I. Introduction
The mobile health (mHealth) industry is no longer “emerging.” Ready or not, for better or worse, it is here. According to the PEW Research Center, more than three-quarters of Americans now have a smart-phone1 and more than half of smartphone users are collecting “health-associated information” in some way with those smartphones.Reference Edwards2 There has been a proliferation of mHealth apps. Reports indicate more than 325,000 of them are available via the Google Play Store, Apple App Store, and elsewhere,Reference Pohl3 and projections for the global mHealth app market — of which North American is considered the leading region and the U.S. is the leading country within that region — are that it will generate more than $111 Billion U.S. dollars by 2025.4 The mHealth apps are diverse and have been described as falling into one of four different types: informational, diagnostic, control, and adapter apps.Reference Roth5 Through mHealth apps and other apps not typically considered by users to be health-related, personal data are being generated and aggregated at unprecedented levels. The data flow in and out of the mHealth apps, connecting with gadgets and online platforms. Researchers have been able to leverage this trend and potentially involve a wide range of participants (across many geographic and jurisdictional boundaries) with the Apple ResearchKit6 and Android ResearchStack.Reference Wicklund7 Understanding the consumer protections available to mHealth app consumers outside of any formal research project is critical when trying to detangle the research-related risks with those arising simply from participation in ordinary, everyday life in the 21st Century. Additionally, an understanding of generally applicable laws is an essential prerequisite to any serious policy discussions about the need for, or design of, specific laws tailored to mHealth apps and related technologies.
The Federal Trade Commission (FTC) is the best-suited agency in the United States to provide both well-calibrated and well-timed governmental protections for technology consumers in modern society, yet it remains remarkably under-appreciated. This commentary explores the consumer protections for mHealth apps and related technologies provided by the FTC, describing in Part II key aspects of the FTC’s structure and authority, highlighting in Part III the recent activities to promote competition and consumer protection with mHealth apps and enforcement actions the FTC has taken against app developers, and proposing in Part IV modest policy recommendations to strengthen its powers as a formidable consumer watchdog.
II. FTC Structure and Consumer Protection Authority
The FTC — or Federal Technology Commission as it has been dubbed critically on occasionReference Fung and Tene8 — has a 105-year-old historyReference Hoofnagle9 that illustrates it is, by design, poised and primed to address the rapidly changing and emerging technologies and accompanying uncertainty. Indeed, the FTC has, since its inception, been the arbiter of technology. As legal scholar Christopher Hoofnagle has remarked, “Saying that the FTC has suddenly become a technology regulator is … ahistorical. It treats technology as something that exists today, forgetting the innovation and social implication of technology from decades past.”10
The FTC was created in 1914 with the enactment of the Federal Trade Commission Act11 and began its work six months later in March 1915.12 Organizationally, the FTC consists of the Bureau of Competition, Bureau of Consumer Protections, and Bureau of Economics13 and is led by a bipartisan group of five commissioners (no more than three may be affiliated with the same political party) who are appointed by the President subject to confirmation by the Senate to serve seven-year, staggered terms.Reference Ramirez14 The creation of the FTC has itself been described as a “radical innovation,”15 given the breadth of powers (a mix of judicial, legislative, and executive functions) that were entrusted and delegated to a single governmental agency to carry out its mission.16
Pressure for federal privacy policy reform in the U.S. is arising domestically from the individual states setting their own consumer privacy (e.g., California) and data broker transparency (e.g., Vermont) approaches and internationally from countries setting their own data protection approaches (e.g., the European Union’s General Data Protection Regulation and China’s Cybersecurity Law and Information Security Technology — Personal Information Security Specification). While this attention is merited and while the FTC can enforce data privacy and security via the FTCA, the consumer protections afforded by the FTC go far beyond privacy and data-related issues.
