FTC Warns Background Screening Mobile Apps May Be Unlawful
The Federal Trade Commission this week said it sent letters to six unidentified mobile applications makers warning them that their background screening apps may be violating federal statutes.
Tue, February 07, 2012
Network World — The Federal Trade Commission this week said it sent letters to six unidentified mobile applications makers warning them that their background screening apps may be violating federal statutes.
Specifically the FTC said if the app makers have reason to believe their background reporting apps are being used for employment screening, housing, credit, or other similar purposes, they must comply with the Fair Credit Reporting Act which is supposed to protect consumer privacy and ensure that the information supplied by consumer reporting agencies is accurate.
More on high-tech crime: From Anonymous to Hackerazzi: The year in security mischief-making
According to the FTC, some of the apps include criminal record histories, which bear on an individual's character and general reputation and are precisely the type of information that is typically used in employment and tenant screening.
Under the FCRA, operations that assemble or evaluate information to provide to third parties qualify as consumer reporting agencies, or CRAs. Mobile apps that supply such information may qualify as CRAs under the Act. CRAs must take reasonable steps to ensure the user of each report has a 'permissible purpose' to use the report; take reasonable steps to ensure the maximum possible accuracy of the information conveyed in its reports; and provide users of its reports with information about their FCRA obligations. In the case of consumer reports provided for employment purposes, for example, CRAs must provide employers with information regarding their obligation to provide notice to employees and applicants of any adverse action taken on the basis of a consumer report.
According to the warning letters, the FTC has made no determination whether the companies are violating the FCRA, but encourages them to review their apps and their policies and procedures to be sure they comply with the FCRA. Future actions against those firms weren't ruled out if violations are found.
The letter reads:
Dear XXX:
This letter concerns your company's mobile application(s) that may be in violation of the Fair Credit Reporting Act ("FCRA"),1 a federal law enforced by the Federal Trade Commission ("FTC").
Under the FCRA, a company is a consumer reporting agency ("CRA") if it assembles or evaluates information on consumers for the purpose of furnishing "consumer reports" to third parties. Consumer reports include information that relates to an individual's character, reputation or personal characteristics and are used or expected to be used for employment, housing, credit, or other similar purposes. For example, when companies provide information to employers regarding current or prospective employees' criminal histories, they are providing "consumer reports" because the data involves the individuals' character, general reputation, or personal characteristics. Such companies, therefore, are acting as CRAs in this capacity and must comply with the FCRA.
