On September 5, 2012, the FTC released non-binding guidance for mobile app developers intended to help them navigate privacy and truth-in-advertising principles as they develop and market apps. The guidance provides an overview of existing laws and FTC policy, and includes a number of “general guidelines” that mobile app developers should consider:
- Tell the Truth About What Your App Can Do.
- Disclose Key Information Clearly and Conspicuously.
- Build Privacy Considerations in From the Start.
- Offer Choices that are Easy to Find and Easy to Use.
- Honor Your Privacy Promises.
- Protect Kids’ Privacy.
- Collect Sensitive Information Only with Consent.
- Keep User Data Secure.
Illustrating each guideline, the FTC notes it has taken action against companies that made medical claims for apps that were not scientifically supported, or that made broad statements about privacy practices, but did not disclose the extent to which they collected information. The FTC recognizes that the guidelines are not a “one-size-fits-all approach” because every app is different, but that there are general guidelines that every mobile app developer should consider.
The FTC also specifically rebuts any notion that small developers can escape notice under the privacy and truth-in-advertising laws. Being a small company that hasn’t made any money yet is “(a)ll the more reason to build compliance in from the start.”