Scholars and policymakers have been giving fresh attention to the FTC’s ability to serve as the nation’s primary privacy regulator, increasingly recognizing that the deluge of data raises important questions about appropriate limits on data practices and whether the sector-specific federal approach to privacy rights in the United StatesReference Zimmerman17 remains workable. Pressure for federal privacy policy reform in the U.S. is arising domestically from the individual states setting their own consumer privacy (e.g., California)Reference Stephens18 and data broker transparency (e.g., Vermont)Reference Melendez19 approaches and internationally from countries setting their own data protection approaches (e.g., the European Union’s General Data Protection Regulation and China’s Cybersecurity Law and Information Security Technology – Personal Information Security Specification). While this attention is merited and while the FTC can enforce data privacy and security via the FTCA, the consumer protections afforded by the FTC go far beyond privacy and data-related issues.
With the creation of the FTC in 1914, Congress charged the agency with an inherently compound mission: to promote fairness and competition in the marketplace. Initially Section 5 of the FTCA focused the FTC on the prevention of “unfair methods of competition in commerce.” In 1931 the U.S. Supreme Court narrowly interpreted this phrasing to imply that the statute protected businesses (not consumers directly) and thwarted FTC action against unfair business tactics (no matter how repugnant or egregious) unless there was corresponding harm to business competitors.20 Congress responded in 1938 with passage of the Wheeler-Lea Amendments that specifically allowed the FTC to prevent not only “unfair methods of competition” but also “unfair or deceptive acts or practices.”21 By maintaining broad statutory language in Section 5 even with these changes, Congress reiterated its commitment to empowering the FTC to be adaptive, able to — on a moment’s notice — promote competition and protect consumers as new circumstances require. According to Hoofnagle, skeptics of entrusting the agency with so much power were persuaded by limits imposed by the agency’s purpose being “preventative, cooperative, and not penal.”22 The FTC was further strengthened in the 1970s by judicial rulings affirming its broad powers to define unfair practices23 and by additional legislation24 enabling, for example, the agency to appear in court on its own behalf and take action against practices “in or affecting commerce.” Congress pushed back and adjusted the agency’s powers in 1980 when it perceived the FTC to be overzealous in its efforts, imposing limitations on the FTC’s rulemaking authority, asserting the potential for legislative veto, and declining to reauthorize the agency until 1994.Reference Beales25
This historical context of how the current FTCA prohibits “[u]nfair methods of competition in or affecting commerce, and unfair or deceptive acts or practices in or affecting commerce”26 and the refinement of the FTC’s powers over time makes abundantly clear that the FTC is the agency uniquely situated, capable, and qualified to address the challenges raised by technological innovations. Whenever Congress is either oblivious to the issues, at an impasse over how to address them, or perhaps even distracted by unrelated pressing matters, the FTC has existing statutory authority to take the first steps. This is what distinguishes the FTC from other agencies that have to wait for congressionally delegated powers to respond to most technological innovations. For example, in the absence of congressional action, the Food and Drug Administration (FDA) has performed mental gymnastics to contort direct-to-consumer genomic interpretation and predictive algorithms as “medical devices” in order to act within the boundaries of its authority specifically defined in the Food Drug and Cosmetic Act (FD&C Act).Reference Wagner, Wagner, Guerrini, Wagner, Nelson, Javitt and McGuire27 Similarly, in the area of wearables and other “internet of things” consumer products, the Consumer Product Safety Commission (CPSC) has a limited focus on protecting consumers from physical injuries only.28 In this extraordinary and essential “first responder” role, the FTC should be brave and bold, taking swift and decisive actions that promote businesses and protect consumers. This approach allows technologies and industries to mature without extensive governmental meddling and allows a better assessment of whether existing laws are sufficient or whether new specific legislation is necessary.
