In remarks delivered at the 2014 BAA Marketing Law Conference, Jessica Rich, director of the FTC’s Bureau of Consumer Protection, confirmed that, when it comes to privacy, the FTC is focusing on mobile technologies in a big way.
This is nothing new—the FTC has brought a number cases in the past couple of years. 2014 was an especially active one, though. For example, the FTC and Apple settled a complaint alleging Apple billed consumers for millions of dollars of charges racked up by children in kids’ mobile apps without first getting parental consent for those purchases. The FTC filed similar complaints against Amazon and Google involving in-app purchases by kids. Google decided to settle with the FTC while Amazon has geared up for a fight.
Earlier in the year, the FTC, the FCC, and certain states reached a $105 million settlement with AT&T involving claims that AT&T unlawfully billed customers for unauthorized third-party charges—also known as mobile “cramming.” The regulators alleged that AT&T billed its customers for subscriptions for ringtones, text alerts, horoscopes, and other services, keeping a portion of the fees from themselves.
And more recently the FTC again went after AT&T, this time for limiting the availability of data in its “unlimited data” plans, a practice known as “throttling.” The agency claims the throttling is unfair and deceptive because AT&T had promised unlimited data, and then reduced data speed without informing its customers.
I’m not saying these things are related, but, with all this negative publicity and enforcement activity, is it any wonder that AT&T was in the news soon after the throttling claims—this time announcing that it had stopped using hidden “supercookies” to track mobile users’ online activity?
The FTC mobile enforcement actions are obviously targeting high-profile companies. But what does it mean for smaller operations?
It means that mobile is a priority for the FTC and is likely to remain so in 2015. Those operating in the mobile space (app providers, developers, marketers, others) should be careful. If you haven’t already, get your privacy policies and practices in order now, on the front end, before any complaints from consumers, state regulators, or the FTC occur. Engaging in “Privacy by Design” now will save you time, energy, and money later if a complaint or enforcement action is initiated.