×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

California Sues Delta Air Lines Over Mobile Privacy

timothy posted about a year ago | from the best-practices dept.

Android 100

New submitter mrheckman writes "California is suing Delta Air Lines for violation of California's on-line privacy law. Delta failed to 'conspicuously post a privacy policy within their mobile app that informs users of what personally identifiable information is being collected and what will be done with it' after a 30-day notice. Delta's app collects 'substantial personally identifiable information such as a user's full name, telephone number, email address, frequent flyer account number and pin code, photographs, and geo-location.' Why is it we still can't control what permissions an app has on our phones? It's absurd and disturbing that an app for checking flights and baggage demands all of those permissions."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

100 comments

you read the set of permissions. (4, Insightful)

queazocotal (915608) | about a year ago | (#42300769)

You install or do not install.

Re:you read the set of permissions. (0)

Anonymous Coward | about a year ago | (#42300795)

Or you get the hose

Re:you read the set of permissions. (3, Insightful)

Anonymous Coward | about a year ago | (#42300855)

Why, though? It is trivial to use (though not to install) utilities like PDroid and DroidWall to control these permissions.

Why does a modern OS not give advanced users basic control of the sandbox settings? Is it to protect the user's interests, or is it to deliberately limit the user's control of their own device?

Re:you read the set of permissions. (2)

Stalks (802193) | about a year ago | (#42301227)

The way I understand it PDroid is only available for a select few ROMs, mostly CyanogenMod and other variants. I was looking into it last week but I couldn't find a definitive way of installing it without also installed a 3rd party ROM. I'd prefer to keep the Samsung stock ROM on my i9100.

I ended up using LBE Privacy Guard, although not quite as good, it is doing some of the job I was looking for.

I had never heard of Droidwall, I'm going to look that up now, thanks.

Re:you read the set of permissions. (1)

Stalks (802193) | about a year ago | (#42301235)

Droidwall is just the firewall part. Good in itself, but is there a way of putting PDroid on the Samsung ROM?

Re:you read the set of permissions. (0)

Anonymous Coward | about a year ago | (#42301881)

I installed PDroid with the Auto-Patcher [xda-developers.com] , but

We do not support system.img, Odexed roms or Sense, TouchWiz or other OEM-skinned AOSP at this time.

, so you're probably out of luck.

Re:you read the set of permissions. (1)

Kazymyr (190114) | about a year ago | (#42302983)

Search the play store for an app called "permissions free". It can enable and disable permissions for any app on any ROM as long as you're rooted. I use it extensively.

Re:you read the set of permissions. (1)

davester666 (731373) | about a year ago | (#42303165)

It's because the 'permissions' you grant aren't the ones that a person wants to permit or deny.

They don't want to specify if an app has access to the internet or their contacts. They want to permit sending the contact information over the internet to Google's server, but not anybody else's [as an example].

And nobody has/supports that kind of permission set [yet].

Re:you read the set of permissions. (1)

alostpacket (1972110) | about a year ago | (#42303883)

Can you link to it? I find no app by that name in the Google Play store.

I was curious if it had the same issues and Xedeous and Stericson's apps have (namely, apps not expecting to be denied a permission and thus crashing). One of the ways around this I recall them trying was to feed fake data, but im not sure how well that worked -- I haven't tried them.

Re:you read the set of permissions. (5, Insightful)

Mitreya (579078) | about a year ago | (#42300861)

You install or do not install.

You're thinking of the jungle
In a civilized society, there are laws that may actually protect consumers. This lawsuit is a demonstration of that
They should at least make it easy for you to figure out what they collect and what they may do with this information - and they have not.

Apple and Google made that jungle (0)

Anonymous Coward | about a year ago | (#42301243)

The two fanboi "cult-of-technology" companies.

Imagine that.

Re:you read the set of permissions. (-1, Redundant)

chrylis (262281) | about a year ago | (#42302235)

Oh, wait, you're serious. Let me laugh even harder.

This lawsuit is nothing but more pointless grandstanding by an attorney general. Privacy policies are pointless and may actually be counterproductive; they're written by lawyers for no one and typically simply say "we can do whatever we want with the information we get from you", because the requirement to have a policy doesn't provide any restrictions on what that policy says.

Nevertheless, "for your privacy" is right behind "for the children" and "for your safety" as a rationale to shut down legitimate objections, and surely California doesn't have anything better to do to protect citizens' privacy; after all, it only lost two SSN databases this year!

Re:you read the set of permissions. (1)

Drathos (1092) | about a year ago | (#42302387)

Given that you have to enter all of the information that was listed (except the location) yourself, you know exactly what information it's collecting.

Re:you read the set of permissions. (0)

Anonymous Coward | about a year ago | (#42302939)

You believe that to be true.

A civilized society can take many forms. Caveat emptor has been tried and is flawed. These flaws generally result in a backlash which drive people towards a nanny state. The nanny state is also flawed. It is the flaws in the nanny state which drive people to tear down social safety nets and return to the brutal efficiency of Caveat emptor.

