This post was also written by Joshua B. Marker and Tyler M. Layton.
In a significant victory, Delta Airlines’ demurrer to the enforcement action filed by the state of California was sustained without leave to amend. We previously wrote about the case here. California alleged that Delta’s mobile application was in violation of CalOPPA because its privacy policy was not reasonably available within the application itself, and because the privacy policy on the Delta website did not accurately describe the information-collection practices of the mobile application.
Judge Marla Miller of San Francisco Superior Court sided with Delta and sustained its demurrer to the complaint without leave to amend. Despite the defense win, however, the decision provides little guidance regarding CalOPPA and its remedies, because the court did not address the substance of the statute. Rather, the court found that the claims against Delta were entirely preempted by the Airline Deregulation Act, which preempts any state “law, regulation, or other provision having the force and effect of law related to a price, route, or service of an air carrier.” The court declined to rule on the arguments pertaining to the substantive reach of CalOPPA.
In short, the precedential value of this decision outside of the airline industry is up in the air. While the decision may set the groundwork for preemption arguments that can be made in other federally regulated industries, the decision itself provides little guidance on CalOPPA specifically. With the potential for hefty statutory penalties, CalOPPA is still a privacy statute that requires careful consideration with regard to every company’s mobile applications.