Privacy & Cybersecurity Law Blog

On August 1, 2014, the Federal Trade Commission released a new staff report examining the consumer protection implications of popular mobile device applications that provide shopping and in-store purchase services. The report, What’s the Deal? An FTC Study on Mobile Shopping Apps, details the findings from a recent FTC staff survey that studied consumer rights and data protection issues associated with some of the most popular mobile shopping apps on the market.

Building on the FTC’s March 2013 staff report on mobile payments, the survey examined 121 mobile shopping apps from the Google Play and Apple App Stores, focusing on the surveyed apps’ disclosures regarding their dispute resolution procedures, liability limits and consumer data practices. In general, the surveyed apps provide services for comparison shopping, collecting and redeeming discounts and coupons, and making in-store purchases with mobile devices. Based on the survey findings, the FTC staff concluded that these types of mobile shopping apps often fail to disclose information on issues that are important to consumers.

In light of the survey findings, the report makes several recommendations to companies that offer mobile shopping apps, including:

• “[C]ompanies should disclose consumers’ rights and liability limits for unauthorized, fraudulent, or erroneous transactions.” The FTC staff found that, prior to download, many in-store purchase apps frequently fail to equip consumers with sufficient information about how the service manages disputes over contested purchases and their policies regarding the consumer’s potential liability for unauthorized transactions. The report recommends that companies clearly communicate this information to consumers prior to installation, especially for methods of payment that lack the legal protections afforded to credit or debit card transactions, such as certain types of purchases involving prepaid, gift card or stored value accounts.
• “[C]ompanies should clearly describe how they collect, use and share consumer data.” The FTC staff found that a majority of the surveyed apps have privacy disclosures that use vague language, reserving broad rights to collect, use, and share consumers’ information. The report encourages mobile shopping apps to clearly describe how they collect, use, and share consumer data to provide consumers with more detailed explanations about how the apps handle their information.
• “[C]ompanies should ensure that their strong data security promises translate into strong data security practices.” The FTC staff found that an overwhelming majority of the surveyed apps promise to implement data security safeguards to protect consumer information. Although the FTC staff did not test the apps to verify whether the security measures functioned as promised, the report nevertheless urges companies to honor their data security promises and to employ reasonable and appropriate safeguards in accordance with FTC enforcement actions and guidance materials.

The report also provides guidance to consumers, encouraging them to think twice about how they select and use mobile apps. Consumers are advised to consider downloading an alternative app or avoid making large purchases if information about the app’s dispute resolution procedures and liability limits is not available prior to download. Likewise, the report warns consumers to make sure they understand how their data will be collected, used, shared and secured prior to downloading a mobile shopping app.