It is a matter of personal preference in which direction government should lean between the two extremes, and it comes as no surprise to anyone which direction this effort by California leans.

California is a large enough market of consumers that the state government feels safe to make absurd demands like a bank robber in control of hostages.

Re:you read the set of permissions. (1)

viperidaenz (2515578) | about a year ago | (#42308585)

It is easy, Last time I installed an app it told me exactly what permissions I need to allow. Like "Your personal information", "Your location", "Your messages" etc...
Each one even has a little description of what it means, like "read contact data, read user defined dictionary"

Re:you read the set of permissions. (1)

gstoddart (321705) | about a year ago | (#42315091)

It's easy to know what it's asking for, it's impossible to have any idea of why a game would need access to my personal contacts, be able to change the state of my wifi, and initiate phone calls.

The vast majority of things I've looked at to download for my Android phone leave me going "WTF do you need that for?". And so far in almost all cases, I've decided I don't need the app bad enough to grant it unlimited permissions.

The problem is the amount of things apps ask for is bordering on the ridiculous. I now download an app, put the phone into airplane mode, and see what happens when I launch it. In a lot of cases, it then gets immediately deleted -- sorry, but there's nothing about this game which can't operate offline, so you're not getting all of those perms.

Sure, we know what they mean, but still no idea of why. I have yet to see an app which doesn't want way more permissions than it really needs to work.

Re:you read the set of permissions. (1)

viperidaenz (2515578) | about a year ago | (#42316729)

I have yet to see an app which doesn't want way more permissions than it really needs to work.

You've misunderstood the purpose of the app. It's not a fun game to play, it's an ad delivery platform. It needs network access to download ads. It needs contact data to spam your friends. It needs call control to access your IMEI number to identify your device. It needs messaging access to analyse your conversations. It needs wifi access to know when you connect to the internet, so it can upload your 'anonymous usage data'.

Why not give it the permissions YOU want to give? (1)

Anonymous Coward | about a year ago | (#42300917)

His point is valid, on my Samsung bada phone I can assign which apps have permission to get the GPS location for example. On my Android phone, I don't get that choice. I either accept it wants the location and give it all the time, or I don't install it. I can't turn off the GPS permission just for that app.

There's some really amazing stinky apps out there too. You wouldn't give your bank account details to a stranger, yet people install messaging apps, and immediately give them the email login. No doubt full of email confirms from their bank, and other details that could be used for phishing attempts on the bank account, or to grab your email account from you.

When I dug into where these apps were developed, I found 3 of the most popular free ones are developed in Russia, Bulgaria, and Israel. It's not difficult to figure out why they're free.

Re:Why not give it the permissions YOU want to giv (1)

somersault (912633) | about a year ago | (#42301003)

I can't turn off the GPS permission just for that app.

You can however leave GPS switched off when using that app. You should have it disabled the majority of the time anyway if you want to conserve power.

Re:Why not give it the permissions YOU want to giv (2)

jopsen (885607) | about a year ago | (#42301091)

I think GP used GPS permission as an example... Why can't I feed apps incorrect GPS data or an empty address book?

Re:Why not give it the permissions YOU want to giv (1)

Anonymous Coward | about a year ago | (#42301913)

You can fake GPS data [google.com] on Android.

Re:Why not give it the permissions YOU want to giv (1)

flyingfsck (986395) | about a year ago | (#42301985)

or better, feed the apps an address book from the Spamhaus Zen list...

Re:Why not give it the permissions YOU want to giv (1)

jopsen (885607) | about a year ago | (#42331591)

or better, feed the apps an address book from the Spamhaus Zen list...

We should make an App for that :)

Re:Why not give it the permissions YOU want to giv (0)

Anonymous Coward | about a year ago | (#42303217)

And what if you need to use GPS for another app at the same time?

Re:you read the set of permissions. (0)

Anonymous Coward | about a year ago | (#42301447)

You install or do not install.

Orwell missed one: Participation is Approval.

Re:you read the set of permissions. (1)

tlhIngan (30335) | about a year ago | (#42305861)

You install or do not install.

You realize that Google has been making it harder to do so, right?

First off, the "install" button is now at the top of the screen. A nice bright blue button on a sea of dark text of the permissions. Where does the user tap? On the button immediately.

The permission list only shows a few of them, then another "More permissions" link to see additional ones.

Plus, you're also competing against dancing pigs [wikipedia.org] . User wants Delta app to do stuff like check in for their flight without lining up, etc. You'll have to be pretty damn convincing to get someone forgo 5 minutes to download and run the app versus lining up 20 minutes at the airport to check in.

tax dollars not at work (0)

Anonymous Coward | about a year ago | (#42300793)

Sad

Nine Years (1)

Anonymous Coward | about a year ago | (#42300803)

California passed this law nine years ago. Everyone had plenty of time to comply. They got warnings. Now they get this.

