Yesterday, the FTC announced that it had approved a final order settling charges that HTC America failed to take reasonable steps to secure the software it developed for mobile devices. (We’ve previously blogged about the case here.) The FTC alleged that this failure amounted to an “unfair” practice in violation of Section 5 of the FTC Act.
The settlement with HTC is significant for several reasons. First, the now-final consent order requires HTC to release software patches to fix vulnerabilities that the FTC identified in the course of its investigation—an unprecedented requirement in this context. Also, the HTC case reflects the FTC’s increasing focus on privacy and security in the mobile space. The Commission announced the settlement with HTC not even a month after it announced a settlement with the operator of the Path social networking mobile app and simultaneously released a staff report entitled “Mobile Privacy Disclosures,” which focused primarily on the responsibilities of mobile platform providers, such as Apple, Google, and Microsoft.
All signs point to a continued emphasis on mobile under newly appointed FTC chair Edith Ramirez.