Header graphic for print
Inside Privacy Updates on Developments in Global Privacy & Data Security from Covington & Burling LLP

Federal Trade Commission Releases Report on Mobile Shopping Apps: Finds Insufficient Disclosures to Consumers

Posted in Data Security, Emerging Technologies, Federal Trade Commission, Financial Privacy, Privacy Policies, Technology Transactions

Today, the Federal Trade Commission (“FTC”) issued a staff report examining the consumer-protection implications of popular shopping apps.  These services are intended to ease and enhance the shopping experience by allowing consumers to, for example, compare prices in-store across retailers, collect and redeem deals, or pay for purchases while shopping in brick-and-mortar stores.  The FTC was specifically interested in learning about what information these services make available to consumers before software is downloaded onto the mobile device, such as how the apps manage payment-related disputes like unauthorized transactions and billing errors, or the apps’ processes for handling consumers’ personal and purchase data.  The report, which surveyed a total of 121 different shopping apps across the Google Play and Apple App Stores, concluded that apps frequently failed to provide vital pre-download information.  For instance, of the 45 in-store purchase apps studied, which enable consumers to use their phones to pay for goods purchased in physical stores, few provided information explaining consumer liability or the process for handling payment-related disputes.  Regarding the collection and use of consumer data, the privacy policies for most apps used vague and confusing language giving expansive authority to companies to collect, use, and share personal data.  On the basis of these findings, the report offered the following recommendations to app developers and consumers.

App Developers

  • Disclose consumers’ rights and liability limits for unauthorized, fraudulent, or erroneous transactions.  Before committing to use one of these services, consumers should be able to know what their potential liability is for unauthorized transactions, what protections are available based on method of payment, and whether procedures are available for resolving disputes.
  • Clearly describe how consumer data is collected, used, and shared.  Detailed explanations in plain language help consumers evaluate and compare the data practices of different services in order to make informed decisions about the apps they choose to install.
  • Ensure that strong data-security promises mean strong data-security practices.  Especially in light of the technological advances for smartphones that offer increased security, consumer should receive enhanced protections for data collected.  Any commitments made regarding data security must be honored.

Consumers

  • Look for apps’ dispute-resolution procedures and liability limits, and consider payment methods used to make purchases.  Because federal law limits consumer liability for unauthorized transactions made with credit or debit cards, but does not have limits for prepaid cards or accounts with a pre-loaded balance, consumers may not have recourse for unauthorized charges made with prepaid funds.
  • Seek information before downloading apps about how data is collected, used, and shared.  Consumers should make informed decisions about installing apps and evaluate an app’s data practices before using a particular service.