Thursday, December 6, 2012

California makes good on its mobile privacy warning

California sued Delta Airline for not displaying privacy policy on its mobile app.  Delta had 30 days to act, and  according to California Attorney General Kamala Harris they failed to act within the deadline.

When the first warning was issued against Delta, United, and Opentable mobile apps back in end of October, I looked at their iPhone apps.  Back then, none of them had the privacy notice pointer from the App Store.

When I checked the Delta app (Fly Delta) today, they fixed the privacy link on their app listing page.  No more broken link.  It was pointing to its online privacy policy page.

So I decided to download Fly Delta app and found out what triggered the lawsuit.

Fly Delta wins the design competition against United,
but not the agile development award.
Source: Fly Delta iPhone app

It did not have the privacy policy link from the app.  On Settings page where the privacy policy link is normally found, it was not there.  After a quick tour through the app, it was nowhere to be found.

Then I got curious.  United was also cited earlier, but only Delta got sued.  What about United?

United did not fix their privacy policy link from the app download page.  It still points to page not found as it did back in late October.  But the United app provides the privacy policy link.

It looks like an HTML page,
but sure seem to give United the edge to react faster.
Source: United iPhone app

It may not be obvious from the screenshot, but it looks like the United app is built mostly using HTML page. (Notice there are no black margins top and bottom unlike the Delta app.  Probably coded with adaptive design in mind.)  United may have had easier time adding the privacy link than Delta.  The Fly Delta app was faster, more native implementation on iOS.  It may have been more difficult to for Delta to update its app.

The lesson is clear for mobile developers.  All mobile developers should add the privacy policy link from the app itself.  Why risk getting fined up to $2,500, not to mention all the bad publicity?

No comments:

Post a Comment