Kids app developers are doing a better job of notifying users as to what information is being collected and with whom it is shared, and on telling parents about the apps’ practices, FTC Mobile Technology Unit Chief Kristin Cohen and FTC Paralegal Specialist Christina Yeung wrote in a blog post Thursday. It followed the conclusion of the FTC Office of Technology Research and Investigations’ follow-up survey on kids apps. Surveys from 2012 found many apps shared kids’ information with third parties without notifying parents, and parents had little to no access to information about the apps’ privacy practices, an FTC news release said Thursday announcing a series of blog posts that included the survey’s findings. “The new survey looked at 364 kids’ apps in Google Play and the Apple App Store, and in today’s post the FTC examined what privacy disclosures are available to parents,” the release said. One-hundred sixty-four “of them (45%) had privacy policies that could be viewed from a direct link on the app store page,” Cohen and Yeung said. “An additional 38 include privacy policies in harder-to-find places -- for example, within the app or on the app developer’s webpage,” they said. “We don’t know for certain why there has been an increase in easy-to-locate privacy policies since our last survey, but a few factors may have contributed to this welcome development,” like widening the definition of children’s personal information under the Children’s Online Privacy Protection Act, and an agreement between California and major mobile platform providers to have a privacy policy available, Cohen and Yeung said. “Whatever the reasons for the increase in direct links to kids’ app privacy policies, it’s a step in the right direction,” they wrote. “That said, a significant portion of kids’ apps still leave parents in the dark about the data collected about their children -- so there’s more work to be done.”

Spotify took note of positive feedback after the company’s commitment (see 1508210044) to write its privacy policy in plain language and decided to incorporate a plain-language introduction to the privacy policy itself, wrote Spotify CEO Daniel Ek in a blog post Thursday. “The Introduction is intended to be a clear statement of our approach and principles about privacy,” Ek said. Spotify provides more detail in the body of the policy, but its fundamental privacy principles are outlined in the Introduction, he said.

Strong security and end-user controls are “critical to protect personal information,” FTC Commissioner Terrell McSweeny wrote in a blog for the Huffington Post Thursday. “Most of us are just beginning to be aware of the amount of sensitive information we are sharing or transmitting each time we download a new app or connect up a new wearable, sensor, household appliance or device.” With estimates of 25 billion to 50 billion connected devices by 2020, that's a “target rich environment for bad actors,” she said. Companies collecting and storing data have an obligation to secure it and should do more to protect against breaches, she said. The FTC is urging companies to embrace security by design because the impact of major breaches may be reduced the more users’ data and communications are encrypted end to end, but there's no such thing as perfect security, McSweeny said. “Each of us can play an important role in protecting our information on laptops, desktops, and smartphones by using strong end-user controls, such as disk encryption and firmware passwords.” McSweeny encouraged policymakers to “carefully weigh the potential impact” of requiring “back doors,” saying if consumers don’t trust the security of their devices, innovation could be stymied and privacy and security protections could be weakened for consumers.

AOL agreed to buy end-to-end mobile monetization platform Millennial Media, the acquirer said in a news release Thursday. AOL, which was recently acquired by Verizon (see 1505120019), said its buy of Millennial Media will enhance the advertising scale of its mobile-first programmatic platform, One, and bring more than 65,000 apps currently using Millennial Media's platform to its publisher suite of offerings. Jennifer Fritzsche, Wells Fargo analyst, emailed investors that the acquisition values Millennial Media at nearly $238 million, and is "designed to strengthen Verizon and AOL's programmatic advertising platform as it prepares to launch" Verizon's over-the-top video service (see 1506230044). The transaction is expected to close this fall, AOL said, and will make Millennial Media a wholly owned AOL subsidiary.

The FTC approved its final order against retail location tracker Nomi Technologies, after the close of the public comment period, the agency said in a news release Thursday. Nomi was accused of misleading consumers about the available choices to opt out of the company’s mobile device tracking program (see 1504230036) and will now be “prohibited from misrepresenting consumers’ options for controlling whether information is collected, used, disclosed or shared about them or their computers or other devices, as well as the extent to which consumers will be notified about information practices,” the release said. The commission vote to approve the final order was 3-1, with Commissioner Maureen Ohlhausen dissenting. Commissioner Julie Brill issued a statement saying “this order provides companies with an incentive to periodically review the statements they make to consumers, and make sure their practices line up with those statements.” Brill said Ohlhausen “expresses concern that our order will deter companies from offering privacy choices in the marketplace,” but it’s because of the order that Nomi no longer offers a deceptive choice. In her dissenting statement, Ohlhausen said the enforcement action may “undermine the FTC’s own established privacy goals,” saying commenters (see 1505270012) generally agreed the order would “diminish companies’ incentives to be transparent about their privacy practices,” and would “discourage companies from offering privacy choices to consumers.” Brill tweeted Thursday that the order makes the point that “basic consumer protection principles apply to new technologies.” Nomi had no comment.

The FTC agreed to settle deceptive advertising charges against Machinima, an online entertainment network, it said in a news release Wednesday. Machinima allegedly paid “influencers” to post YouTube videos endorsing Microsoft’s Xbox One system and several games, but the influencers didn’t disclose that they were paid for their reviews, the release said. Under the proposed settlement, Machinima is prohibited from similar deceptive conduct and is required to ensure influencers clearly disclose when they're compensated, it said. “When people see a product touted online, they have a right to know whether they’re looking at an authentic opinion or a paid marketing pitch,” said FTC Consumer Protection Bureau Director Jessica Rich. The vote to issue the complaint and accept the proposed consent order for public comment was 5-0. Comments on the proposed settlement will be accepted until Oct. 2, after which a decision on making the consent order final will be made.

As President Barack "Obama prepares to welcome Chinese President Xi to the White House this month, cybersecurity concerns should be a priority topic of discussion,” wrote Information Technology Industry Council resident China trade policy expert John Lenhart on an ITI blog Wednesday. “U.S. and Chinese frustrations continue to run high due to concerns over Chinese involvement in the recent high-profile hack of the Office of Personnel Management, as well as continued Chinese concerns following the revelations of former NSA contractor Edward Snowden,” Lenhart said. “But pursuing actions of escalation would only serve to widen the divide between the two countries.” Strong and constructive engagement during the presidential summit would best be focused in a few key areas like committing to market competition and free trade, establishing consultative cybersecurity mechanisms, and addressing policies that create barriers to interconnectivity, Lenhart said. “The two countries cannot allow further escalation of cyber-tensions, as it threatens to undermine the mutually beneficial policies of commercial engagement we have enjoyed for the past 35 years.”

Google released Chrome v 45.0.2454.85 to address multiple vulnerabilities for Linux, Mac and Windows, said a U.S. Computer Emergency Readiness Team alert Tuesday. Exploitation of the vulnerabilities may allow an attacker to take control of an affected system, it said.

Individuals staying at Hilton hotels can now schedule Uber rides to the hotel through reservation emails prior to an upcoming trip, Uber said in a news release Tuesday. Uber said the two companies also plan to launch a new "Local Scene" feature in the Hilton HHonors rewards program app in late September that will connect users to restaurants and "local hot spots" frequently visited by Uber riders in 20 U.S. cities.

President Barack Obama took over the White House Instagram account Monday, posting a photo from Air Force One with the caption “Incredible view as we near Anchorage.”