US FTC fines Path $800,000 and launches mobile app guidance

The US Federal Trade Commission (FTC) has imposed an $800,000 fine on Path, a social networking service. Path was allegedly collecting children's personal information without their parents’ consent, which is a breach of the Children’s Online Privacy Protection Act (COPPA). Path collected personal data from some 3,000 users under the age of 13.

The settlement, that was reached on 1 February, requires Path to establish a comprehensive privacy program. The company will be subject to independent privacy audits for the next 20 years, to be conducted every second year. Path must also to delete the information collected from children.

Path operates a social networking service that allows users to keep journals about “moments” in their life and to share that journal with a network of up to 150 friends. The FTC said that the user interface in Path's iOS app was misleading and provided consumers no meaningful choice regarding the collection of their personal information.

The FTC has now issued guidance for privacy and mobile apps. Its 29-page report, ‘Mobile Privacy Disclosures - Building Trust Through Transparency’ says that operating system providers should consider developing a one-stop ‘dashboard’ approach to allow consumers to review the types of content accessed by the apps they have downloaded, and app developers should have a privacy policy and make sure it is easily accessible through the app stores.

See the FTC settlement at http://www.ftc.gov/opa/2013/02/path.shtm
See the FTC guidance at http://ftc.gov/os/2013/02/130201mobileprivacyreport.pdf