Apple settles FTC complaint over charges in children's apps
The company will pay at least $32.5 million to refund customers whose children paid for in-app items
IDG News Service - Apple will pay at least $32.5 million to customers in a settlement over a U.S. Federal Trade Commission complaint that the company allowed children to run up huge in-app purchases on the company's devices.
Apple has agreed to the $32.5 million as a minimum payment, with the money going back to consumers, some of whom racked up thousands of dollars in in-app purchases by children, FTC Chairwoman Edith Ramirez said Wednesday. The problem came when children, playing apps aimed at kids, asked for their parents' passwords to buy an in-app item, then Apple left open a 15-minute window allowing the children to continue purchasing in-app items, she said.
"We contend there were millions of dollars worth of harm in this matter," Ramirez said. Apple was aware of the problem since March 2011 and "failed to fix the problem," she added.
Apple settled a class-action lawsuit related to the same issue last February, but the proposed settlement with the FTC goes farther than the class-action settlement, Ramirez said. The FTC deal requires full consumer repayment, while the class-action settlement does not, she said.
If consumers do not file $32.5 million worth of claims, the FTC will pocket the difference. The settlement will require Apple to give parents notice of in-app purchases by children, Ramirez said.
Apple CEO Tim Cook, in a letter to Apple employees obtained by 9to5mac.com said the settlement will be surprising to employees because "Apple has led the industry by making the App Store a safe place for customers of all ages."
Apple has already taken steps to fix the issue, Cook wrote. Last year, the company sent email messages to 28 million App Store customers who've made in-app purchases in kids games, he said. The company received 37,000 claims and will reimburse all affected customers, he said.
Cook complained that the FTC moved forward with its complaint after the class-action lawsuit was settled. "We faced the prospect of a second lawsuit over the very same issue," he wrote. "It doesn't feel right for the FTC to sue over a case that had already been settled. To us, it smacked of double jeopardy. However, the consent decree the FTC proposed does not require us to do anything we weren't already going to do, so we decided to accept it rather than take on a long and distracting legal fight."
The settlement is an important step that "sheds light on a growing practice that poses risks to children and families," said Jeff Chester, executive director of the Center for Digital Democracy, a group focused on online privacy.
"In-app purchasing is becoming the dominant business model in many online games and other children's entertainment content on mobile phones, tablets and gaming devices," Chester said by email. "Yet the techniques used to trigger these purchases are, in many cases, unfair and deceptive, taking advantage of children's vulnerabilities."
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is firstname.lastname@example.org.
- Big Data, Big Mess: Sound Risk Intelligence Through Complete Context This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Confront consumerization with convergence Virtualization expert Elias Khnaser spotlights the security, compliance, and governance issues that arise when enterprise users "consumerize" with shadow IT and public cloud...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope... All iOS White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!