The Federal Trade Commission (FTC or Commission) recently published a guide, Marketing your Mobile App: Get it Right From the Start, to help mobile app developers understand FTC advertising and privacy rules. The publication follows agency actions against two mobile app developers regarding information collection and product claims. In one such agency action, an app developer paid $50,000 to settle FTC charges that it failed to require parental notice and consent before collecting and disclosing children’s personal information.  A second developer settled with the Commission after claiming without proper substantiation that its mobile app treated acne. Advertising claims and privacy issues both have special importance for digital health and mobile health developers because of heightened advertising and privacy concerns for products that make health or safety claims or collect medical information.

For marketing and advertising, the FTC focuses on the truthfulness of claims and proper disclosure of the information. Specifically, in advertising their product, app developers should have solid proof of objective claims about what the app can do. The FTC advises additional caution when marketing apps that have health or safety benefits. Such claims may require what the FTC calls competent and reliable scientific evidence. Precisely what constitutes competent and reliable scientific evidence has been subject to some interpretation. In the past, the FTC defined acceptable scientific evidence as "tests, analyses, research, studies, or other evidence based upon the expertise of professionals in the relevant area, that has been conducted and evaluated in an objective manner by persons qualified to do so, using procedures generally accepted in the profession to yield accurate and reliable results” [Brakeguard Products, Inc., 125 F.T.C. 138 (1998)]. For most companies, including app developers, this may mean referencing existing scientific data or studies to substantiate claims about health or safety benefits of a product.

In addition to the content of claims, the FTC established a “clear and conspicuous” standard that seeks to ensure key information is plainly disclosed. While the law does not generally dictate font size or text type, the FTC has taken action against companies who have put key terms behind vague hyperlinks or in long blocks of legal text. Generally the FTC recommends disclosures that are big enough for consumers to read, presented in a way that is easy to understand, and placed close to the claim that the disclosure qualifies.

For privacy issues, the FTC recommends mobile products incorporate privacy by design, provide transparency about data practices and offer choices about data collection that is easy for the consumer to find and use. Privacy by design means securely storing user data, limiting the information collected and disposing of unneeded information. Transparency means explaining what information is collected, how it will be used and if the information will be shared with others. Developers frequently disclose such information through a privacy policy link in the application.

In addition existing law provides special protections for health or financial data or information provided by children. Under the Children’s Online Privacy Act (COPA), apps directed at children under age 13 or with actual knowledge that a user is under age 13 must explain their information practices and get parental consent before collecting such information. Additionally, the FTC advises getting consumer’s affirmative approval before collecting sensitive information like medical data or financial information. Digital health and mobile health app developers who collect medical information should also be aware of existing state and other federal laws regarding the collection and sharing of users’ data.

The recent settlements by two app developers and the FTC’s publication of these guidelines signal that the Commission will enforce advertising and privacy regulations on app developers regardless of size or level of development. They also represent an increased interest in mobile applications from national policymakers. Given the more rigorous standards for healthcare advertising and medical privacy, digital health and mobile health companies should pay close attention to these guidelines while developing and marketing their products.