App Law: Regulators Crack Down

more+
less-

Canadian app developers must take care to avoid sanction from regulators both in Canada and in other countries - particularly in the U.S. - when launching apps.

California’s Attorney General recently began notifying  dozens of app developers that they run afoul of the California Online Privacy Protection Act by failing to post their privacy policies. Developers were given 30 days to comply or face fines of up to $2,500 for each download of a non-compliant app. In Canada, federal and provincial privacy laws also mandate the disclosure of privacy policies and the use of a privacy officer, though the legislation is broadly applicable to the private sector and is not targetted specifically at mobile app developers.

Today the Washington Post ran a story about the FTC’s crack down on apps that make “flimsy” claims  about the health effects of certain apps which claim to cure various ills through cellphone sound, light from the screen, or phone vibrations. Some app developers have been hit with fines (see related article below). The FDA is reportedly preparing draft regulations to regulate health claims made in mobile apps.

In Canada, another app developer faced the ire of the CRTC  (the Canadian Radio-television and Telecommunications Commission, Canada’s telecommunications regulator). The CRTC’s objection to the TrapCall mobile app was apparently based on privacy concerns and the protection of subscriber data, though it is likely prompted by pressure from telecos. TrapCall circumvents the paid call-blocking products offered by telcos, and disrupts a revenue stream - after all, who will pay for call-blocking if ubiquitous mobile apps can unblock calls? But it reflects a wider issue regarding technological innovation in the mobile app space that is colliding with established industry practices and (at times) an outdated regulatory environment.

Lessons for app developers?

  • We’ve said it before: Get advice on privacy before you launch your app.
  • Ensure that your claims do not offend regulatory requirements in the countries where your customers reside - whether the requirements are health related, safety regulations, or other advertising /marketing regulations.
  • Well-drafted end-user license agreements (EULAs), privacy policies or terms of use can assist in mitigating risk in this area.