The FTC’s Bureau of Competition and Bureau of Consumer Protection work in tandem to “facilitate the exercise of consumer sovereignty,” with the former ensuring that business practices do not artificially restrict options available to the consumers and the latter ensuring that business practices do not obstruct the consumers’ abilities to choose from among the available options.Reference Averitt and Lande29 Importantly, with its preventative mission, the FTC is able to take action even before harms occur from practices violating the FTCA. Furthermore, the FTC has numerous tools at its disposal, including the ability to host workshops; conduct research; generate reports and white papers; publish consumer advisories, brochures, and educational materials; file amicus briefs; investigate individual corporations to gain insights about specific industries and otherwise hidden business practices; develop formal rules and standards for entire industries; issue guidance; publish press releases; monitor consumer complaints; prosecute alleged violations; adjudicate matters; and supervise business compliance with contracts.Reference Solove and Hartzog30 Through its enforcement of Section 5 of the FTCA, the FTC works to ensure that business practices are free from a wide variety of undesired conduct, including unfairness, deception, unsubstantiated claims, false advertising, and anti-competitive activities.31 Examples of violations include price fixing, predatory pricing, anticompetitive mergers, unreasonable horizontal or vertical restraints, overt coercion, undue influence, deception, and incomplete or confusing information.Reference Pardau and Edwards32
In the mHealth app space, anti-competitive practices relate to platform dynamics (e.g., Apple, Google, etc.) and how a powerful few corporations might hold consumers captive, monopolize the entirety of a mobile device user’s experience, control consumer access to apps or data they generate, limit the rate of innovation or app options by dictating app features, and more.Reference Pasquale and Pasquale33 FTC commissioners have acknowledged, for example, that “[d]ata are a competitive asset” and that network effects can “lead to barriers to entry that grow over time rather than diminishing.”Reference McSweeney and O’Dea34 The FTC watches out for methods of competition that would lower the quality, raise the prices, reduce choices, and reduce rates of innovation. Unfairness in the mHealth app space includes (but is not limited to) lax data security and privacy measures.35 While the FTC has under-utilized the unfairness doctrine in the past 20 years, it is particularly poised for a comebackReference Hirsch and Harrison36 and would proceed in predictable ways given the standard is codified (enabling the FTC to act when an act or practice “causes or is likely to cause substantial injury to consumers which is not reasonably avoidable by consumers themselves and not outweighed by countervailing benefits to consumers or competition.”).37 Importantly for mHealth app developers, the FTC continues to show a tendency to use deception principles,Reference Keegan and Schroeder38 and the FTC’s standard for proving deception does not require the agency to establish intentions to deceive or actual deception; rather, the FTC must show that a material representation, omission, or practice is likely to mislead a consumer and this standard is viewed from the perspective of a reasonable consumer.39 Substantiation of claims is related to deceptive practices and false advertising, and the FTC will consider numerous factors to determine the veracity of a claim.40 In the mHealth space, this could include the FTC specifying the science41 that must be available at the time a claim is made to support purported health benefits.
III. FTC Enforcement Activities Involving mHealth Apps
As briefly summarized in this section, the FTC has been relatively active in its approach to mHealth apps, engaging in targeted enforcement against app developers who engage in deception and false advertising; providing guidance and interactive tools to assist app developers; issuing relevant reports; and hosting a range of topical workshops and hearings.
A. Cases and Proceedings Involving mHealth Apps
The FTC has taken selective enforcement action against at least seven mHealth app providers.
1. acneapp and acne pwner
The FTC’s first case involving mHealth apps occurred in 2011 (when the FTC was chaired by Jon Leibowitz) and involved apps known as “AcneApp” and “Acne Pwner.”42 The matter was handled as an administrative matter, a proposed consent agreement was filed concurrently with the administrative complaint, and the final settlement was approved unanimously (5-0) by the commissioners a month later.43 According to the FTC, the AcneApp was sold deceptively in the Apple iTunes Store for $1.99 and was downloaded 11,600 times, and the Acne Pwner app was sold in the Google Android Marketplace for $0.99 and downloaded 3,300 times.44 The apps instructed consumers to hold their smartphone display against their skin for a few minutes daily so that the app could emit blue and red alternating lights,45 and the marketing statements and depictions claimed or suggested the apps cured acne, were developed by a dermatologist, and backed by a published scientific study.46 The terms of the settlement agreement barred the developers from making any acne-treatment claims about their apps and from misrepresenting science and required the developers to pay the FTC a combined amount of $15,994 (i.e., $14,294 to be paid by one defendant and $1,700 to be paid by the other).47 The FTC noted that substantiation of any health-related claims for the apps could only be made if the claims were substantiated by “competent and reliable scientific evidence” consisting of “at least two adequate and well-controlled human clinical studies” that were “conducted by different researchers.”48 Notably, the display screen for the AcneApp prior to purchase instructed consumers to use the app “to improve skin health” and included a disclaimer that the app was “for entertainment purposes only.”49
