FROM: U.S. FEDERAL TRADE COMMISSION
Staff Report on Mobile Shopping Apps Found Disclosures to Consumers Are Lacking
Many Apps Fail to Provide Information On Payment Dispute Mechanisms, Privacy
The report, “What’s the Deal? An FTC Study on Mobile Shopping Apps,” looked at some of the most popular apps used by consumers to comparison shop, collect and redeem deals and discounts, and pay in-store with their mobile devices. The report builds on the findings of the Commission’s 2012 workshop on mobile payments and the report from that workshop, which raised concerns about consumers’ potential financial liability – as well as the privacy and security of their data – when using mobile payment services.
In this new report, FTC staff surveyed a total of 121 different shopping apps across the Google Play and Apple App Stores. The survey included 47 price comparison apps, which let consumers compare prices on a particular item in real-time; 50 “deal” apps, which provide consumers with coupons or discounts; and 45 in-store purchase apps, which enable consumers to use their phones to pay for goods they purchase in physical stores. Several apps were found in more than one category.
“As mobile apps become more central to the shopping experience, it’s important that consumers have meaningful information about how those apps work before they download them,” said Jessica Rich, director of the FTC’s Bureau of Consumer Protection. “Consumers should not be left in the dark about their potential liability for erroneous or unauthorized charges or about the way shopping apps handle their data.”
The report makes a number of recommendations to companies that provide mobile shopping apps to consumers:
1. Apps should make clear consumers’ rights and liability limits for unauthorized, fraudulent, or erroneous transactions.
The staff report found that, prior to download, the apps reviewed frequently failed to give consumers information about the dispute procedures and consumers’ potential liability in the event something goes wrong with a payment made through the app.
The report recommends that the developers of in-store purchase apps provide clear dispute resolution and liability limits information to consumers, particularly when using a stored value method to process payments, as transactions made using this method may lack the legal protections afforded by credit or debit card transactions.
2. Apps should more clearly describe how they collect, use, and share consumer data.
Privacy considerations are important in mobile commerce apps, the report notes, as the data collected is potentially sensitive. The report finds that a majority of the shopping apps across all three categories had privacy policies disclosing that the apps collected a wide array of information, ranging from consumers’ names and addresses to detailed information on consumers’ purchases, their Social Security numbers, and data provided about the consumers by third parties.
The report finds that the reviewed apps’ privacy disclosures often used vague language, reserving broad rights to collect, use, and share consumers’ information. While almost all of the apps stated that they share personal data, 29 percent of price comparison apps, 17 percent of deal apps, and 33 percent of in-store purchase apps reserved the right to share users’ personal data without restriction, thus making it difficult for consumers to make informed decisions about whether to use the apps based on privacy considerations.
The report recommends that shopping apps clearly describe how they collect, use, and share consumer data. Making that information available will allow consumers to evaluate and compare apps based on how the apps handle their information.
3. Companies should ensure that their data security promises translate into sound data security practices.
The report also recommends that companies, whose apps promise consumer safeguards for their data, follow through on those promises. Specifically, the report recognizes that technology advances found in smartphones can offer the potential for increased data security and encourages all companies to provide strong protections for the data they collect.
Beyond recommendations for companies, the report also urges consumers to closely examine the apps’ stated policies on issues like dispute resolution and liability limits, as well as privacy and data security and evaluate them in choosing which apps to use. The report also notes that when apps do not provide that information, consumers should consider using alternative apps, or in the case of missing dispute resolution policies, limit the dollar amount used to fund stored value accounts.
The report is part of the Commission’s work to ensure that consumers are fully protected in the growing mobile space, which has included workshops and other initiatives to study cutting edge issues in this area, along with a number of law enforcement cases.
The Commission vote to issue the staff report was 5-0.