Because people are stupid (2)

gelfling (6534) | about a year ago | (#42300811)

Like the law that ensures you're told not to smoke on airplanes because few people even have a living memory of that being permitted at all any more.

Remember smoking on airplanes or throwing a virgin child into the volcano is a violation of Federal Law.

Re:Because people are stupid (3, Funny)

Anonymous Coward | about a year ago | (#42300883)

... or throwing a virgin child into the volcano is a violation of Federal Law.

[citation needed]

child volcano? (-1)

Anonymous Coward | about a year ago | (#42301271)

What federal law prohibits throwing virgin children into a volcano?

Perhaps the Clean Air Act or something in the National Environmental Policy Act? Or, the Mann Act if you transported the virgin child from another state (although I think Mann only applies to transport for immoral purposes)? There's no federal laws for generalized crime like robbery and assault, except against federal employees or on federal property. Maybe that's what you were thinking about.. the only active volcanoes in the US are in Hawaii, and in Volcanoes National Park,?

Or, in the usual woolly headed way (it's early) I mistakenly assumed your use of the word Federal meant United States.

Re:child volcano? (1)

DragonWriter (970822) | about a year ago | (#42303161)

Or, the Mann Act if you transported the virgin child from another state (although I think Mann only applies to transport for immoral purposes)?

Under any reasonable standard "to throw the child into a volcano" is an immoral purpose. So, while I think you are correct about the limitation, I don't think it makes the Mann Act inapplicable.

Maybe that's what you were thinking about.. the only active volcanoes in the US are in Hawaii, and in Volcanoes National Park

"Active" volcano has a lot of different definitions, but by any of the usual ones that's not true. See, e.g., this page on USGS volcano monitoring priorities. [usgs.gov]

Re:Because people are stupid (0)

Anonymous Coward | about a year ago | (#42301481)

Clearly memory loss is endemic in the US, I assume you're in the US as you quote Federal Law.

Smoking only started getting banned since 1979, and I certainly remember going on numerous flights in the US in the 80's and 90's with people smoking.

1979: Cigars and Pipes banned on aircraft
1988: Smoking banned on US Domestic flights under 2 hours
1990: Smoking banned on US Domestic flights under 6 hours
1998: Smoking banned on all US Domestic flights
2000: Federal law introduced banning smoking on all flights by US airlines.

So either you and your friends are all very, very young, Alzheimer's or similar has set in or you're talking complete bollocks.

I'm going for the complete bollocks.

Re:Because people are stupid (0)

Anonymous Coward | about a year ago | (#42305295)

Can anyone elaborate a bit on this new law? In-app privacy notice, wtf? I bet if apps pulled from California users, that law wouldn't last long.

Re:Because people are stupid (1)

mjwx (966435) | about a year ago | (#42309619)

or throwing a virgin child into the volcano is a violation of Federal Law.

So throwing a non-virgin child into a volcano is perfectly OK then?

Extraterritoriality in law is strange (3, Interesting)

Cytotoxic (245301) | about a year ago | (#42300833)

I wonder how Delta, a Georgia based company can be subject to California law with respect to online privacy? What about Los Angeles law? Are they subject to that too?

Does Slashdot have to worry about their website complying with Fresno law?

The whole thing just seems a little bit odd. Like when the US goes after foreign-based online gambling companies.

Re:Extraterritoriality in law is strange (4, Interesting)

Anonymous Coward | about a year ago | (#42300895)

It's not strange. The law is very clear. If you place a product in the stream of commerce and it's reasonably expected that a person in Fresno or California then you must comply with the law. If you place an app on Android market you expect the app to be used by people all over the U.S. Therefore comply with California law or make sure you restrict it's use to states other than California.

State laws can have a roll on effect. California is progressive in some environmental legislation. For example, you will find Coca-Cola making changes to it's formula to comply with California and apply it throughout the US. There is absolutely no problem with the way the law is applied in these "Extraterritorial Cases". In fact it protects you and me the customer. If you are a manufacturer in China and you do not expect your product to be sold in US. You also instruct your dealers that the product is only for sale in China with prominent ineffable labeling on your product. Some rouge dealer of yours shipped a container of your product to America. Your will not be subject to the American courts and the court will not have jurisdiction over you.

Conflict of law is a fascinating area. Law isn't really all that bad. Sometimes the economics of delivery makes it bad. In addition, we fail to see law for what it is: a vehicle for changing society.

Re:Extraterritoriality in law is strange (-1)

Anonymous Coward | about a year ago | (#42301433)

So because it's an app ... sharia law?

Re:Extraterritoriality in law is strange (1)

BitterOak (537666) | about a year ago | (#42302595)

Conflict of law is a fascinating area.

Fascinating to those who aren't victimized by such conflicts, I suppose.

Re:Extraterritoriality in law is strange (1)

lgw (121541) | about a year ago | (#42303163)

So you think it's reanable that I can't develop an app myself and put it on the app store without spending hundreds of thousands in legal research on the laws of 50 states and however many cities?

