Health App Developers Revise Privacy Practices To Settle Investigation

Health App Developers Revise Privacy Practices To Settle Investigation

by Wendy Davis @wendyndavis, March 24, 2017

Health App Developers Revise Privacy Practices To Settle Investigation

Three mobile health app developers have agreed to revise their privacy policies, as well as some of their ad claims, in order to settle an investigation by NY Attorney General Eric Schneiderman.

The developers behind Cardiio and Runtastic (which claim to measure heart rates) and My Baby’s Beat (which says it monitors fetal heart rates) also agreed to pay $30,000 in combined penalties.

Among other settlement terms, the app developers say they won’t disclose certain information about users, including geolocation data and device identifiers, without their consent. The developers also promised that they won’t share de-identified information about users with other companies, unless those companies promise to avoid re-identifying people.

Those terms mark a change from the developers’ prior practices, according to the Attorney General. For instance, the Austrian-based Runtastic previously collected and disclosed some data about users regardless of whether they affirmatively agreed to its privacy policy, according to the official “assurance of discontinuance” agreement.

“Unless a user created an account with Runtastic, the company deemed a consumer to have consented to the privacy policy by default, if the consumer used the Runtastic web site,” the document states.

“Runtastic collected and provided to third parties the unique device identifier of users of Heart Rate Monitor, which is personally identifiable information,” the agreement continues. “Runtastic did not disclose this practice to users.”

Schneiderman’s office said the three apps also were initially marketed without enough information to back up claims that they could monitor vital signs. The companies all agreed to revise their advertising and warnings to consumers.

The agreements came after a one-year investigation into around 20 health apps that were touted as capable of monitoring heart rate, blood pressure, moles and other health indicators.

The Federal Trade Commission also has been cracking down on developers of health apps. In 2015, the FTC obtained agreements from marketers of two supposed melanoma-detection apps, which claimed to be able to analyze the risk of melanoma from users’ smartphone photos. Search Marketing Daily