A Cautionary Tale For Mobile App Start-Ups
Last week, small-scale social networking app provider Path settled Federal Trade Commission charges that that the company improperly collected personal information in violation of the FTC Act and the Children’s Online Privacy Protection Act (“COPPA”).
Path allows users to upload, store and share their photos, journal entries, notes, location, and other personal information with up to 150 friends.
The FTC also charged that Path violated COPPA by knowingly accepting registrations from over 3,000 children under 13, without first getting their parents’ consent. Not only did the app store those kids’ information, it then collected personal information for each contact in the child’s mobile address book. A double no-no.
The settlement requires Path to establish a comprehensive privacy program and obtain independent privacy assessments every other year for the next 20 years. It also includes a hefty $800,000 fine – a significant penalty for a relatively new startup. Yikes!
Along with the FTC’s announcement of the settlement, the FTC also issued guidelines on data security standards and a pamphlet on how to improve mobile privacy disclosures.
And now, speaking of disclosures, here comes a shameless plug. I will be hosting a Webinar on Data Privacy on March 20th. Stay tuned for the details.