Last week, the Federal Trade Commission (“FTC”) published a short guide for mobile app developers and entrepreneurs with suggestions on how to comply with basic truth-in-advertising and privacy principles. The guide is entitled “Marketing Your Mobile App: Get It Right From the Start” and includes many useful tips.
For advertising, the FTC advises that app developers must “tell the truth about what your app can do.” The guide notes that truth-in-advertising laws and regulations apply with equal force to apps, and that app developers must tell the truth and avoid false and misleading claims about an app’s features. Furthermore, the FTC notes that app developers must have “solid proof” – in legal terms, “competent and reliable evidence” — to support any objective claims they make about their app. Where those claims relate to health, safety, and performance, the developer must have competent and reliable scientific evidence to support the claim. In addition, the FTC notes that app developers must make clear and conspicuous disclosures of information relevant to their app, and avoid burying important terms and conditions or couching them in unintelligible legalese.
In terms of privacy, the FTC recommends app developers practice “privacy by design,” which includes making privacy protections part of their standard practice and limiting the collection of private information to the greatest extent possible. Where an app does collect private information, the developer must take reasonable steps to ensure that data is secure. In addition, developers should design their apps such that users are aware when they are collecting private data, and consent to any collection that is not obvious or that implicates particularly sensitive information (such as medical or financial information). Relatedly, users should be able to easily opt-out of sharing information they want to keep private, and those controls and options should be a clear and conspicuous feature of the app. Of course, app developers should be transparent about their privacy practices, including disclosing what data is collected, why, and with whom it is shared. The FTC also advises that app developers should honor the promises they make to users about their privacy – and be aware that those promises come in many forms.
Finally, kids’ privacy is a special concern. The FTC notes that the Children’s Online Privacy Protection Act (COPPA), and the FTC’s COPPA rule, mandate additional rules where an app is designed for children or collects personal information from kids. One of those rules, for example, insists on parental consent before obtaining information from kids in many circumstances. More information about COPPA and compliance with that law is available on the FTC website.