FTC Issues Guidelines on Mobile App MakersWritten by Richard Newman
September 15, 2012 # 8:41 am # Legal Challenges, Specials # 3 Comments
On September 5, the Federal Trade Commission published a guide intended to assist mobile application developers comply with truth-in-advertising and basic privacy principles when creating and marketing mobile apps for smartphones and tablet computers.
General guidelines that all app developers should consider and discuss with a marketing and advertising law attorney include:
1. Telling the truth about what the app can and will do. You become an advertiser once you begin to distribute your app. False, misleading and/or unsubstantiated claims that are not backed by competent and reliable scientific evidence can result in consumer complaints and regulatory headaches. As with any advertisement, it must be assessed from the perspective of a reasonable consumer – the overall net impression.
2. Disclosing material information in a clear and conspicuous fashion. Disclosures, including all material limitations, exclusions and conditions must be clear and conspicuous, and made in close proximity to the primary message. Consumers should actually be able to notice and understand them. Do not bury material terms and conditions in dense language or grayed out font.
3. Building privacy considerations into the app, from the start. The Commission refers to the principle as “privacy by design.” Incorporate privacy protections into your practices. Reasonably limit the information you collect and store it, securely. Dispose of what you no longer require. These principles should be implemented when designing the default settings for your app. Express consent and transparency is required for any data collection or sharing practices. Explain what information your app collects from users or their devices and what you do with their data.
4. Providing meaningful choices that are simple to locate and use. Consumers should be provided clear, conspicuous and easy to use tools that offer clear choices in how to use the app. This includes without limitation, privacy settings, opt- outs, or methods by which consumers can control how their personal information is collected and shared. Always honor the choices that consumers have made.
6. Safeguarding the privacy of children. If your app is designed for children or if you are collecting personal information from children, there are additional requirements pursuant to the Children’s Online Privacy Protection Act (COPPA) and the FTC’s COPPA Rule. Pursuant to COPPA, any operator whose app is directed to children under the age of thirteen or who has actual knowledge that a user is under thirteen years of age must clearly explain its information practices and obtain parental consent prior to collecting personal information from children. App operators also must keep personal information collected from children confidential and secure.
7. Obtaining express, affirmative consent prior to collecting sensitive information. It is crucial to obtain express, affirmative consent prior to collecting any sensitive data, such as medical, financial, or geo-location information. Never imply consent.
8. Safely securing user data. You are obligated to take reasonable precautions to maintain sensitive data in a secure fashion. If you do not have a specific need for the information, do not collect it in the first place. So, collect only what you require. Secure the data you maintain by implanting reasonable precautions against security risks. Limit access and safely dispose of data that is no longer reasonably required.
Information conveyed in this interview/article is provided for information purposes only and does not constitute, nor should it be relied upon as legal advice. This information is not intended to substitute for obtaining legal advice from an attorney. No person should act or rely on any information in this article without seeking the advice of an attorney.