FTC Publishes Guidelines Designed to Assist Mobile App Providers with Privacy Compliance

By Jennifer Kashatus

Earlier this month, the FTC published guidelines designed to assist mobile app providers in complying with privacy and truth-in-advertising principles.  In the guidelines, the FTC walks through certain privacy principles, which it set forth in its Privacy Report issued last March.  Specifically, the FTC encourages mobile app providers:

  • to incorporate privacy principles into the design of their app (“privacy by design”)
  • be transparent about their data collection and use practices
  • offer users choices in the use and disclosure of their information (e.g., opt-out practices, privacy settings), and make those choices easy to find
  • honor privacy promises
  • protect children’s privacy
  • obtain consent before collecting sensitive information (e.g., health, medical)
  • protect the security of the information (consider information collection practices, security)

In the guidelines, the FTC makes clear that mobile app providers, like website operators, are bound to the promises that they make to consumers.  As in the Privacy Report, the FTC emphasizes that mobile providers must obtain consent from their customers before making materials changes to their previously stated privacy practices.  The FCC also briefly address advertising guidelines, and noted that app providers should be clear about what the app does — and does not — do.