The FTC issued its second report on children’s mobile applications today. If its first report, issued in February 2012, was the proverbial “shot across the bow,” then this second report was a shot directly into the hull of the ship. The FTC concluded, after reviewing hundreds of kids’ apps, that most of the time basic privacy protections were either absent or woefully inadequate. The agency was troubled that many kids’ apps contain buttons that link to social networks. Also, that kids’ apps send hidden device and other data to advertising networks.

Investigations in the Works

Although reasonable minds may differ on the extent to which the noted issues present real privacy threats as opposed to merely theoretical ones, the agency left no doubt that its enforcement wing has saddled up and donned the six guns. In the FTC’s statements to the press, agency members noted that it is launching numerous confidential investigations to follow up on the issues addressed by the report, starting now.

Three Issues for Companies to Consider

As companies prepare to play defense on these issues, it is important to keep in mind the three areas of overarching focus by the FTC:

  • an app’s functionality on its face (e.g., does it link to social networks, does it prompt children to input identifying or other sensitive information)
  • an app’s ”under-the-hood” technical characteristics (e.g., establishing network connections to developers, ad networks and other third parties)
  • an app’s disclosures (e.g., in what manner and to what extent does an app inform parents of the privacy characteristics)

Simply relying on or linking to your online privacy policy, unless you specifically address the mobile environment, may invite questions regarding the accuracy of your statements. There are other more arcane issues as well, but this is the starting point.