2. melapp and mole detective
The second case and proceeding taken by the FTC against mHealth app developers occurred four years later (when the FTC was chaired by Edith Ramirez) and also involved deceptive dermatological claims. The FTC commission voted 4-1 on these enforcement actions against MelApp and Mole Detective.50 The actions against the developer of MelApp were handled administratively51 whereas the actions against the providers of Mole Detective were handled in federal court.52 According to the FTC, the apps were sold for up to $4.99 in the Google and Apple app stores; consisted of using a smartphone camera to take a photograph of any moles and input relevant consumer-provided-information into the app to assess whether the mole had a low, medium, or high risk of melanoma and detect melanoma at early stages.53 The FTC argued that the claims were deceptive and unsubstantiated, and the settlement terms entered a total monetary judgment to the FTC from the app providers for $62,553.42 collectively ($58,623.42 from one provider and $3,930 from the others) and banned the app providers from making any health-related claims unless they are supported by “competent and reliable scientific evidence that is sufficient in quality and quantity based on standards generally accepted in the relevant scientific fields…”54 Commissioner Maureen K. Olhausen dissented, expressing her belief that the FTC’s order imposed an excessive substantiation requirement when applied to the claims made by the developers and without extrinsic evidence as to how consumers interpreted the claims (e.g., whether they expected the app to be as accurate as a medical professional in diagnosis of melanoma) and that this requirement would ultimately have a chilling effect on mHealth apps and useful health information for consumers.55 She warned that the FTC should not assume that an mHealth app has been or would be interpreted by consumers to be a suitable substitute for professional medical care unless there are “express claims, clearly implied claims, or extrinsic evidence” to that effect.56
3. ultimeyes
In late 2015, the FTC initiated an administrative enforcement action (with the commissions in unanimous, 4-0, agreement) against the providers of Ultimeyes, an online and mobile app that involved visual exercises, was advertised as “scientifically shown to improve vision” and as reducing the need for wearing corrective lenses, and was sold for between $5.99 and $9.99 on the company’s website and in the Apple App Store and Google Play Store.57 Again, the central focus of the FTC was on the deceptive and unsubstantiated health-related claims that were made. The final settlement, which was approved in February 2016, required the providers to stop marketing the app with health claims unless they possessed “competent and reliable scientific evidence” (i.e., “randomized, double-blind, and adequately controlled” studies) supporting the claims; to pay $150,000 to the FTC, to disclose any affiliations that the company has with any researchers of studies purporting to support their claims and with any individuals providing endorsements for their app.58 The proposed settlement of this matter prompted dozens of comments from experts who expressed concern about the FTC’s insistence on double blinded studies to prove health claims, although Commissioner Ohlhausen explained in a concurring statement that the settlement agreement is not as rigid or onerous as commenters worry.Reference Ohlhausen59
4. lumosity
In 2016 the FTC took enforcement action against the Lumos Labs, the provider of Lumosity.60 The FTC challenged the company’s sales pitch (which was promoted widely on radio, television, and online media) that suggested consumers who play one of its 40 games, sold via online and mobile subscriptions (e.g., a monthly subscription for $14.95 or a one-time “lifetime” subscription for $299.95), would experience improved work or school performance and avoid memory loss or age-related cognitive decline and also took issue with the company’s failure to disclose that testimonials were solicited with prizes.61 The commissioners unanimously (4-0) agreed to the FCT action filed in federal court and to the settlement that required the company to pay $2 million dollars, required the company to notify existing customers to give them an easy way to cancel their subscriptions to avoid auto-renewal charges, and barred the company from making similar deceptive claims in the future by requiring any claims to have proper substantiation.62 Commissioner Julie Brill filed a concurring statement underscoring her concern that consumers of “brain training” products in particular could be easily misled by advertising messages regarding their efficacy and that rigorous scientific proof is required for health-related claims to be supported properly.Reference Brill63
