Long-known as an ardent protector of individual privacy rights, California brought its first legal enforcement action under state privacy laws on December 6, 2012, when state Attorney General Kamala D. Harris filed suit against Delta Air Lines, Inc. for failure to display a privacy policy on its mobile application. According to the Complaint, Delta's "Fly Delta" app violates California's Online Privacy Protection Act ("CalOPPA") and Unfair Competition Law because the app collects personally identifiable information ("PII") from users but does not display a privacy policy.

The Fly Delta app, which has been offered since 2010, allows a user to, among other things, book and check in for flights, pay for and track checked baggage, and save the geo-location of the user's parked car using a photograph taken from the user's phone. The Complaint further alleges that, in providing these services, the Fly Delta app collects at least fourteen types of PII, including a user's passport number, geo-location data, corporate or employer affiliation, and credit card information. The Fly Delta app itself makes no mention of its collection or use of such PII, nor does it reference the privacy policy on the main Delta Air Lines website. According to the Complaint, Delta's website's privacy policy does not mention the Fly Delta app, nor does it disclose the app's collection of users' geo-location data or photographs. If found liable, Delta could face civil penalties of up to $2,500 per violation.

Please see full alert below for more information.