Welcome!

News Feed Item

Apple Inc. Will Provide Full Consumer Refunds of At Least $32.5 Million to Settle FTC Complaint It Charged for Kids' In-App Purchases Without Parental Consent

Company Also Will Modify its Billing Practices Under FTC Settlement

WASHINGTON, Jan. 15, 2014 /PRNewswire-USNewswire/ -- Apple Inc. has agreed to provide full refunds to consumers, paying a minimum of $32.5 million, to settle a Federal Trade Commission complaint that the company billed consumers for millions of dollars of charges incurred by children in kids' mobile apps without their parents' consent.

Under the terms of the settlement with the FTC, Apple also will be required to change its billing practices to ensure that it has obtained express, informed consent from consumers before charging them for items sold in mobile apps.

"This settlement is a victory for consumers harmed by Apple's unfair billing, and a signal to the business community: whether you're doing business in the mobile arena or the mall down the street, fundamental consumer protections apply," said FTC Chairwoman Edith Ramirez.  "You cannot charge consumers for purchases they did not authorize."

The FTC's complaint alleges that Apple violated the FTC Act by failing to tell parents that by entering a password they were approving a single in-app purchase and also 15 minutes of additional unlimited purchases their children could make without further action by the parent. 

Apple offers many kids' apps in its App Store that allow users to incur charges within the apps. Many of these charges are for virtual items or currency used in playing a game.  These charges generally range from 99 cents to $99.99 per in-app charge.

The complaint alleges that Apple does not inform account holders that entering their password will open a 15-minute window in which children can incur unlimited charges with no further action from the account holder. In addition, according to the complaint, Apple has often presented a screen with a prompt for a parent to enter his or her password in a kids' app without explaining to the account holder that password entry would finalize any purchase at all.

The rapidly expanding mobile arena has been a focus of the Commission's consumer protection efforts. In addition to its consumer protection enforcement activity in the mobile sphere, last year, the FTC issued staff reports addressing mobile payments and providing recommendations for the mobile industry on how to protect consumers as new and innovative payment systems come into use, advocating improved privacy disclosures in the mobile environment, and addressing advertising disclosures in the context of mobile devices.

In its complaint, the FTC notes that Apple received at least tens of thousands of complaints about unauthorized in-app purchases by children. One consumer reported that her daughter had spent $2,600 in the app "Tap Pet Hotel," and other consumers reported unauthorized purchases by children totaling more than $500 in the apps "Dragon Story" and "Tiny Zoo Friends." According to the complaint, consumers have reported millions of dollars in unauthorized charges to Apple.

The settlement requires Apple to modify its billing practices to ensure that Apple obtains consumers' express, informed consent prior to billing them for in-app charges, and that if the company gets consumers' consent for future charges, consumers must have the option to withdraw their consent at any time. Apple must make these changes no later than March 31, 2014.

Under the settlement, Apple will be required to provide full refunds, totaling a minimum of $32.5 million, to consumers who were billed for in-app charges that were incurred by children and were either accidental or not authorized by the consumer. Apple must make these refunds promptly, upon request from an account holder. Apple is required to give notice of the availability of refunds to all consumers charged for in-app charges with instructions on how to obtain a refund for unauthorized purchases by kids. Should Apple issue less than $32.5 million in refunds to consumers within the 12 months after the settlement becomes final, the company must remit the balance to the Commission.

The Commission vote to accept the consent agreement package containing the proposed consent order for public comment was 3-1, with Commissioner Wright voting no. Chairwoman Ramirez and Commissioner Brill issued a joint statement, and Commissioner Ohlhausen issued a separate statement. Commissioner Wright issued a dissenting statement.

The FTC will publish a description of the consent agreement package in the Federal Register shortly. The agreement will be subject to public comment for 30 days, beginning today and continuing through Feb. 14, 2014, after which the Commission will decide whether to make the proposed consent order final. Interested parties can submit written comments electronically or in paper form by following the instructions in the "Invitation To Comment" part of the "Supplementary Information" section. Comments in electronic form should be submitted online and following the instructions on the web-based form. Comments in paper form should be mailed or delivered to: Federal Trade Commission, Office of the Secretary, Room H-113, 600 Pennsylvania Avenue, N.W., Washington, DC 20580. The FTC is requesting that any comment filed in paper form near the end of the public comment period be sent by courier or overnight service, if possible, because U.S. postal mail in the Washington area and at the Commission is subject to delay due to heightened security precautions.

NOTE: The Commission issues an administrative complaint when it has "reason to believe" that the law has been or is being violated, and it appears to the Commission that a proceeding is in the public interest. When the Commission issues a consent order on a final basis, it carries the force of law with respect to future actions. Each violation of such an order may result in a civil penalty of up to $16,000.

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them.  To file a complaint in English or Spanish, visit the FTC's online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357).  The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 2,000 civil and criminal law enforcement agencies in the U.S. and abroad.  The FTC's website provides free information on a variety of consumer topics.  Like the FTC on Facebook, follow us on Twitter, and subscribe to press releases for the latest FTC news and resources.