5. instant blood pressure app
Despite vacancies at the Commission,64 the FTC continued to pay attention to mHealth apps and, in December 2016, took unanimous (3-0) action in federal court against the providers of the Instant Blood Pressure (IBP) app.65 According to the complaint, the app was sold online and via the Apple App Store and Google Play Marketplace for $3.99 or $4.99 and generated over $600,000 in sales over a one-year period. To measure blood pressure with this app, a user was to place the right index finger on the smartphone’s camera while holding the base of the smartphone over the heart.66 The FTC argued the app was deceptive in its claims that the app could measure blood pressure as accurately as a traditional cuff method and also deceptive in its use of endorsements that failed to disclose affiliations that the individuals endorsing the app had to the company (e.g., 5-star app ratings were given by the CEO/President and by the Chairman of the board and co-founder), which affect the credibility of the endorsements.67 The stipulated settlement required the providers to (1) stop marketing their app as measuring blood pressure or being suitable as a replacement for a traditional blood pressure cuff unless they have, at the time of making the claim, scientific evidence demonstrating the claim is true; (2) stop misleading consumers with endorsements lacking clear and conspicuous disclosures of any affiliations between the individuals providing the endorsement and the app company; and (3) pay $595,945.27 to the FTC.68
6. breathometer apps
In 2017 the FTC took unanimous (3-0) action in federal court against the providers of the Breathometer Original and Breeze apps.69 The Original and Breeze apps and related accessories (the former connecting through the audio jack and the latter being Bluetooth-enabled) appeared on the television show “SharkTank,” were sold online by Amazon, BestBuy, and Brookstone for $49.99 and $99.99, respectively, and ultimately generated gross sales of $5.1 million dollars ($3.1 million for the Original and $2 million for the Breeze).70 This breathalyzer mHealth technology instructed users to connect the device to their smartphone, download the app, and blow into the device, and purported to display the blood alcohol content (BAC) of the consumer within five seconds.71 The FTC challenged the company’s claims that the app had “government-lab grade testing” accuracy and alleged the app developers knew that the mHealth technology under-estimated BAC, had no way to calibrate the mHealth technology in the field to correct the problem, continued allowing retailers to sell the tests and keeping the app live even after the problem was discovered, and failed to notify retailers and consumers.72 The settlement bars the mHealth technology providers from re-enabling their app’s breathalyzer functions and bars them from making any claims that the technology has been scientifically or clinically proven or that they claims have been proven by government lab-grade testing; and requires the providers to notify consumers and issue refunds to those requesting the refund (and to pay the FTC the difference between $1million and the amount of consumer refunds processed).73 For claims about the breathalyzer’s accuracy being as accurate as “law-enforcement grade” products to be truthful and substantiated, the settlement further specified that the demonstration of accuracy must be shown via the Department of Transportation’s Model Specifications for Devices to Measure Breath Alcohol, and Commissioner Ohlhauser issued a concurring statement to explain that this settlement did not establish an industry-wide substantiation standard.Reference Ohlhausen74
7. pact app
The FTC was down to only a pair of Commissioners by the time it took action against the providers of the Pact App in September 2017.75 The FTC handled this matter in district court, filing the complaint and the proposed settlement the same day.76 According to the FTC, the Pact App was designed to help consumers commit to diet and exercise, enabling users to set weekly goals (which would carry over week-to-week unless settings were changed by the user) and subsequently imposing positive or negative reinforcement of behavior that fulfilled or fell short of the goals set: users who missed their weekly goals were to be penalized with a fee of between $5 and $50 for each activity missed, while those who met their weekly goals were to be rewarded with a share of the proceeds collected by those penalized.77 The gist of the FTC’s complaint was that the operators of the Pact App were misleading in their billing and rewards scheme and that they did not live up to their promises and billed users even when goals were met, technical problems were experienced, or accounts were deleted.78 The complaint alleged violations of the FTCA as well as the Restore Online Shoppers’ Confidence Act, a statute barring the use of negative options (i.e., wherein continued acceptance of the provision of goods or services is assumed by a consumer’s silence) unless the material transaction terms are “clearly and conspicuously” disclosed upfront and also alleged that the app’s operators were aware of billing problems.79 The settlement bars the app providers from making misrepresentations about how they charge consumers, bars them from charging consumers unless they have “the consumers’ express, informed consent”; requires them to make specific disclosures in order to provide negative options; and requires them to pay a $1.5 million settlement fee with $948,788 to be issued as refunds to consumers who have already complained about billing problems they experienced.80
