On October 30, 2017, Sears Holding Management Corporation (“Sears”) petitioned the Federal Trade Commission (“FTC”) to reopen and modify the settlement to which they agreed in 2009. At that time, Sears agreed to a consent order to resolve the FTC’s complaint that Sears allegedly did not adequately disclose the scope of its collection of “online browsing” data collected from users of Sears’ desktop software application. This landmark enforcement action was one of the FTC’s first uses of its section 5 authority to regulate privacy-related disclosures and the tracking of users’ online activity.
With Sears’ petition, a company under a privacy-related consent order has for the first time asked the FTC to scale back the breadth of the order’s applicability because of changes in technology, consumer expectations, and the marketplace.
Changes in Mobile App Ecosystem and Consumer Expectations. In its petition, Sears argued that the current online marketplace demonstrates that the consent order is too broad and “does not align with today’s mobile application ecosystem and consumer expectations.” Sears explained that the consent order requires handling consumer notices in its mobile applications in a way different from other companies’ industry-standard mobile apps, and the order’s prescriptive manner does not fit with how consumers obtain mobile applications through app stores. According to Sears, more recent FTC orders recognized exceptions to certain consumer notices for normal functioning of mobile applications that are expected by consumers, e.g., notices related to application configurations, crash monitoring, and usage activity. Sears seeks an order more in-line with the new FTC orders that include the exceptions.