The Federal Trade Commission (FTC) added some clarity to the law of privacy in mobile apps last week, when it published a guide titled “Marketing Your Mobile App: Get It Right from the Start.” Since the FTC’s enforcement power over online privacy comes primarily from the ambiguous “unfair or deceptive acts or practices” clause in § 5(a) of the FTC Act, any guidance on what the FTC considers “unfair or deceptive” should not be ignored. The guide stresses that mobile app developers should design their apps from the ground up with privacy in mind.
The FTC included seven guidelines regarding privacy:
- Build privacy considerations in from the start.
- Be transparent about your data practices.
- Offer choices that are easy to find and easy to use.
- Honor your privacy promises to consumers by following your own privacy policy, and obtaining affirmative consent if the privacy policy materially changes.
- Protect children’s privacy.
- Collect sensitive information only with consent.
- Keep user data secure by: (1) collecting only the information you need; (2) securing the data you keep by taking reasonable precautions against well-known security risks; (3) limiting access to a need-to-know basis; and (3) safely disposing of data when you no longer need it.
The FTC also included two guidelines regarding truth in advertising:
- Tell the truth about what your app can do. For example, any advertising about your app cannot be false or misleading, and objective claims must be backed up by evidence.
- Disclose key information clearly and conspicuously. For example, important terms should not be buried in licensing agreements, or behind vague hyperlinks. Key disclosures should be made up front.
For more detail on the FTC’s new guidelines, click here.