In sum, these seven distinct enforcement activities, while not an exhaustive review of all enforcement efforts related to the Office of Technology Research and Investigation,81 reveal recurrent themes. The FTC has focused on preventing consumers of mHealth apps from (1) being misled by false or deceptive advertising, (2) being fooled by app ratings and endorsements made by individuals with conflicts of interest, (3) being misled by misrepresentations of the science; (4) incurring unexpected fees charged in confusing ways; and (5) being kept in the dark about technical problems interfering with the app’s performance or recalibration. The FTC has not yet focused much on anti-competition or unfairness issues thus far in the mHealth app space, but that might change in the near futureReference Kang82 — especially when one considers the data practices that have been outside the scope of this general overview of consumer protections.Reference Andrews, Terry, McKinnon, Grimaldi, Syrett, Isaac, Singer, Durkee, Wakabayashi, Benner and Lohr83
B. Relevant Guidance and Tools for App Developers, Reports, and Hearings
In an effort to promote business and innovation and best practices in the marketplace, the FTC has collaborated with agencies with overlapping and adjacent subject matter jurisdictions (including the Federal Communications Commission or FCC)Reference Eisenach, Gotts, Fair, Ross and Vorhaus84 to develop guidance and tools for mHealth app developers. For example, in 2016 the FTC created an interactive tool for mHealth app developers in collaboration with the Office of the National Coordinator for Health Information Technology (ONC), the Office for Civil Rights (OCR), and the FDA. The tool walks app developers through a series of 10 questions to help identify which laws might apply to an app and also provides hyperlinks to tips for protecting consumers’ privacy and data security.85 Also in 2016, the FTC published “Best Practices” on its website, enumerating eight specific practices that can help mHealth app developers with privacy and security design issues: (1) “Minimize data;” (2) “Limit access and permissions;” (3) “Keep authentication in mind;” (4) “Consider the mobile ecosystem;” (5) “Implement security by design;” (6) “Don’t reinvent the wheel;” (7) “Innovate how you communicate with users;” and (8) “Don’t forget about other applicable laws.”86
Several recent FTC reports are useful to businesses and consumers of mHealth apps and related technologies,87 including “Mobile Privacy Disclosures: Building Trust Through Transparency” issued in 2013; “Data Brokers: A Call for Transparency and Accountability” issued in 2014; “Careful Connections: Building Security in the Internet of Things” issued in 2015, “Big Data: A tool for inclusion or exclusion? Understanding the issues” issued in 2016, and “The Sharing Economy: Issues Facing Platforms, Participants & Regulators” issued in 2016.
In addition to the relevant guidance, tools, and reports, the FTC has held a series of 14 public hearings on “Competition and Consumer Protection in the 21st Century.88 Through these hearings, the FTC demonstrated a serious commitment to learning from experts on issues that will undoubtedly inform the approach the FTC takes to advance competition and consumer protection in mHealth technologies.
IV. Conclusions and Policy Recommendations
The FTC is an extraordinary agency with broad powers that enable it to be adaptive, proactive, and rapidly responsive (if it so chooses). This is in stark contrast to most administrative agencies, which must carry out their policy missions within rigid, fixed boundaries. The FTC embodies the “flexibility and practicality” needed by Congress for implementing policies to ensure fairness in emerging technologies and markets89 and necessarily must consider new practices “as they arise in the light of the circumstances in which they are employed.”90 As FTC Commissioners Rohit Chopra and Rebecca Slaughter have observed, “It was no accident that, over one hundred years ago… Congress wanted an expert administrative agency with broad and flexible authority to ‘hit at every trade practice, then existing or thereafter contrived, which restrained competition or might lead to such restraint if not stopped in its incipient stages.’”91
The few enforcement actions taken against app developers have focused on deceptive practices; however, a shift in focus toward anti-competitive business methods and unfair practices is needed. Few technology platforms (such as Google and Apple) dominate the market, shaping opportunity for both consumers and businesses. The FTC should look not only at the app developers but upstream to the technology platforms when searching for effective means with which to promote fairness and competition for mHealth apps.
