Brightest Flashlight Free in an Android app that performs a simple function: It allows an Android phone user to turn on the LED light on the back of his or her phone. Since this LED light is designed for use with a camera, many Android device manufacturers don't include this functionality in stock software packages.
While is not a complicated app with high development costs, the app raised serious questions about personal privacy in the mobile device era that apply to the realm of mobile medical apps, some of which fall under FDA's purview. In total, Brightest Flashlight Free was installed on approximately 50 to 100 million Android devices, earning it a 4.8 star rating from reviewers. However, the app has been furtively collecting users' personal data without their permission. This data included several types of personal data including device ID and location. While the app did give users the option to opt out of this data gathering, the company continued to collect personal data regardless of whether an individual opted in or out.
The FTC took action against the developer, according to Fast Company. "When consumers are given a real, informed choice, they can decide for themselves whether the benefit of a service is worth the information they must share to use it," noted Jessica Rich, Director of the Bureau of Consumer Protection at the FTC. "But this flashlight app left them in the dark about how their information was going to be used."
GoldenShores Technologies, manufacturer of Brightest Flashlight Free, faced only a mild slap on the wrist from regulators. Instead of a penalty or fine, the company is only required to delete all personal data and ensure that future app users provide "affirmative express consent" when sharing their personal data.
While the data that GoldenShores was collecting on its customers did not include any health information, lots of the information was extremely detailed.
As of now, both the Apple and Android mobile device marketplaces contain thousands of health-related applications. These applications include blood pressure monitoring tools, weight loss tools, fitness trackers, exercise apps, blood sugar management apps, baby monitoring apps and much more.
While Apple's "walled garden" approach to apps does minimize the risk of malware and privacy-invading apps, Android has a very open approach for app developers. Because of this, a number of malware apps have snuck their way into the Android marketplace in recent years.
Many of the mobile health apps available for Android are free. To cover development costs, many feature in-app advertisements or limited feature sets. If a developer uses an individual's personal health data for advertisement purposes, anyone using that app could be at risk of health data theft.
Few Android health and fitness apps offer any type of HIPAA compliancy. Patients who enter their private health data into these apps should read the Terms of Service before proceeding. In some cases, however, developers may not even follow their own Terms of Service.
