NY AG Targets Mobile Health Applications Over Privacy Policy, Misleading Claims Concerns

Print Friendly, PDF & Email

March 28, 2017

privacy-policyThe Office of the New York State Attorney General (“NY AG”) recently announced a settlement of its investigation into the privacy policy and advertising-related business practices of three popular health-based mobile applications.   Each of the applications ostensibly allowed users to track their fitness, and measure vital signs and other heath indicators, as a method to promote healthy behavior.

What was the nature of the privacy-related practices that landed the health application operators in hot water?

The NY AG focused its investigation into both the app developers’ alleged misleading advertising claims, as well as their practices regarding the collection, use and sharing of personal information.  Generally speaking, with respect to the app developer privacy practices, the NY AG investigation was concerned with practices that did not require users to consent to applicable privacy policies, nor agree to the collection of various forms of personal data generated through use of the applications (including age, gender, weight, heart-rate, etc.) as part of the sign-up process.  Additionally, the NY AG alleged that the developers did not disclose to users that the personal information that was collected from them and shared with third-parties might not be afforded the protections required by the federal Health Insurance Portability and Accountability Act (“HIPAA”).

Furthermore, with respect to marketing practices, the NY AG investigation focused on alleged deceptive statements concerning the performance of the subject applications.  Specifically, through their marketing, the application developers represented to users that the applications could turn smartphones into accurate heart rate monitors, without the requisite information and testing necessary to substantiate those marketing claims.

In accordance with the settlement, the app developers have agreed to pay $30,000 in penalties, to affect changes to their privacy practices that require that they obtain affirmative consent from consumers in order to collect, use and share personally identifying information, and to include in their marketing that the applications have not been approved by the U.S. Food and Drug Administration.

Changing Rules of the Road for Online Privacy and the Need for A Well-Drafted Privacy Policy

Given the current legal landscape concerning the collection, use and sharing of various forms of personally identifiable information, it makes good business and legal sense to craft a privacy policy that is not only well-suited to the needs of your business, but that also provides your customers/users with all the information that they require to make informed decisions regarding the disclosure of their personal information.  Once in place, however, it is equally important to strictly adhere to the terms of your privacy policy.  The privacy policy is a contract with customers.  The failure to adhere to the terms included in your privacy policy could expose your business to significant liability, including regulatory action and private litigation.

The ongoing evolution of online and mobile privacy law warrants continued attention from Internet attorneys, technology attorneys and those interested in consumer privacy in general. If you are interested in learning more about this topic, or preparing an online or mobile privacy policy for your business, please e-mail us at info@kleinmoynihan.com or call us at (212) 246-0900.

The material contained herein is provided for informational purposes only and is not legal advice, nor is it a substitute for obtaining legal advice from an attorney.  Each situation is unique, and you should not act or rely on any information contained herein without seeking the advice of an experienced attorney.

Attorney Advertising

Similar blog posts:

FTC Trains Its Sights on Cross-Device Tracking

Well-Drafted Privacy Policy Saves the Day for GameStop

Why Every Mobile App Needs a Privacy Policy

David O. Klein

David O. Klein

David Klein is one of the most recognized attorneys in the telemarketing, technology, Internet marketing, sweepstakes and telecommunications fields. Skilled at counseling clients on a broad range of technology-related matters, David Klein has substantial experience in negotiating and drafting complex licensing, marketing and Internet agreements.

Schedule a Call
In The Know

Trending Topics

New York Sweepstakes Law blog- Klein Moynihan Turco

New York Sweepstakes Law: Are You Compliant?

Print Friendly, PDF & Email

In general, a lottery exists when entrants pay for the chance to win a prize. States alone reserve the right to administer lotteries. Businesses can eliminate one element of what would otherwise be an illegal lottery, in order to transform it into a legal promotional game. If the requirement to

TCPA surveys

An Ad or not an Ad: NY Weighs in on TCPA Surveys

Print Friendly, PDF & Email

Another day, another court decision that refines constitutes a Telephone Consumer Protection Act (“TCPA”) unsolicited fax advertisement. A Manhattan-based federal court recently issued a decision that removes faxed invitations to participate in a survey from the TCPA definition of advertisement. In drawing this distinction for TCPA surveys, the Court held

NY sports gambling law- Klein Moynihan Turco

Agreement Reached to Enact NY Sports Gambling Law

Print Friendly, PDF & Email

This week, Governor Andrew Cuomo and the New York State Legislature agreed to a budget deal that will bring mobile sports betting to the State through a unique NY sports gambling law.  Upon the Governor’s signature, NY sports gambling is primed to become the nation’s largest market. However, New York

UK and US Social Media Influencer Laws

UK and US Social Media Influencer Laws

Print Friendly, PDF & Email

In September of 2020, the United Kingdom’s (“UK”) Committee of Advertising Practice (“CAP”) reviewed the Instagram accounts of 122 UK-based social media influencers to determine whether content was being properly flagged as advertising in accordance with applicable social media influencer laws. This past March, the UK Advertising Standards Authority (“ASA”)

Share on facebook
Share on google
Share on twitter
Share on linkedin