California Court Dismisses State AG's Mobile App Privacy Lawsuit Against Delta

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Katie W. Johnson  


A California state court May 9 dismissed with prejudice the state's lawsuit against Delta Air Lines Inc. for allegedly failing to post a privacy policy that covers its mobile app (People v. Delta Air Lines Inc., Cal. Super. Ct., No. CGC 12-526741, dismissed 5/9/13).

In a December 2012 complaint, California Attorney General Kamala D. Harris (D) alleged that Atlanta-based Delta violated the California Online Privacy Protection Act (CalOPPA) and the state's Unfair Competition Law by failing to “conspicuously post a privacy policy in its Fly Delta app” and failing to comply with its own website privacy policy (11 PVLR 1776, 12/10/12).

CalOPPA, Cal. Bus. & Prof. Code §§ 22575-22579, requires commercial operators of online services to conspicuously post privacy policies informing users of what personally identifiable information is being collected and how it will be used.

According to the Superior Court of California for the City and County of San Francisco's two-page order, it sustained Delta's demurrer to the complaint. The court did not explain its reasoning behind the ruling, but a comment by Delta clarifies that federal preemption played a role in the court's decision.

“We are pleased the Court has confirmed our view that the California statute does not apply to airlines because it is preempted by federal law,” Paul Skrbec, a Delta spokesman, told BNA May 10. “The protection of customer information is something that Delta takes very seriously.”

The California AG's office is reviewing the decision and has no further comment, Lynda Gledhill, a spokeswoman for the AG's office, told BNA May 10.

Adam Miller, deputy attorney general for the state of California, in San Francisco, represented the state. David J. Schindler and Stefanie C. Hyder, of Latham & Watkins LLP, in Los Angeles, along with Jennifer C. Archie and Drew R. Wisniewski of the firm's Washington office, represented Delta.

Delta Received Warning

The California AG's office has been very active in the mobile privacy space.

In February 2012, six major mobile app Inc., Apple Inc., Google Inc., Hewlett-Packard Co., Microsoft Corp., and Research in Motion Co.--signed an agreement with the California AG, in which they agreed to post privacy policies in their mobile apps on the collection and use of personal information in compliance with CalOPPA (11 PVLR 375, 2/27/12). Facebook Inc. joined the agreement four months later (11 PVLR 999, 6/25/12).

In October 2012, the AG sent formal notification letters to developers whose apps it alleged were not in compliance with CalOPPA and gave them 30 days to comply (11 PVLR 1623, 11/5/12).

The AG's lawsuit against Delta followed two months later. At the time, the AG's office said that Delta was one of the companies that received the noncompliance notice.

In January 2013, the AG issued guidance for mobile app software developers on how to comply with the state's privacy laws (12 PVLR 80, 1/14/13).


Full text of the court's order is available at

Request Bloomberg Law: Privacy & Data Security