Wednesday, September 19, 2012

Four things app developers need to know about the new FTC mobile app marketing guide

On September 5, the FTC published its new guide to marketing mobile apps, and although it may not make any changes to the law, it will probably come as quite a surprise to many app developers.

The first points in the Guide deal with the general issue of misrepresentations. And although the language in the Guide is chatty, the points in there are all business. But they're also not hard to comply with, boiling down to one simple one: don't say things about your app that you can't prove to be true. This seems like common sense. Amazingly it's not. The FTC points to an app whose developers claimed it could cure acne. I'm not even sure how that could be possible. Apparently the FTC agreed, because they took action to shut it down.

But that much is easy. Where it gets a bit more involved is when the FTC turns its attention to privacy issues. The FTC is very concerned about privacy in the mobile app space. I'm even told they have mystery shoppers downloading apps and testing them out for privacy compliance issues. No surprise then that most of the Guide is dedicated to privacy. And the Guide contains three additional big points on privacy issues that app developers should consider:

1. Think about creating a privacy policy. If you only want to sell to the US domestic market, creating a privacy policy is up to you. But if you want to expand into Canada, Europe, Australia, or pretty much anywhere else than the USA, you will need to have a privacy policy that sets out the kinds of data you'll collect, what you're planning to do with it, and various other requirements.

Speaking broadly, it's against the law in Europe for you to have users in Europe and keep their personal data in the USA unless you've agreed to abide by a set of rules called the Safe Harbor rules. These rules basically say that you'll give European users all the same protections for their personal information that they would have if you were in Europe. I've linked to a pretty good summary below.

You might think this isn't relevant to you: you don't live in Europe, you're not planning to open an office there, and so you shouldn't be subject to their laws. Maybe. But if you think you're ever going to have an app sold by iTunes or Amazon or Google in Europe, you'll need to make sure you're paying attention to these rules.

2. Keep the promises in your privacy policy. In the USA (unlike in most of the rest of the world) privacy issues are by and large treated like a false and misleading advertising issue. If you aren't collecting health, banking, or other specific types of information, there aren't a whole lot of restrictions on what you can collect. But if you make a promise in a privacy policy that you won't collect certain types of information, then you need to make sure you don't collect it. If you do collect it, then you've made a false promise to the consumer in order to get them to download your app. That's the kind of thing the FTC can, and does, investigate.

This is why, if you do decide to create a privacy policy, you need to think very hard about the kinds of things you'll say in there. I've seen developers who just copy the privacy policy from another company's app or site without really even knowing what it means. This way lies madness.

3. Prohibit kids from giving information through your app. One of the biggest exceptions to the rule I just said about there not being a lot of rules around collecting information relates to collecting information about kids. The easiest way to avoid this is by making sure that you don't allow kids under 13 to create accounts or provide you with personal information using your app. Otherwise you need to get parental consent to collect anything, and that can make things very complicated very quickly.

This Guide isn't a regulation. It doesn't give the FTC any new powers or create any new rules. From reading it I can tell it's the kind of thing that the FTC would basically think is just common sense. But from reviewing some of the notifications I get when downloading apps, I can also tell that many app developers wouldn't agree. Only one of these positions can be right. But with the FTC rediscovering that it can bring enforcement actions and showing that it has an appetite for them (see: Apple e-books litigation), app developers would be wise to pay attention.

FTC guide to promoting mobile apps
Safe Harbor basic information page from Wikipedia


  1. I am glad to found such useful post. I really increased my knowledge after read your post which will be beneficial for me.

    iPhone Application Development

  2. I really increased my knowledge after read your post which will be beneficial for me.

  3. This comment has been removed by the author.

  4. Thank you for this great information, you write very well which i like very much. I am really impressed by your post.SEO Liverpool

  5. Thank you for give very nice info What a cool site.

  6. This is good knowledge gaining article. This post is really the best on this valuable topic. Mobile App Developers


Thanks for commenting. Posts and comments aren't legal advice; requests for legal advice in the comment probably won't get answered. Sorry to have to do this but someone someday is going to make me glad I did...