Attorney General Kamala D. Harris has taken the first legal action under California’s online privacy law against Delta Airlines. The complaint alleges that Delta Airlines failed to comply with the California Online Privacy Protection Act.

A month ago, Delta was one of the companies sent a letter by the Attorney General’s office that gives them 30 days to conspicuously post a privacy policy within their mobile app that informs users of what personally identifiable information is being collected and whether it will be used by Delta or given to third parties.

“Losing your personal privacy should not be the cost of using mobile apps, but all too often it is,” said Attorney General Harris in a statement. “California law is clear that mobile apps collecting personal information need privacy policies, and that the users of those apps deserve to know what is being done with their personal information.”

According to the complaint, the Fly Delta app collects personally identifiable information about individuals who use the app, including GPS data, Delta SkyMiles account number and flight information, passport number, and credit card number and expiration date.

The complaint also notes that the Los Angeles Times and other media outlets reported on Oct 30 that Delta released a statement that they had received the letter and intend to post the information requested, but Delta has not yet done so.

Harris made an agreement with the seven leading mobile and social app platforms to improve privacy protection. The agreement allows consumers to view the privacy policy before downloading the app and gives a consistent location on which to find it.

The lawsuit seeks to enjoin Delta from distributing its app with penalties of up to $2,500 for each violation. The lawsuit was filed in the San Francisco Superior Court.

Created by Attorney General Harris this year, the Department of Justice Privacy Enforcement and Protection Unit enforce the California Online Privacy Protection Act of 2004.