There are, however, challenges on the horizon for the FTC. Despite all of the activities that the FTC has done in the past decade to promote competition and ensure consumer protections in mHealth apps, the positionReference Chopra and Slaughter92 of FTC Chief Technologist has been vacant since April 2018, and it remains unclear as to whether the current FTC Chairman Joseph J. Simons will fill that vacancy or pivot the FTC in a different direction.Reference Wood93 The Office of Technology Research and Investigation (OTech), created in 2015, has gone silent on its webpage and Tech@FTC blog,94 and the FTC reportedly only employs five full-time technologists.95 Additionally, Congress appears interested in tweaking the FTC’s authority,96 but it is not yet clear whether the result will augment or limit the FTC’s efforts relevant to mHealth technologies: changes to the FTCA to make it easier for the FTC’s oversight to reach non-profit entities (e.g., to challenge anti-competitive price-fixing within the health care industry) and common carriers (e.g., to regulate technology platforms more effectively in coordination with the FCC) and to impose civil penalties (e.g., for data privacy violations) would be welcomed, but other proposed changes could inhibit the FTC’s agility that goes to the core of its mission.97 Furthermore, while many recognize that the FTC has scant resources with which to fulfill its tremendous responsibilities and acknowledge the FTC was in deregulatory crosshairs in decades past,Reference Hoofnagle, Hartzog and Solove98 new calls for an expansion of the FTC’s powers — as opposed to clarifying them delicately and with specificity — just might invite the Supreme Court’s revival of the nondelegation doctrine,Reference Sohoni, Stern, Zoldan and Hickman99 which could jeopardize the FTC’s very existence. Complementary consumer protections are available among the states and enforced by state Attorneys General,100 but a weakened or dismantled FTC could have catastrophic effects for consumers and businesses in mHealth. Champions of the FTC and its work might be wise to exercise restraint in their requests of Congress at this time.
As highlighted in Part III, much of the FTC’s activities taken thus far regarding mHealth apps have focused on providing reports and tools to educate consumers and app developers on important priorities (e.g., privacy by design and anti-discrimination by design). The few enforcement actions taken against app developers have focused on deceptive practices; however, a shift in focus toward anti-competitive business methods and unfair practices is needed. Few technology platforms (such as Google and Apple) dominate the market, shaping opportunity for both consumers and businesses. The FTC should look not only at the app developers but upstream to the technology platforms when searching for effective means with which to promote fairness and competition for mHealth apps. Whether consumers and businesses would be better off if these technology giants were broken up, or, alternatively, if it would be more effective for the FTC to leverage the app stores (wielding considerable control over which apps are made readily available to consumers) to spread best practices is yet unclear. Technology platforms dominating the electronic health record market through health care system partnerships (such as Epic) are also ripe for FTC anti-competitive scrutiny. By focusing efforts on the technology platforms, the FTC might help consumers and businesses while avoiding supervisory burdens that would accompany settlement agreements and consent decrees with individual mHealth app developers. The unfairness doctrine also holds considerable potential to help prevent the proliferation of Big Data-driven discrimination facilitated by data generated by mHealth apps and subsequent processing by data brokers.
Ultimately, a pro-science, pro-consumer, pro-business, and pro-innovation future for mHealth apps is possible, but we need the FTC to realize it.
Acknowledgments
The author acknowledges with gratitude Mark Rothstein and John Wilbanks (PIs) for organizing the MobileELSI project and working group and further thanks the investigators for the opportunity to participate in the working group meetings. The content of this article is the author’s responsibility and might not represent the official views of the author’s funding sources, employers, clients, or any other person or entity. The author is a member of the Scientific Advisory Board for Sage Bionetworks and has been part of a Geisinger and AstraZeneca collaboration to develop an mHealth app.
Research on this article was funded by the following grant: Addressing ELS Issues in Unregulated Health Research Using Mobile Devices, Federal Award Identification Number (FAIN) 1R01CA20738-01A1, National Cancer Institute, National Human Genome Research Institute (NHGRI), and Office of Science Policy and Office of Behavioral and Social Sciences Research in the Office of the Director (OD), National Institutes of Health (NIH), Mark A. Rothstein and John T. Wilbanks, Principal Investigators.
