DATA BREACH LAWSUIT AGAINST DELTA TESTS AIRLINE PRIVACY POLICIES
June 25, 2019
A proposed consumer class action lawsuit in California federal court is testing the ability of passengers to receive a remedy for breaches of their personal data when those data are held by an airline. The case of McGarry v. Delta Air Lines, Inc. arises from a major breach of Delta Air Lines’ customer data that occurred in 2017. The lawsuit alleges that Delta created a misleading perception among consumers that its data protection policies were adequate, while in fact not providing sufficient security, and also that Delta failed to inform victims of the hack in a timely fashion once their information had been compromised.
On May 13, 2019, as part of preliminary litigation, Delta moved to dismiss the complaint. The carrier argued that its “Privacy Policy” does not form a contract which can be enforced by a passenger against the company despite the fact that, as part of the purchase process, passengers were directed to review the company’s privacy policy. Delta also argued that the state law causes of action alleged by plaintiffs were pre-empted by federal law under the Airline Deregulation Act. The California court’s decision on these issues will impact whether the suit proceeds toward class certification, and in turn should develop the law around passenger remedies for airline data breaches in California and across the country.
If you have any questions, please contact Evelyn Sahr (esahr@eckertseamans.com or 202-659-6622); Drew Derco (dderco@eckertseamans.com or 202-659-6665), or Alexander Matthews (amatthews@eckertseamans.com or 202-659-6633).
Share This Post
Authors
