Facebook Options
Legal Requirements

Consider the sampling of federal privacy laws and regulatory agencies listed below. If you think any apply to your app, conduct further research and/or seek out legal advice. You are responsible for compliance with all applicable federal and state laws.

  • ALL APPS:
    • Federal Trade Commission “Unfair and Deceptive” AuthorityThe Federal Trade Commission (FTC) has general authority to police “unfair or deceptive acts affecting commerce.”
    • CAN-SPAM Act of 2003Governs the transmission of commercial e-mail and requires visible and operable unsubscribe mechanisms, accurate subject lines, among other user protections.
    • Fair Credit Reporting Act of 1970 (FCRA)Governs  “credit reporting agencies” responsibilities and entities that provide credit report agencies with data.
    • Telephone Consumer Protection Act Governs the delivery of automated and telemarketing calls and messages (including text/SMS messages).
    • For an overview of privacy laws that may apply to your app or services, reference our Legal Guidance page.
  • Video apps:
    • Video Privacy Protection Act (VPPA). Governs the disclosure of personally-identifiable rental or sales records of audiovisual materials (absent written consent).
  • Payment, banking or financial services apps:
    • Gramm–Leach–Bliley Act (GLB). Governs financial institutions’ use and disclosure of personal information.
  • Health apps:
    • Health Insurance Portability and Accountability Act of 1996 (HIPAA). Provides national privacy standards for the protection of individually identifiable health information for certain regulated entities.
  • Children’s apps:
    • Note that many platforms restrict the use of their services by users under the age of 13.
    • Facebook’s terms indicate that it disallows and screens for users under 13 . Do not offer Facebook users apps targeted at children under the age of 13.
  • International laws:
    • Many international jurisdictions have their own general privacy laws that might apply if you are based outside the U.S. or if your app collects data from users in those countries. Providing a privacy policy is one step towards compliance with those regulations. Consult our Legal Guidance page for an overview of relevant international laws.
    • International data transfers – Be aware that data collected from users located in the E.U. can only be transferred to countries with “adequate” data protection standards. The U.S. is not deemed to have adequate protection standards. If you are transferring data from the E.U. you must comply with alternative and specific legal requirements, such as the U.S.-E.U. Safe Harbor programPlease seek legal counsel for other methods of compliance with E.U. data transfer restrictions.
About
Contact
Supporters
Privacy Policy
Learn
Do / Tools
Showcase
Consumers
Rate and Review Applications
Blog