Maybe we should just outlaw all sowftware development done by other than the biggest studios and leave it at that?

Re:Extraterritoriality in law is strange (0)

Anonymous Coward | about a year ago | (#42308891)

There is one big difference. Delta Airlines has a substantial presence in the State of California, mainly they have flights into and out of most of the substantial airports in the State of California. Due to this presence, Delta Airlines is subject to the State of California's laws.

For a small software developer, you only need to worry about the laws of the state you live in and Federal laws. For all intents and purposes you'll simply be a mail-order business. Only larger businesses with substantial presence in multiple states will need to worry about the laws in those multiple states.

Re:Extraterritoriality in law is strange (0)

Anonymous Coward | about a year ago | (#42304345)

The law is very clear. If you place a product in the stream of commerce and it's reasonably expected that a person in Fresno or California then you must comply with the law. If you place an app on Android market you expect the app to be used by people all over the U.S. Therefore comply with California law or make sure you restrict it's use to states other than California.

why does this not apply to online purchases? amazon, newegg, etc. must comply with tax collection laws of all 50 states or they may choose to NOT do business with customers in states they do not collect sales tax for...... it's the same friggin thing.

Re:Extraterritoriality in law is strange (0)

Anonymous Coward | about a year ago | (#42307637)

1. Only a legal professional, or someone else with a conflict of interest with respect to supporting the current enormously and excessively complex legal system, would say that "the law" is clear, let alone "very clear".
2. Similarly, only a legal professional would effectively say that "a product" -- implying any product under any circumstances -- must comply with the laws of any jurisdiction.

Given that legal professionals write, judge, and enforce the laws, it follows that legal professionals as a class within society are in a position of ethical conflict of interest with respect to the nature, scope, and form of the legal system. A complex, confusing, contradictory, and/or excessively broad legal system -- something that the USA certainly has, and that can be reasonably supposed to result from this conflict of interest -- creates long term artificial demand for the services of legal professionals. It also causes enormous problems for society, as these kinds of ethics issues spill over into every area of law.

Forcing people to be aware of the laws of every possible jurisdiction is just another means for legal professionals to artificially increase the demand for the services of their profession.

If standards are needed for the sale of goods within the USA across multiple states, the appropriate thing to do is to create simple, short, and easily understandable laws at the federal level. Anything else can be presumed to involve unethical conduct on the part of legal professionals.

Re:Extraterritoriality in law is strange (1)

rocket rancher (447670) | about a year ago | (#42300915)

I wonder how Delta, a Georgia based company can be subject to California law with respect to online privacy? What about Los Angeles law? Are they subject to that too?

Does Slashdot have to worry about their website complying with Fresno law?

The whole thing just seems a little bit odd. Like when the US goes after foreign-based online gambling companies.

Well, yes, in short, they do. Jurisdiction is co-terminal with the threat. If you find this "odd", I recommend that you run, not walk, to the nearest legal library and read up a bit. Start with the section on international law...

Re:Extraterritoriality in law is strange (1)

Anonymous Coward | about a year ago | (#42300919)

I wonder how Delta, a Georgia based company can be subject to California law with respect to online privacy?

Delta flies in to and out of California. They have hubs and offices there. They may be based out of Georgia, but they operate in California among other jurisdictions.

Re:Extraterritoriality in law is strange (2)

maro6613 (1104525) | about a year ago | (#42300961)

Delta does business in California.

The reason is (more or less) personal jurisdiction [wikipedia.org] . If a company does substantial business in a state, people from that state can sue the company in that state under the laws of that state - no matter where they are based. This is a Good Thing - for example, say hypothetically that a Japanese automanufacturer makes all of their cars in Japan, and simply ships them to the US and sells them. If you a car from them and it explodes, injuring you, you shouldn't have to sue under in Japan under Japanese law.

See also: Article on conflict of laws [wikipedia.org] for a primer on which jurisdictions laws apply when.

Re:Extraterritoriality in law is strange (0)

Anonymous Coward | about a year ago | (#42301225)

They're subject to local laws wherever they operate.

Re:Extraterritoriality in law is strange (-1)

Anonymous Coward | about a year ago | (#42301403)

Shakedown. It's just the new government way to generate revenue. Think of those billion-dollar fines on various companies - never to be heard from again. It disappears into the black hole of bureaucrats' spending. Big governments shake down big companies, middle-sides ones shakedown middle-sized ones.
None of it has anything to do with the well-being of ordinary people, or the nominal transgression either. Both are just the excuses, since you can't straightforwardly admit the intent.
Eventually we will become more honest. We won't change. We'll only admit what goes on, like in Sicily.