SOURCE Federal Trade Commission

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.
WebRTC is about the data channel as much as about video and audio conferencing. However, basically all commercial WebRTC applications have been built with a focus on audio and video. The handling of “data” has been limited to text chat and file download – all other data sharing seems to end with screensharing. What is holding back a more intensive use of peer-to-peer data? In her session at @ThingsExpo, Dr Silvia Pfeiffer, WebRTC Applications Team Lead at National ICT Australia, looked at differ...
Adding public cloud resources to an existing application can be a daunting process. The tools that you currently use to manage the software and hardware outside the cloud aren’t always the best tools to efficiently grow into the cloud. All of the major configuration management tools have cloud orchestration plugins that can be leveraged, but there are also cloud-native tools that can dramatically improve the efficiency of managing your application lifecycle. In his session at 18th Cloud Expo, ...
Security, data privacy, reliability and regulatory compliance are critical factors when evaluating whether to move business applications from in-house client hosted environments to a cloud platform. In her session at 18th Cloud Expo, Vandana Viswanathan, Associate Director at Cognizant, In this session, will provide an orientation to the five stages required to implement a cloud hosted solution validation strategy.
The security needs of IoT environments require a strong, proven approach to maintain security, trust and privacy in their ecosystem. Assurance and protection of device identity, secure data encryption and authentication are the key security challenges organizations are trying to address when integrating IoT devices. This holds true for IoT applications in a wide range of industries, for example, healthcare, consumer devices, and manufacturing. In his session at @ThingsExpo, Lancen LaChance, vic...
With the proliferation of both SQL and NoSQL databases, organizations can now target specific fit-for-purpose database tools for their different application needs regarding scalability, ease of use, ACID support, etc. Platform as a Service offerings make this even easier now, enabling developers to roll out their own database infrastructure in minutes with minimal management overhead. However, this same amount of flexibility also comes with the challenges of picking the right tool, on the right ...
With all the incredible momentum behind the Internet of Things (IoT) industry, it is easy to forget that not a single CEO wakes up and wonders if “my IoT is broken.” What they wonder is if they are making the right decisions to do all they can to increase revenue, decrease costs, and improve customer experience – effectively the same challenges they have always had in growing their business. The exciting thing about the IoT industry is now these decisions can be better, faster, and smarter. Now ...
Security, data privacy, reliability, and regulatory compliance are critical factors when evaluating whether to move business applications from in-house, client-hosted environments to a cloud platform. Quality assurance plays a vital role in ensuring that the appropriate level of risk assessment, verification, and validation takes place to ensure business continuity during the migration to a new cloud platform.
"Splunk basically takes machine data and we make it usable, valuable and accessible for everyone. The way that plays in DevOps is - we need to make data-driven decisions to delivering applications," explained Andi Mann, Chief Technology Advocate at Splunk and @DevOpsSummit Conference Chair, in this SYS-CON.tv interview at @DevOpsSummit at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
In his session at @DevOpsSummit at 19th Cloud Expo, Robert Doyle, lead architect at eCube Systems, will examine the issues and need for an agile infrastructure and show the advantages of capturing developer knowledge in an exportable file for migration into production. He will introduce the use of NXTmonitor, a next-generation DevOps tool that captures application environments, dependencies and start/stop procedures in a portable configuration file with an easy-to-use GUI. In addition to captur...
Who are you? How do you introduce yourself? Do you use a name, or do you greet a friend by the last four digits of his social security number? Assuming you don’t, why are we content to associate our identity with 10 random digits assigned by our phone company? Identity is an issue that affects everyone, but as individuals we don’t spend a lot of time thinking about it. In his session at @ThingsExpo, Ben Klang, Founder & President of Mojo Lingo, discussed the impact of technology on identity. Sho...
Fact is, enterprises have significant legacy voice infrastructure that’s costly to replace with pure IP solutions. How can we bring this analog infrastructure into our shiny new cloud applications? There are proven methods to bind both legacy voice applications and traditional PSTN audio into cloud-based applications and services at a carrier scale. Some of the most successful implementations leverage WebRTC, WebSockets, SIP and other open source technologies. In his session at @ThingsExpo, Da...
A critical component of any IoT project is what to do with all the data being generated. This data needs to be captured, processed, structured, and stored in a way to facilitate different kinds of queries. Traditional data warehouse and analytical systems are mature technologies that can be used to handle certain kinds of queries, but they are not always well suited to many problems, particularly when there is a need for real-time insights.
In his session at DevOps Summit, Tapabrata Pal, Director of Enterprise Architecture at Capital One, will tell a story about how Capital One has embraced Agile and DevOps Security practices across the Enterprise – driven by Enterprise Architecture; bringing in Development, Operations and Information Security organizations together. Capital Ones DevOpsSec practice is based upon three "pillars" – Shift-Left, Automate Everything, Dashboard Everything. Within about three years, from 100% waterfall, C...
You think you know what’s in your data. But do you? Most organizations are now aware of the business intelligence represented by their data. Data science stands to take this to a level you never thought of – literally. The techniques of data science, when used with the capabilities of Big Data technologies, can make connections you had not yet imagined, helping you discover new insights and ask new questions of your data. In his session at @ThingsExpo, Sarbjit Sarkaria, data science team lead ...