If You are A Mobile App Developer, Get it Right from the Start, Please!

September 9, 2012

By Carmelina G. Allis

If you are a mobile app developer, be sure to review the FTC’s newly published guidelines on truth-in-advertising and privacy principles, “Marketing Your Mobile App, Get it Right from the Start.”  They apply to you, whether you are a start-up app developer or an established business.

The FTC wants you to tell the truth about anything that your app can do, whether it relates to implied or express statements, or whether these are claims that you make on a website, in an app store, or within the app itself.  The guidelines suggest that app developers follow these “truth-in-advertising” practices:

  • Objective claims made in or about your app must be supported by “competent and reliable evidence.”  For example, if you say your app provides a health benefit, you may need competent and reliable “scientific” evidence to support that benefit claim.  The FTC reminds us about the agency’s enforcement action against a developer claiming that its app could treat acne.  The FTC found that the app developer lacked the proper scientific evidence to back up its acne treatment claim (see here).  Of course, applying this standard to specific facts can be tricky.
  • Information disclosures must be “clear and conspicuous.”  That is, any disclosure must be stated clearly enough so that users can notice and understand them.  The FTC suggests that app developers not bury important terms and conditions in long licensing agreements or legalistic statements, or behind vague hyperlinks.

Privacy Protection Principles.  The FTC also reminds mobile app developers that they should incorporate into their app privacy protections, which include limiting the information collected, securely storing information, and safely disposing of information.  And the FTC recommends that these practices be implemented from the start of the app development process.

For example, the guidelines suggest that you:

  • Design your app such that users are not “unwittingly disclosing information” that they did not mean to share with you.  Get the user’s express agreement on the collection or sharing of personal information.
  • Disclose what type of information your app collects from users or their devices and what you will do with that data.
  • Offer privacy settings, opt-outs, and other ways that can be used to control the type of personal information collected and how it is used.
  • Honor your privacy promises – think about what your privacy policy and settings offer, and live up to those promises!
  • Protect kids’ privacy if your app is designed for children.  You may be subject to the requirements under the Children’s Online Privacy Protection Act (COPPA) and the FTC’s COPPA Rule – see here.
  • Collect users’ medical, financial, or sensitive information only with their consent – obtain an “affirmative OK” before you collect it.
  • Keep sensitive data and information secure.  For example, take reasonable precautions against well-known security risks, limit access to that information, and safely dispose of it when no longer needed.