Re:Extraterritoriality in law is strange (1)

pete6677 (681676) | about a year ago | (#42301635)

Yep. Like the Foreign Corrupt Practices Act. The only real reason it exists is to shake down U.S. businesses for violating laws in OTHER countries which may or may not even be provable. But most companies find it not worth the effort to fight, and pay the government a few thousand in protection money to leave them alone. Obama loves using this against anti-union companies or those that aren't "green" enough.

Re:Extraterritoriality in law is strange (1)

BitZtream (692029) | about a year ago | (#42301767)

When you do business in a state you are also bound by the laws of that state.

If Delta had no business activities themselves in California, they wouldn't have an issue. Every Delta ticket counter that exists in California makes them subject to the laws of California.

Re:Extraterritoriality in law is strange (1)

Attila Dimedici (1036002) | about a year ago | (#42302813)

Despite what the Anonymous Coward said, it is not because they can reasonably expect a person in California to use it. The reason is that Delta does business in California. They have employees who work there. As a result, they need to comply with California law in any way that their business takes place in California. If they were, for example, to make the app not allow you to book a flight out of California they might be able to avoid complying with this law. I am pretty sure that if this app could not be used to book a flight to or from California Delta would have a good chance of winning based on the argument that they do not use the app to do business in California. Certainly, if they had no offices in California and flew no planes into California, this law would not apply to them, even if you could use the app to book flights on other airlines.

Re:Extraterritoriality in law is strange (1)

DragonWriter (970822) | about a year ago | (#42303173)

I wonder how Delta, a Georgia based company can be subject to California law with respect to online privacy?

Delta has considerable physical business presence in California. Why wouldn't they be subject to California law?

Re:Extraterritoriality in law is strange (1)

stephanruby (542433) | about a year ago | (#42303963)

I wonder how Delta, a Georgia based company can be subject to California law with respect to online privacy?

Delta has hubs and employees in California. It does plenty of business in California, probably far more than they do in Georgia. The location of an HQ means less and less these days.

Thought, I do agree with your main point. Airline travel is so obviously an interstate issue, it should be regulated by the Federal government, not the State.

Re:Extraterritoriality in law is strange (0)

Anonymous Coward | about a year ago | (#42401379)

Delta has hubs and employees in California. It does plenty of business in California, probably far more than they do in Georgia. The location of an HQ means less and less these days.

Somehow I doubt that. Take note of the spider web surrounding Atlanta [delta.com] . Their recent mergers have added a couple of big hubs in the midwest to their massive operation in Atlanta. Judging by the map it's a possibility that Delta does more business in Atlanta in a day than they do in California in a month.

Absurd? No, not really. (5, Interesting)

Anonymous Psychopath (18031) | about a year ago | (#42300877)

Aside from the photos, I can think of a logical reason for each of the other permissions listed.

Name is needed for check-in and boarding pass creation.
Delta will send flight updates via text message, for which a phone number is required. Ditto for email.
Frequent flyer number and PIN code are used to access your Delta account.
Geolocation so it knows which airport you're in.

They should disclose what information they collect as required by law, but the assertion that these permissions are "absurd and disturbing" is ludicrous and obviously the opinion of someone who does not travel often, or is uninterested in utilizing technology tools when they do.

Re:Absurd? No, not really. (0)

Anonymous Coward | about a year ago | (#42301149)

Why not ask the user for all this information as needed, instead of data-mining the phone?

Re:Absurd? No, not really. (1)

Drathos (1092) | about a year ago | (#42302411)

It's not data mining the phone. All of that info (except the geolocation) is input by the user.

Re:Absurd? No, not really. (3, Insightful)

dochin (1044440) | about a year ago | (#42301167)

You're right on the money. There used to be a feature of the app that allowed you to take a geotagged picture of your car in the parking lot so you could find it later. It's not unreasonable to think that permission was left in after the feature was removed either by mistake or some technical issue with the App Store/iOS apps in general. At least it doesn't spy on my contacts and text messages like many other free apps. I do wish iOS App Store had a feature similar to the google store for android that shows exactly what permissions an app wants when I install it. Even better would be to allow user control over individual permissions.

Re:Absurd? No, not really. (0)

Anonymous Coward | about a year ago | (#42301705)

Even with a logical reason, the user should still know that the data is being transmitted and/or collected. The user should have some ability to choose something in-between "broadcast all information to anyone who has a logical reason" and "never use technology." At least that's what the state of California is trying to establish here - I suppose whether that choice did/does/will exist is the matter in question.

Re:Absurd? No, not really. (1)

stephanruby (542433) | about a year ago | (#42304187)

Aside from the photos...

Looking at the screenshots of their app on the Google Play Store. It looks like they might be doing something with QR codes. Most likely, scanning QR codes requires access to the camera, hence the "Hardware Controls: take pictures and videos" permission.

It also does require "Storage: modify or delete the contents of your USB storage modify or delete the contents of your SD card" permission, which I'm less sure about. May be that one is a frivolous permission. In any case, I doubt very much that Delta is perusing all the travel pictures I have on my phone.

