California Attorney General Kamala Harris has made good on her promise to get tough with mobile app makers that fail to provide privacy policies in their apps.  Yesterday, her office sued Delta Airlines for violating the California Online Privacy Protection Act (“CalOPPA”), which requires providers of websites and “online services” to conspicuously post privacy policies that describe the provider’s data practices.  Harris contends that Delta’s “Fly Delta” app does not contain a privacy policy, despite the fact that Delta collects “personally identifiable information” (“PII”), as that term is defined in CalOPPA. 

Interestingly, Harris also alleges that Delta “fail[ed] to comply with the provisions of its privacy policy,” which itself is a violation of CalOPPA.  This allegation is somewhat puzzling given that the core assertion of the suit is that Delta has failed to maintain any privacy policy at all in its app.  But it appears possible that Harris will argue Delta has failed to comply with its website privacy policy, which, the complaint notes, does not disclose certain categories of PII that are being collected through the app (e.g., location information). 

Also noteworthy are allegations that the “Fly Delta app is not the primary commercial activity of Delta,” and that “CalOPPA does not relate to rates, routes or services of any air carrier.”  These allegations anticipate a preemption challenge by Delta pursuant to the Airline Deregulation Act.  Delta would appear to have a strong argument that the suit is, indeed, preempted.  As noted in the complaint, the app enables people to search for and book flights.  Thus, the Attorney General’s argument that the app is not related to the “routes and services” of Delta would seem to face an uphill battle.

The one-count complaint seeks recovery under Cal. Bus. & Prof. Code § 17200, alleging that the violations of CalOPPA are “unfair” acts.  In addition to injunctive relief, Harris seeks a $2,500 per-violation civil penalty.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Nigel Howard Nigel Howard

For over 30 years Nigel Howard has specialized in technology transactions such as M&A, strategic alliances, licensing, distribution agreements and outsourcing. Clients range from start-ups and emerging companies to international corporations. He has led negotiations of billion dollar service agreements that were critical…

For over 30 years Nigel Howard has specialized in technology transactions such as M&A, strategic alliances, licensing, distribution agreements and outsourcing. Clients range from start-ups and emerging companies to international corporations. He has led negotiations of billion dollar service agreements that were critical to his client, and successfully handled the intellectual property and data issues on over 250 venture capital and M&A transactions.

Nigel is a “tremendous attorney” singled out for his detail-oriented approach, according to clients interviewed by Chambers and Partners. Peer commentators note his admirable commercial awareness, which achieves business-focused results, often in the most challenging of circumstances. He uses his extensive experience with IP and technology to advise on the commercial imperatives underlying these agreements.

Nigel has been ranked by Chambers Global, Chambers USA, Legal 500, Best Lawyers in America, and Who’s Who in American Law. He is frequent speaker on AI, data, distribution, and technology legal issues. His past and current clients include American Airlines, the American Bankers Association, American Express, AstraZeneca, British Airways, Brown Brothers Harriman, Cathay Pacific, Cisco, CoBank, DoubleClick, Etihad, HPE, Farelogix, Iberia, Mars, Merck, Merrill Lynch, Microsoft, NCR, the NFL, Novartis, P&G, Philippine Airlines, Promontory Financial, Singapore Airlines, Teva, TouchTunes, UBS, and Wyeth.