alleges that recoverable damages are up to $2,500 per each violation which the Attorney General describes in its October 26, 2012, letter to Delta (attached as Exhibit A to the Complaint) as “for each copy of the unlawful app downloaded by California consumers.”  The 30-day warning letter to Delta further states “Please respond to the undersigned within 30 days of the date of this letter with the following information: a) Delta’s specific plans and timeline to comply with CalOPPA; or b) why you believe this app is not covered by CalOPPA.” The Complaint at page 6 acknowledges that on October 30, 2012, several media sources reported that Delta had released a statement that Delta had received the letter and intended to provide the requested information.  The Attorney General’s 30-day notice letter is dated October 26, 2012.  The Complaint was filed 41 days later, on December 6, 2012.

Clearly the Attorney General intends that its Complaint against Delta get broad attention, and it will, not only for the allegations and possible damages, but also for the decision by the Attorney General to not cut Delta much slack on its response time.  In other words, if you get one of these letters from the Attorney General, take it seriously and act promptly within the 30-day notice window.

Categories: Uncategorized