Re:Absurd? No, not really. (1)

Neelix21 (143043) | about a year ago | (#42306469)

Aside from the photos...

Looking at the screenshots of their app on the Google Play Store. It looks like they might be doing something with QR codes. Most likely, scanning QR codes requires access to the camera, hence the "Hardware Controls: take pictures and videos" permission.

They have a feature to take a picture of your luggage tag so that you can track it while travelling. Not quite QR codes, but similar.

Leave it to the Californiatards... (-1)

Anonymous Coward | about a year ago | (#42300889)

....to bitch and whine.

Don't want to give up personal info? Don't do anything that requires it. The PERSON is in control. Period. If they choose to give up info, they assume the risks.

First telling people they can't get happy meals...
Then telling people they can't circumcise their sons...

Can't wait for the whole state to fall into the ocean. Will reduce the number of illegals in our country by a lot, get rid of a fiscally, totally, broken state, and get rid of all these hippies.

Kind of silly (4, Insightful)

Emperor Shaddam IV (199709) | about a year ago | (#42301019)

I have this app on my iPhone. You can use it as a guest, but really its for frequent flyers that already have Delta sky miles accounts. The majority of people using this app have already provided most of the mentioned personal information, if not more because they have a SkyMiles Account and they have bought plane tickets. So this lawsuit is kind of silly in my opinion.

Re:Kind of silly (1)

Emperor Shaddam IV (199709) | about a year ago | (#42301059)

One other point. Cities are going bankrupt in California and they just had to raise taxes to help met a budget shortfall. Shouldn't the State of California focus on solving its internal problems managing money, instead of going after airlines because they write apps that ask for your personal information to HELP you keep track of the flights you are on? What a mis-directed use of state government time and resources this is.

Re:Kind of silly (1)

Thiez (1281866) | about a year ago | (#42301165)

> going after airlines because they write apps that ask for your personal information to HELP you keep track of the flights you are on?

Won't somebody think of the poor airlines that require access to your pictures to keep track of your flights? They're just trying to HELP you! Why is California being such a meany! :'(

Re:Kind of silly (0)

Anonymous Coward | about a year ago | (#42301211)

Oh, they require it? I wasn't aware that anyone was forced to use this app.

Re:Kind of silly (1)

Emperor Shaddam IV (199709) | about a year ago | (#42301769)

They never required a picture from me to board a plane or nor have I ever had to use this app if I didn't want to. And I have flown delta more than 100 times in the last 10 years. The app isn't a requirement to board a flight or purchase a ticket. Much ado about nothing.

Re:Kind of silly (0)

Anonymous Coward | about a year ago | (#42301501)

The biggest internal problem California has with managing money is a bunch of conservative crackpots and their screwball but well funded anti tax propositions that go back to the 70s. They make it impossible to change tax rates, such as, I believe, a law that says 2/3 of their legislature must approv of any revenue hikes. California might be a largely Democratic state, but it is also a huge state and getting 1/3 of the legislature to be cranky right wing obstructionists isn't all that hard a goal. So the rich pay little, regressive things like sales taxes and fees go up, and the poor pay more percentage wise than the rich and, especially, businesses.

It's the same model playing out nationally now, but it's been going on for decades there. The result is predictable, and it was no accident. It's just another failed set of economic policies brought to you by the "government doesn't work, so put us in charge and we'll totally break it for you" crowd that started with Reagan and has been going downhill ever since. Kind of like the rest of the US after Reagan, actually.

Re:Kind of silly (1)

pete6677 (681676) | about a year ago | (#42301667)

California officials have no desire to confront their fiscal problems. They would rather add to them by doing things such as building high-speed rail to nowhere and a football stadium in LA for a team they don't have using money they don't have. But it keeps the unions happy, which keeps Democrat politicians elected. That is how California (and Illinois) work in a nutshell.

Re:Kind of silly (1)

DragonWriter (970822) | about a year ago | (#42303275)

California officials have no desire to confront their fiscal problems.

Uh, well, except that they just presented a plan to voters that pretty much completely solves the fiscal problems for the foreseeable future, and the voters passed it.

They would rather add to them by doing things such as building high-speed rail to nowhere

The termini of the proposed high speed rail systems are the most populous areas of the state (and the project also includes upgrades for existing conventional intercity and commuter rail systems.) Its hardly "to nowhere".

and a football stadium in LA for a team they don't have using money they don't have.

State officials aren't building a stadium in LA, and the people that have expressed interest in doing that aren't building anything until a team agrees to come, so this one is doubly wrong.

Re:Kind of silly (1)

DragonWriter (970822) | about a year ago | (#42303221)

Cities are going bankrupt in California and they just had to raise taxes to help met a budget shortfall. Shouldn't the State of California focus on solving its internal problems managing money

Cities are separate governments from the State, and, as you note, the State already largely addressed its budget shortfall, because in a surprising outbreak of common sense, voters voted to raise taxes to pay for the services they've demanded. There's still a small projected deficit under current policy for the next fiscal year, and then projected surpluses for the foreseeable future.

