The Federal Trade Commission has published a guide to help mobile app developers comply with truth-in-advertising standards and basic privacy principles when marketing new mobile apps. The guidance is intended for all mobile app developers - large companies as well as tiny startups and individuals. Stating that there is no one-size-fits-all approach and that every app is different, the Commission provided some general guidelines that all app developers should consider:
Tell the Truth About What Your App Can Do. "Whether it's what you say on a website, in an app store, or within the app itself, you have to tell the truth," the publication advises. False or misleading claims, as well as the omission of certain important information, may violate state or federal laws. Objective claims about an app require substantiation, and claims related to health, safety, or performance typically require competent and reliable scientific evidence. In 2011 the FTC announced a settlement with mobile app developers that claimed their apps could treat acne with colored lights emitted from smartphones or mobile devices. The FTC alleged that these claims were not substantiated.
Disclose Key Information Clearly and Conspicuously. Disclosures should be big enough and clear enough so users actually notice them and understand what they say. Generally, the law doesn't dictate a specific font or type size, but the FTC has taken action against companies that have buried important terms and conditions in long licensing agreements, in dense blocks of legal text, or behind vague hyperlinks.
Build Privacy Considerations in from the Start. Mobile app developers should engage in "privacy by design" - which means considering privacy issues from the very beginning of the design process. Developers should also limit the information that is collected, securely store data, and safely dispose of data when it is no longer needed. "For any collection or sharing of information that's not apparent, get users' express agreement," urges the guidance.
Offer Choices That Are Easy to Find and Easy to Use. "Make it easy for people to find the tools you offer, design them so they're simple to use, and follow through by honoring the choices users have made."
Honor Your Privacy Promises. App developers that make promises about data collection and security should comply with those promises. The FTC has taken action against businesses that made broad statements about their privacy practices but then failed to disclose the extent to which they collected or shared information with others - such as advertisers or other app developers.
Protect Kids' Privacy. Apps that are designed for children, or apps that collect personal information from children, should comply with the Children's Online Privacy Protection Act, which requires verifiable parental consent, among other things.
Collect Sensitive Information Only with Consent. "Get users' affirmative OK before you collect any sensitive data from them, like medical, financial, or precise geolocation information."
Keep User Data Secure. Statutes such as the Graham-Leach-Bliley Act, the Fair Credit Reporting Act, and the Federal Trade Commission Act may require app developers to provide reasonable security for sensitive information.
The FTC provides general guidance on truth-in-advertising (http://business.ftc.gov/advertising-and-marketing) and privacy and data security (http://business.ftc.gov/privacy-and-security). The Mobile Marketing Association has also published guidance for mobile app privacy policies ( http://www.mmaglobal.com/bestpractice).