Airline Firms Warned About Privacy Violations

Delta and United Airlines are among 100 firms that have been told they are breaking California's privacy laws.

The problem: these companies have smartphone and tablet applications that don't give customers adequate information about the way they handle personal data.

Kamala Harris, California's attorney general, insists companies are breaching the California Online Privacy Protection Act, which says app users must get clear details about the personal data collected and how it will be used.

These 100 companies are among many more offenders but happen to own the 100 most popular apps breaching the rules. The Attorney General hopes to create enough publicity to drive home the message to developers of less popular apps, as well.

Failure to Comply Could Cost $2,500

If the companies continue violating the law for more than 30 days, they could each face a $2,500 penalty. That may not sound like much, but there could be a fresh fine every time somebody downloads an app. (Source: cnet.com)

United Airlines already posts a privacy policy on its website, but that may not be sufficient to comply with the law, which specifically requires that users be able to access the privacy policy on their mobile devices before installing the app.

Both Delta and United say they are looking into the issue and fully intend to make whatever changes are needed to comply with the law. (Source: latimes.com)

State Lawyers Relying On Old Law

There's some question about what would happen if any company actually challenged the policy, however. The Act dates from 2004 and doesn't specifically address mobile applications, which weren't widely available back then.

There is no court ruling to confirm that the law covers apps in the same way as websites. The letters sent out this week and the threatened fines are based solely on Harris interpreting the wording and intent of the 2004 Act.

Harris has previously used personal persuasion to get the seven companies that run the largest app stores to publish more information about their handling of personal data. She may not be able to repeat that success here.

What's more, technically the law covers only cases where a California resident downloads the app. In practice, however, observers believe most developers will find it simpler to make the information available to all customers, regardless of whether the California law applies.