Re:Kind of silly (2)

wickerprints (1094741) | about a year ago | (#42301697)

Silly? I don't think it's silly at all. It's a perfectly reasonable lawsuit, one that is likely to succeed.

Something that needs to be pointed out here is that the CA online privacy law is really NOT that onerous. It's not setting some insanely high bar for developers and companies to pass--as it applies to this case, it is simply requiring that users be notified upon installation of what information may be collected through the app and how it might be used. It's not as if that law even has any real teeth with respect to getting developers to protect the data they collect, as far too many people ignore privacy policies and just automatically click "Accept," because as sites like Facebook prove, most users are willing to sacrifice their privacy to a significant degree in order to obtain some entertainment or convenience.

So again, it's not that big a hurdle to simply ask for a privacy policy. The fact that Delta didn't even bother to do that makes me think twice about how conscientious they may be about protecting all that data they DO collect, and that is a much more serious concern.

Re:Kind of silly (1)

Emperor Shaddam IV (199709) | about a year ago | (#42301785)

Like I said in my original post most if not all of the people using this app have already provided a lot of personal information to Delta. Seriously, you need a sky miles ID to log in and do most things, so most users of this app are just tying back to a Sky miles account with information that has already been provided. So they aren't really "collecting" any data that they don't already have.

Re:Kind of silly (1)

wickerprints (1094741) | about a year ago | (#42302069)

You're typing and typing but you're not actually listening--typical behavior for someone doesn't want to actually think about the issue.

The whole point of having a privacy policy is that people can see that Delta is at least meeting their obligations to inform its customers. It's not about what Delta already has on them. It's about showing some basic, minimum level of responsibility--and they apparently can't even do that. It's NOT hard for them to do, and it IS the law.

And if you haven't noticed, the lack of a privacy policy does mean that Delta could technically store all your photos taken with your phone through their app, and potentially use them for marketing purposes--your consent having been implicitly given as part of your usage of the application. That isn't something that SkyMiles customers would or *should* be expected to know, nor is it information that Delta already has.

Re:Kind of silly (1)

chrylis (262281) | about a year ago | (#42302281)

The whole point of having a privacy policy is that people can see that Delta is at least meeting their obligations to inform its customers. It's not about what Delta already has on them. It's about showing some basic, minimum level of responsibility--and they apparently can't even do that. It's NOT hard for them to do, and it IS the law.

And if you haven't noticed, the lack of a privacy policy does mean that Delta could technically store all your photos taken with your phone through their app, and potentially use them for marketing purposes--your consent having been implicitly given as part of your usage of the application. That isn't something that SkyMiles customers would or *should* be expected to know, nor is it information that Delta already has.

Spoken like someone who assumes that a government official should be taken on faith. In the real world, having a privacy policy means having several pages of fine-print legalese that basically means "we get whatever information we can on you and do whatever we want with it". The (existing but pointless) legal requirement to have a privacy policy says absolutely nothing about the contents of that policy, which could entirely legally read "Delta can use any of your photos for marketing purposes", and chances are no one would ever read that far.

Why is this news? (2)

drjoeward (1366975) | about a year ago | (#42301027)

I agree you read the permissions and decide to install or not. putting a sandbox around the app? sure, but then more people will complain about broken apps and support will be even more difficult. i could list lots of examples where people set a control and forget they did, and then complain that something is broken, when it is in fact their fault its broken.

now what i want to know is why this is news on /. Calif. did this on Dec 6, and delta updated their app on Dec 7 (http://www.androidcentral.com/delta-updates-their-app-privacy-policy-california-safe-again) so why is this a current news item for us?

im a man but, (-1)

Anonymous Coward | about a year ago | (#42301043)

think if it was a woman that was HAVING HER GENITALS CUT IN HALF at such a young age , with no way to make the decision themself. there would be an outrage
why is it different because i am male?

There is one smartphone that lets you do this... (5, Informative)

i68040 (2795827) | about a year ago | (#42301349)

That is one advantage to using a BlackBerry: you can pick which permissions you want an app to have.

Re:There is one smartphone that lets you do this.. (3, Insightful)

avm (660) | about a year ago | (#42301421)

This is one area where the Blackberry OS has very soundly beaten every other mobile OS I'm aware of. Any OS even remotely considering corporate/enterprise usage really ought to have this sort of ACL for apps.

But, they don't.

Re:There is one smartphone that lets you do this.. (0)

Anonymous Coward | about a year ago | (#42303181)

J2ME phones can do this.

Re:There is one smartphone that lets you do this.. (0)

Anonymous Coward | about a year ago | (#42304471)

J2ME phones have the highest app security of any platform. If there are no apps for it, there is no way for information to be input much less leaked.

Marketing! (1)

Matt.Battey (1741550) | about a year ago | (#42301473)

It's because the apps are paid for with marketing money instead of operations money. Businesses don't feel the need to offer you better service unless you pay them for it. Here you are selling your PPI in return for the ability to see when you flight is arriving. A little off base in my book.

