The Federal Trade Commission on Friday reaffirmed its previous support for informed consent as a cornerstone to privacy protection in the Wild West of mobile information technology.
Its 36-page report, Mobile Privacy Disclosures, Building Trust Through Transparency
, addresses not just mobile application developers, but mobile app platforms as well. While not focused on mobile healthcare applications, the report touches frequently on privacy issues affecting healthcare as well as other mobile application uses.
Informed consent involves a consumer knowing in advance that a platform or app will allow collection of their personal information and still agreeing to its disclosure.
The FTC report authors noted that 217 million smartphones were sold worldwide in the fourth quarter of 2012 alone and thus, the FTC was called to make recommendations to the “major participants in the mobile ecosystem as they work to improve mobile privacy disclosures.”
There has specific regulatory role for the FTC in healthcare-related technologies since passage of the American Recovery and Reinvestment Act of 2009, which gave it enforcement powers over technology companies
such as independent personal health records systems providers not covered under the Health Insurance Portability and Accountability Act and enforced by HHS. The FTC also has regulatory enforcement authority as a consumer watchdog over mobile health devices.
In its just-released report, for example, the FTC said mobile application platform providers should afford consumers with just-in-time disclosures and obtain “express consent from consumers” before allowing apps to access sensitive content, such as geographical locations constantly being obtained by routine operations of the devices, or consent before the platform allows the app to be used for behavioral tracking. Both functions could betray sensitive health-related information, for example, by disclosing that a mobile phone user is making frequent visits to the location of a drug or alcohol treatment abuse clinic, or the mobile app user browses for information about a sexually transmitted disease.
App developers, too, fall under the same FTC gaze, with the regulator recommending that they “provide just-in-time disclosures and obtain affirmative express consent when collecting sensitive information … such as financial, health or children's data,” the report said.