Marketing Mobile Apps - the FTC Guidance

Recently, the Federal Trade Commission issued a report titled “Marketing Your Mobile App: Get It Right From the Start”. Importantly, the FTC explained that once developers start distributing their apps, they become advertisers, so the truth-in-advertising laws apply: anything that developers tell prospective users (on their website or in the app description page) must be truthful. There cannot be false or misleading claims or omissions of important information. If developers make an objective claim about the apps, they need to have “competent and reliable evidence” to back up their claims. For example, if an app claims to provide benefits related to health, safety or performance, there needs to be competent and reliable scientific evidence to support such claims.

The other principles include:

• "Disclose Key Information Clearly and Conspicuously. –“If you need to disclose information to make what you say accurate, your disclosures have to be clear and conspicuous.”
  
• Build Privacy Considerations in From the Start. – Incorporate privacy protections into your practices, limit the information you collect, securely store what you hold on to, and safely dispose of what you no longer need. “For any collection or sharing of information that’s not apparent, get users’ express agreement. That way your customers aren’t unwittingly disclosing information they didn’t mean to share.” 

• Offer Choices that are Easy to Find and Easy to Use. – “Make it easy for people to find the tools you offer, design them so they’re simple to use, and follow through by honoring the choices users have made.” 

• Honor Your Privacy Promises. – “Chances are you make assurances to users about the security standards you apply or what you do with their personal information. App developers – like all other marketers – have to live up to those promises.” 

• Protect Kids’ Privacy. – “If your app is designed for children or if you know that you are collecting personal information from kids, you may have additional requirements under the Children’s Online Privacy Protection Act.” 

• Collect Sensitive Information Only with Consent. – Even when you’re not dealing with kids’ information, it’s important to get users’ affirmative OK before you collect any sensitive data from them, like medical, financial, or precise geolocation information. 

• Keep User Data Secure. – Statutes like the Graham-Leach-Bliley Act, the Fair Credit Reporting Act, and the Federal Trade Commission Act may require you to provide reasonable security for sensitive information. The FTC has free resources to help you develop a security plan appropriate for your business." 

A full copy of the Guidance is found here.

This article is not a legal advice, and was written for general informational purposes only.  If you have questions or comments about the article or are interested in learning more about this topic, feel free to contact its author, Arina Shulga.  Ms. Shulga is the founder of Shulga Law Firm, P.C., a New York-based boutique law firm specializing in advising individual and corporate clients on aspects of business, corporate, securities, and intellectual property law.