Hey Delta, What Are You Doing with My Personal Info?

Delta collects users’ personal information on its Fly Delta mobile app.

But it does so on the QT, without any notification either that it’s doing so or for what purpose.

That’s a problem in California, which adopted the Online Privacy Protection Act in 2004, requiring businesses to prominently post their policies on the collection and use of customers’ personal data.

And it’s the basis for Case No. CGC-12-526741, The People of the State of California v. Delta Air Lines, Inc., filed on December 6 in the Superior Court of California, County of San Francisco, by Kamala Harris, Attorney General of California.

The complaint reads in part as follows:

Despite collecting substantial personally identifiable information such as a user’s full name, telephone number, email address, frequent flyer number and PIN code, photographs, and geo-location, the Fly Delta application does not have a privacy policy…. Users of the Fly Delta application do not know what personally identifiable information Delta collects about them, how Delta uses that information, or to whom that information is shared, disclosed, or sold.

Delta was just one of around 100 companies that were warned in October that they were in violation of California’s Internet privacy laws. Only Delta failed to meet the 30-day deadline to comply.

Delta won’t comment on pending litigation, so there’s no way to know whether the company refused to abide by the law on principle, or simply missed the Attorney General’s deadline through bureaucratic ineptitude. The latter is the more likely explanation.

Although it has yet to become a national standard, the California law is fair and reasonable. Consumers have every right to know what’s being done with their personal information. And it’s a simple matter for companies to include the required notification in any application that requires it.

The complaint proposes blocking the Fly Delta application until it is fixed, and fining Delta $2,500 for each violation, leaving open the interpretation of “violation.” Bringing the application up to spec is a relatively easy job. But if the court equates violations with California downloads, and rules against Delta, the airline could be on the hook for a substantial fine.

Other than Delta’s outside legal counsel, it’s hard to see who benefits from this.

The company must now devote considerable time and money to resolving the legal dispute, and faces the possibility of meaningful fines as well. That drain on Delta’s resources benefits neither its customers, nor its employees, nor its shareholders.

Among the questions raised: Why has Delta chosen to play a game it can only lose? And on a more personal note, who is Delta selling my frequent-flyer data to?

Reader Reality Check

As a Delta customer, do you feel it is your right to be informed what use the company makes of your personal information?

This article originally appeared on FrequentFlier.com.