In 2011, both of Minnesota’s Senators have called for change in mobile device practices. Following is a recap of their efforts along with best practices for Minnesota companies operating in the space.
On February 8, Senator Amy Klobuchar sent a letter to the FTC, urging greater scrutiny of “in-app sales” where she called for transparency in the “billing practice that holds the potential for consumer confusion.” Her letter was on the heels of several critical media reports, including a notable Washington Post article. The issue was that Apple did not require reentry of a user password for fifteen minutes after an application was downloaded; in those fifteen minutes kids were making multiple in-app purchases, reportedly in some instances totaling as much as $1,400.
On March 9, Apple released an update to its mobile operating system that required password reentry after download for in-app purchases (but it maintained the 15 minute window). Thus, users can make purchases prior to a requirement of password reentry. In response, Senator Klobuchar released a statement on March 11, commending “this common sense safeguard” though she caveated her statement by saying “we can still do more to eliminate outrageous charges.”
More recently, on May 12, Senator Al Franken, chaired a senatorial hearing that questioned Apple and Google on user location tracking. Apple and Google made public statements in advance denying individual user tracking, but they implicitly acknowledged that data was stored in unencrypted format; the result of several bugs. Although, Senator Franken and the committee acknowledged the benefits of fast-evolving mobile telephone technologies, they expressed concerns about guardianship of user personal data.
Furthermore, Senator Franken and the committee made clear that they did not intend to stop innovation and there was consensus that legislation could not overreach and stifle a growing industry that provides many benefits to its users, and relies on location- based data.
Ironically, Apple and Android had released fixes to their respective operating systems approximately one week before the subcommittee hearing, arguably in some ways rendering it moot. It did however, provide an opportunity for the FTC to reiterate its positions stated on May 10, in a hearing that garnered a lot less media attention.
Without knowing precisely what to expect next, the Senators respective efforts highlight the key issues facing any developer — large or small — in the fast-evolving app ecosystem: billing and privacy.
1. Disclose “in-app” purchase functionality prominently in your application description.
3. Use a reasonable, balanced and defensible “in-app” purchase pricing strategy.
4. Customer service is important, be prepared to tell your users how to obtain refunds for “in-app” purchases.
5. Consider “in-app” repeat purchase time limits.
6. An app should only collect information which is absolutely necessary.
8. Encrypt sensitive user information.
9. Encrypt third-party data transfers.
10. Avoid combining application data with information from other sources, and if you must, be sure to disclose that you will to users.