The Federal Trade Commission (“FTC”) stated earlier this year in its final privacy report that it is going to focus legal enforcement efforts on privacy and data security law compliance in the mobile space. As a part of this enforcement initiative, the FTC recently published additional guidelines called “Marketing Your Mobile App: Get it Right From the Start“ to help app developers comply with applicable privacy and marketing laws. The guidelines recommend that mobile app developers do the following:
1. Tell the Truth About What your App Can Do – If you make a claim that your app can do something (whether it be on the app, a website or elsewhere), you must have the proof to back up your claim.
2. Disclose Key Information Clearly and Conspicuously – Create clear and prominent privacy notices that users can easily view and understand.
3. Build Privacy Considerations in from the Start – Create app default settings that limit the information you collect, securely store the information you must store and securely dispose of the information you no longer need. Get opt-in consent for collecting information that users would not intuitively expect you to collect.
4. Be Transparent About your Data Practices – Clearly explain in your privacy notice what information your app collects and how you use and disclose this information
5. Offer Choices that are Easy to Find and Easy to Use – Build clear and conspicuous privacy settings, opt-outs and other user controls into your app that permit consumers to control how you collect, use and disclose their information.
6. Honor Your Privacy Promises – Live up to the promises in your privacy notice and on your app, and obtain consumer’s opt-in consent to any material changes you make to your privacy notice.
7. Protect Kids’ Privacy – If your app is designed for children, or if you knowingly collect personal information from children under 13, you may need to comply with the Children’s On-Line Privacy Protection Act.
8. Collect Sensitive Information only with Consent – Get opt-in consent from users before collecting any sensitive personal information (including without limitation, financial, medical, religious or certain precise geo-location information.)
9. Keep User Data Secure – Take reasonable precautions to keep data secure, including without limitation the following: (a) collect only the information you need; (b) secure the data you keep; (c) limit data access to a need-to-know basis; and (d) securely dispose of data you no longer need. And, make sure your contractors adhere to these same standards.
If you have any questions about how to comply with these FTC recommendations, please contact Helen Christakos at firstname.lastname@example.org.
Also of Interest
- Bloomberg Business: Moriarty Returns for “Taking Stock” ETFs & Bitcoin Podcast September 22, 2016 • Media Mentions
- On the Road to a Safe and Secure Internet of Things: What Companies Should Do September 19, 2016 • Articles
- O’Keefe Featured in the Daily Journal on the 2016 Proxy Season September 15, 2016 • Media Mentions
- Pro Bono Team Advances CodeEd’s Comp Sci Efforts for Coeds September 14, 2016 • Client Successes
- SEC Proposes Exhibit Hyperlink Requirements September 8, 2016 • Client Alerts
- Consumer Products: Adapting to Innovation Fall 2016 • Reports / Newsletters
- ILS and Zinsser Analytic Shareholders Sell to Gardner Denver Medical September 2, 2016 • Client Successes
- Kaye Scholer Secures Dismissal of Merger-Related Class Action Against Baltic Trading September 1, 2016 • Client Successes
- Kaye Scholer Advises Veracen on Merger of Equals with Turner Investments August 31, 2016 • Client Successes