New FTC recommendations target mobile privacy concerns
In the past few years, mobile devices have become an integral part of business and personal communications.
March 25, 2013 at 08:00 PM
5 minute read
In the past few years, mobile devices have become an integral part of business and personal communications. In a typical day, a consumer may use a mobile device to read files on his company server, review stock quotes and the latest news, email or text colleagues, pay bills, post status updates on LinkedIn and Facebook, check airplane schedules, locate the nearest Starbucks and buy movie tickets.
Such activity creates the potential for companies to collect sensitive personal data, including medical and financial information, as well as purchasing preferences that can be used for advertising and marketing purposes. The devices also track users' locations and movements. Reflecting growing public concern about the privacy implications, the Federal Trade Commission (FTC) on Feb. 1 issued a report strongly encouraging mobile platform providers and app developers to take steps to safeguard personal information.
The FTC recommendations in- clude obtaining express consent from consumers before apps access content including geolocation, contacts, photos and calendar entries, as well as developing icons to depict the transmission of such data. The FTC report states that mobile platforms should also consider offering a Do Not Track (DNT) feature for mobile users that would allow them to prevent ad networks or other third parties from tracking the websites they visit.
“The FTC does not have general rulemaking authority, so the report does not have the force of law, but instead is instructive and influential as to what constitutes best practices in the view of the FTC,” says Christopher Wolf, a Hogan Lovells partner.
“Wild West” Practices
The FTC and the Obama administration last year issued separate sets of recommendations for safeguarding consumers' online privacy on computer Internet browsers, but those reports didn't cover apps for shopping, social networking and other services offered on smartphones and other mobile devices.
“We've been looking at privacy issues for decades,” Jon Leibowitz, recently retired FTC chairman, told the New York Times. “But this [report] is necessary because so much commerce is moving to mobile, and many of the rules and practices in the mobile space are sort of like the Wild West. These best practices will help to safeguard consumer privacy and build trust in the mobile marketplace, ensuring that the market can continue to thrive.”
The FTC raises several questions in its report: How do companies privy to personal information use it or share it? With so many players collecting and using consumer data, who should provide privacy information to consumers? Given the limited screen space of mobile devices, how can this information be conveyed?
William Baker, of counsel at Wiley Rein, says the main concern of both regulators and legislators is that consumers don't know how their data is being collected online and sold, and they have no control over it.
The FTC claims that 57 percent of all app users have either uninstalled an app due to concerns about having to share their personal information or declined to install an app in the first place for similar reasons.
“Even without such measures [as the FTC is proposing], however, the mobile marketplace has obviously flourished,” Baker counters.
Whether the market would flourish even more or be hurt by rising costs if the FTC's suggestions were widely implemented is anyone's guess.
Enforcement Anticipated
The FTC has shown it will use Section 5 of the FTC Act, which broadly prohibits “unfair or deceptive acts or practices in or affecting commerce,” to bring enforcement actions against companies that it claims fail to protect privacy and data security, says Michelle Cohen, an Ifrah Law member.
“The FTC and the states follow a 'say what you do and do what you say' approach to privacy,” Cohen says. “If your company says in a privacy policy that it does not share, say, your personal information with third parties, or does not share your contacts, then it has to abide by that.”
In some cases the FTC has considered data that companies collect online to be consumer reports covered by the Fair Credit Reporting Act and subject to its requirements. It also has used its enforcement powers under the Children's Online Privacy Protection Act.
“I anticipate further FTC and state attorney general actions against mobile app providers, with a particular focus on children's privacy and financial privacy. The FTC has also shown some interest in medical apps,” Cohen says.
Code of Conduct
For months before the FTC report was issued, the National Telecomm- unications and Information Administration (NTIA) of the Depart- ment of Commerce sponsored multistakeholder meetings to develop a voluntary code of conduct regarding mobile data privacy.
“It is reasonable to assume that the FTC released its staff report at this time in an attempt to influence the course of the NTIA process,” Baker says.
The FTC report comments on the industry effort to develop standards by stating: “To the extent that strong privacy codes are developed, the FTC will view adherence to such codes favorably in connection with its law enforcement work.”
Baker says the FTC could regard a voluntary code of privacy conduct for the industry as a safe harbor protecting companies from enforcement actions.
“The question is whether the FTC will regard whatever emerges from the NTIA multistakeholder group as 'strong,'” he says. “If it does not, then one incentive for the industry to sign on to whatever emerges from the multistakeholder process vanishes.” n
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllSo You Want to Be a Tech Lawyer? Consider Product Counseling
FTC Lauds Withdrawal of Proposed Indiana Hospitals Merger After Leaning on State Regulators
4 minute readHow Qualcomm’s General Counsel Is Championing Diversity in Innovation
6 minute readDigging Deep to Mitigate Risk in Lithium Mine Venture Wins GM Legal Department of the Year Award
5 minute readTrending Stories
- 1Red Tape, Talent Wars & Pricey Office Space Greet Firms Entering Saudi Arabia
- 2A Funny Thing Happened on the Way to Becoming Clerk of the Forum
- 3Pa. Supreme Court Taps New Philadelphia Family Division Administrative Judge
- 45th Circuit Rules Open-Source Code Is Not Property in Tornado Cash Appeal
- 5Mediators for the Southern District of New York Honored at Eighth Annual James Duane Awards
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250