A new staff report by the FTC, What’s the Deal” – A FTC Study on Mobile Shopping Apps, highlights the FTC”s continued concerns about user data and the mobile ecosphere – particularly how payment disputes are handled by developers of mobile apps in the wake of recent Apple and Amazon app issues..
Following in the wake of the FTC’s 2012 workshop on mobile payments (see Paper, Plastic … or Mobile) the latest Report spotlights where mobile developers continue to fail and the steps the FTC expects them to follow in the areas of clear disclosures, transparent privacy policies and reasonable security measures.
First,the report emphasizes the troubles that consumers continue to face with mobile apps. These problems often revolve around transactions that are made with stored value accounts, using either gift or GPR (“General Purpose Reloadable”) card, which are covered by statutory liability limits that protect credit and debit transactions. Consumers must be clearly informed of liability limits and dispute resolutions options and procedures, which the FTC states are frequently lacking.
Secondly, the FTC unearthed a variety of issues with apps’ privacy policies. The report found that developers routinely used vague and obscure language in their privacy policies, which more often than not, grant developers a broad and unspecified power over users’ personal information. The privacy policies often included use of sensitive information such as social security numbers, addresses, location, and even purchase history. In some cases, apps even reserved the right to check a user’s information with a credit bureau. Likewise, the FTC recommended that developers only require information needed for transaction purposes and reduce the ambiguity in privacy policies to make these documents more understandable for consumers.
In conclusion, the staff report analyzed the terminology that companies used to highlight the strength of their security technology currently in place to protect consumers. The report found that these policies often utilized firm language such as ‘being safer than using a credit card’ or ‘safer than a bank’. Comparatively, the FTC noted that companies and developers must stand by any statements they make about the integrity of their security policies.
If you would like to discuss your application’s privacy and security policies, please don’t hesitate to contact us! Email us at info@SmartedgeLawGroup.com or call us at (203) 307-2665.