Re:Marketing! (0)

Anonymous Coward | about a year ago | (#42301711)

Right, because the airline doesn't already have the name, phone number, and frequent flyer number of its own customers. Oh wait.

UMM well on android... (0)

Anonymous Coward | about a year ago | (#42301621)

You actually can control what permissions an App has on Android phones. At least ones that are unlocked/rooted. I don't remember offhand the name of the app, maybe appjail? or something like that... all the phones apps are shown in a list, clicking on the app brings up all of it's permissions and a checkbox to enable or disable them. Sometimes changing things might just crash the app, or stop it from working at all, but it does show you can indeed control what things on your phone do.

I see some people commenting on how Blackberry(ROFL) beats everyone else in protecting against this? No Idea personally, I despise Blackberry phones. (nothing against blackberry, I just think their phones are crap). A lot of people seem to completely forget that Android is a Linux based distro(well distro'ish? that work?) What I mean by that, is it uses UNIX file permissions for file access (aside from normal phone permissions as in the article), but depending on what files you want to secure, you can change the file permissions to prevent access, or modification of whatever you want.

Developer and Lawyer Partnership Time! (0)

Anonymous Coward | about a year ago | (#42301715)

"Why is it we still can't control what permissions an app has on our phones?"
When the fines exceed the cost of developing this feature, it will exist. It doesn't exist now because there was no reason to build it.

"It's absurd and disturbing that an app for checking flights and baggage demands all of those permissions."
No, it's lazy grab-everything, and there was no reason in the past not to snag all of these things. Now there is a reason.

Photographs (1)

number17 (952777) | about a year ago | (#42301725)

The photos on your phone aren't personal information but they are copyrighted material. Are they copying the photos are the metadata?

Why You Cannot Control Your Phone (0)

Anonymous Coward | about a year ago | (#42301727)

The answer to this question should be painfully obvious. You didn't pay for the phone, it was subsidized, and even if you did you're using it on their network. When it comes to phones in general and especially smartphones, you're the product that's being sold to anyone willing to pay even a penny for every last scrap of personal information they can possibly glean from it. That's why you should never provide real identities in these cases, but rather use aliases and other fake information. Now, thanks to the laws in some states that now allow bank accounts to be opened without Social Security numbers, it's even easier to set up an alter ego complete with credit cards and mail drops. The Mexican Matrícula Consular [wikipedia.org] is especially easy to fake and is accepted for these purposes by many institutions in the aforementioned states.

Run a good ROM (1)

bartoku (922448) | about a year ago | (#42301877)

Why is it we still can't control what permissions an app has on our phones? It's absurd and disturbing that an app for checking flights and baggage demands all of those permissions.

If you are not running CyanogenMOD then it is your own fault for installing 3rd party apps that cannot be trusted.

More nanny state BS (0)

Anonymous Coward | about a year ago | (#42302775)

The fact that Delta respects our privacy and has a company-wide policy means nothing to the anti-business liberals. They only care that the company hasn't wasted money to make a mobile-specific policy. There are no accusations of abuse, only the accusation that they haven't followed some ridiculous bureaucratic requirement.

We have control; just implement it (0)

Anonymous Coward | about a year ago | (#42303121)

http://research.microsoft.com/pubs/149596/AppFence.pdf

Linked: Paper for Android OS retrofit from Microsoft Research and Univ of Washington that makes the app think you've given it full permissions, then substitutes junk data when the app requests information you don't want to give.

Umm - TSA Preemption (0)

Anonymous Coward | about a year ago | (#42303863)

Most of the information collected is exempt from disclosure under the TSA Rules. I suspect this will be dismissed shortly.

Agreed (0)

Anonymous Coward | about a year ago | (#42304957)

Why is it we still can't control what permissions an app has on our phones?

I agree, while I can see a stopwatch app needed the ability to prevent the device from sleeping, why does it need to be able to access the internet and send premium SMS messages? The user should be able to "turn off" any permissions he doesn't think a particular app should have, even more so if he paid money for it.

Cheers (0)

Anonymous Coward | about a year ago | (#42305757)

Cut the 'Nuts' of Delta's CEO.

That one act will get a lot of synergy going.

Then round up the CEO, CFO, CTO, COB and B and have a very merry St. Valentines Day Massacre.

None of them will be missed.

No More Tears.

Or just get an iPhone... (0)

Anonymous Coward | about a year ago | (#42305859)

Last I checked, GPS and photos needed user permission on an iPhone and the rest of the information you have o niter. Yet bother reason why I won't switch to android.

As for the lawsuit, it's more ridiculous California craziness being imposed on others.

Re:Or just get an iPhone... (0)

Anonymous Coward | about a year ago | (#42305865)

::face palm:: as I screw up typing on my iPad... "O niter" should read "to enter"

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...