The Federal Trade Commission (FTC) just announced that Snapchat agreed to settle charges that it deceived consumers about how its popular mobile message app worked and what personal user data it collected.  (Read the FTC’s press release here). Part of Snapchat’s appeal was a feature enabling users to control how long a message could be seen by the recipient. After the designated time limit expires, the message is destroyed, much like the mission briefings in Mission Impossible. At least that’s what Snapchat told users. According to the FTC, Snapchat misled consumers because the app didn’t exactly work the way it said it did. The FTC’s complaint against Snapchat (read it here) included these allegations:

  • Recipients of a “snap” (a Snapchat message) could save the snap using tools outside of the app. Snapchat apparently stored video snaps in a location on the recipient’s mobile device outside of the app’s secure “sandbox.” This enabled recipients to find and save video snaps by connecting their mobile device to a computer and using simple file browsing tools. Another way to bypass the deletion feature was to use apps that connected to Snapchat’s API to download and save snaps.
  • Snapchat told users that if a message recipient took a snapshot of the snap, the sender would be notified. In fact, the screenshot detection mention could be bypassed.
  • Snapchat collected geolocation data of users when it said it would not.
  • Snapchat told users to enter their mobile number to find friends who also use the app, implying that the user’s mobile phone number was the only information it collected. Without the user’s knowledge, Snapchat also collected the names and phone numbers of all contacts in the address book on the user’s phone.

So what’s the significance of the settlement? Here are a few quick takeaways.

  • Descriptions of mobile apps in an app marketplace like iTunes App Store or Google Play are product descriptions that could be the basis for false advertising claims.
  • Including boilerplate language in an app description, terms of use, or privacy policy is a bad idea if you don’t know what it means or can’t verify its accuracy. Snapchat’s privacy policy told users that it “did not ask for, track, or access any location-specific information.” A lot of apps say that. The problem was that Snapchat integrated an analytics tracking service in the Android version of the app that did collect location information.
  • Take into account exploits and workarounds when drafting privacy policies and product descriptions. This includes software that uses the app’s API.
  • The FTC is getting more active in pursuing false advertising claims against mobile app makers. In December of last year, the FTC settled charges that the developer of the “Brightest Flashlight Free” app deceived consumers about how their geolocation information would be shared with advertising networks and other third parties. The FTC’s interest in suing companies that allow a data breach to occur is also a growing concern, especially after the New Jersey federal district court’s decision in FTC v. Wyndham Worldwide Corp., recognizing the FTC’s authority to prosecute cases where a company is alleged to have failed to maintain “reasonable and appropriate data security for consumers’ sensitive personal information.”
  • Information transmitted over the Internet is rarely, if ever, gone forever. Somehow, somewhere, electronic data can be retrieved.
Enhanced by Zemanta

Rock legend gets to continue lawsuit against HP for selling penis-measuring app named after himEvans v. Hewlett-Packard Co., 2013 WL 4426359 (N.D. Cal. Aug. 15, 2013)

English: Photo of Chubby Checker when he was i...

(Photo credit: Wikipedia)

Want to test the urban myth that a man’s shoe size is a good measure of his you-know-what?  Well, there’s an app for that.  Or there was.  And the app store that sold it is being sued by the app’s namesake, who isn’t thrilled that his name was associated with a digital ruler for male nethers.

“The Chubby Checker” was an app for estimating the size of a man’s genitals based on his shoe size.  Hewlett-Packard’s subsidiary, Palm, Inc., offered the app for sale on its app store.  The name of the app is a pun based on “Chubby Checker,” the stage name of rock-and-roll legend Ernest Evans.  Evans and the companies who owned registered marks associated with the name “Chubby Checker” sued HP and Palm for trademark infringement and dilution, federal unfair competition, and various state law claims.

The defendants tried unsuccessfully to dismiss the trademark infringement claim.  The complaint sufficiently alleged a claim of contributory infringement against the defendants, the court found.  Plaintiffs alleged that the “Chubby Checker” name and mark was internationally famous.  The defendants also allegedly maintained “primary control” over the use of the mark by setting up a detailed application and approval process for the app.  Thus, the court ruled that it was plausible to infer that the defendants knew or could have reasonably concluded that the plaintiffs would not have consented to license the “Chubby Checker” mark for use with the app.

The defendants fared better in their attempt to dismiss the state law claims.  The defendants invoked Section 230 of the Communications Decency Act, which immunizes internet service providers from tort liability based on content published by third parties.  The plaintiffs did not allege that the defendants created the app.  Instead, third parties created the app.  Since the defendants were internet service providers rather than content providers, Section 230 required dismissal of the state law claims.

LegalTXTS Lesson: This ruling could be a major setback for app store operators.  Essentially, it means an app store could be sued for contributory trademark infringement whenever one of the apps it sells is the subject of trademark litigation.  That might make some sense if the app store set up an approval process that includes review of the intellectual property rights used by apps (e.g., see how the app Pic Bubbler fared in the review process for the Apple App Store), but not if such review is missing from the app approval process (Google Play, for example, employs a minimal review process).  And you can bet the app store operator is a prime target for litigation if it’s a deep pocket.  Like in this case, who would you rather sue—HP, or the creator of The Chubby Checker, which apparently sold a mere 88 copies at 99 cents each?

Enhanced by Zemanta