Ms. Harris has contended that the law requires that privacy notices be embedded in the mobile apps themselves. In October of last year, she sent warning letters to businesses offering over 100 different mobile apps to that end, and in December she filed suit against one of the recipients of those letters, Delta Airlines.
The suit attracted much attention as a possibly important precedent in the area of mobile privacy. One key question raised by the suit was whether mobile apps are “commercial websites” or “online services” under the California statute. Alas, the suit ended with a fizzle yesterday, when the California Superior Court dismissed the case with prejudice in a summary (one-paragraph) order.
The order did not elucidate the reasons for the dismissal beyond citing the arguments made by Delta in its demurrer. (In fact, the court simply signed the proposed form of order that Delta’s counsel had submitted.) Nonetheless, a likely compelling basis for that decision was the argument advanced by Delta that the federal Airline Deregulation Act preempts the state-law claim.
That statute, enacted during the Carter Administration to deregulate the airline industry, provides that a state “may not enact or enforce a law, regulation, or other provision having the force and effect of law related to a price, route, or service of an air carrier . . . .” 49 U.S.C. § 41713. California’s claim, argued Delta, related to a “service” offered by the airline and, hence, was preempted. In the face of that provision, which courts have construed broadly, Ms. Harris’s choice of an airline as her first litigation target may have been improvident.
Whatever the court’s reasoning in dismissing the case, a ruling on the scope of California’s online privacy law and its applicability to mobile applications now must await another day.