Common position of national authorities within the CPC Network



Similar documents
Factsheet on the Right to be

COMMISSION STAFF WORKING DOCUMENT. on the existing EU legal framework applicable to lifestyle and wellbeing apps. Accompanying the document

TOY INDUSTRY CHECKLIST FOR MOBILE APPS AND PROMOTIONS

Consultation Paper. ESMA Guidelines on Alternative Performance Measures. 13 February 2014 ESMA/2014/175

Do you have a private life at your workplace?

TestFlight FAQ Apple Inc.

Daltrak Building Services Pty Ltd ABN: Privacy Policy Manual

NAI Mobile Application Code

Internet Delivery Charges to the Highlands of Scotland

Council of the European Union Brussels, 12 September 2014 (OR. en)

CE Marking. Caveat Emptor Buyer Beware

QUESTIONNAIRE ON CONTRACT RULES FOR ONLINE PURCHASES OF DIGITAL CONTENT AND TANGIBLE GOODS

A quick guide to competition and consumer protection laws that affect your business

THE CLAIMS MANAGEMENT CODE ( the Code )

Guidelines on Executive Order on Information and Consent Required in Case of Storing and Accessing Information in End-User Terminal Equipment

Privacy fact sheet 17

Embedded Network Solutions Australia Pty Ltd (ENSA) INTERNET ACCEPTABLE USE POLICY

2. A Note about Children. We do not intentionally gather Personal Data from visitors who are under the age of 13.

Legal Aspects of Social Media

LEAD INTRODUCERS AND COMPLIANCE

SECOND READING SPEECH

Eurofinas reply to the Joint Committee of the European Supervisory Authorities (ESAs) Consultation Paper on guidelines for cross-selling practices

Appendix. 1. Scope of application of the user evaluation license agreement

Cloud computing and the legal framework

Data Protection in Clinical Studies Implications of the New EU General Data Protection Regulation

OE Cloud Standard Terms of Service

Distance selling: sale of consumer goods over the internet or telephone etc

Claims Management Regulation. The PPI Claims market: Dealing with malpractice

CONSULTATION PAPER ON HIGH LEVEL PRINCIPLES ON OUTSOURCING COVER NOTE

Communication for undertakings that distribute nonmainstream financial products (such as CFD s, binary options, etc.) online

Opinion 04/2012 on Cookie Consent Exemption

Claims Management Regulation. Marketing and Advertising Guidance Note

Imperial Tobacco Group International Standard for the Marketing of Tobacco Products

Data Protection. Processing and Transfer of Personal Data in Kvaerner. Binding Corporate Rules Public Document

ARTICLE 29 Data Protection Working Party

Deliverable 1. Input on the EU's role in fighting match-fixing. Expert Group "Good Governance. EU Work Plan for Sport

Position of the Nordic Consumer Ombudsmen on social media marketing of 3 May 2012

ROADMAP FOR THE REFIT OF THE CONSUMER LAW ACQUIS 2016

DIRECTIVE 2014/32/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

HIPAA Omnibus & HITECH Rules: Key Provisions and a Simple Checklist.

Organisation de Coopération et de Développement Economiques Organisation for Economic Co-operation and Development

SUPPLEMENTARY INTERNAL RULES IMPLEMENTING REGULATION (EC) N 45/2001 IN RELATION TO THE DATA PROTECTION OFFICER

COMMISSION OF THE EUROPEAN COMMUNITIES COMMUNICATION FROM THE COMMISSION. Towards a European Charter on the Rights of Energy Consumers

Section X XXXXXXXX. Guidelines on publication of user reviews, 1 May 2015 Guidelines 2015

Personal data and cloud computing, the cloud now has a standard. by Luca Bolognini

INTERNATIONAL STANDARD FOR THE MARKETING OF TOBACCO PRODUCTS

JOINT AGREEMENT ON GUIDANCE ON DISCIPLINARY PROCEDURES IN FURTHER EDUCATION COLLEGES

3 What Personal Information do we collect and why do we need it?

Claims Management Services Regulation. Conduct of Authorised Persons Rules 2013 (2)

PEGI ONLINE SAFETY CODE ( POSC ): A CODE OF CONDUCT FOR THE EUROPEAN INTERACTIVE SOFTWARE INDUSTRY

INTERNATIONAL MONEY EXPRESS (IME) LIMITED ONLINE REMIT USER AGREEMENT

Application of Data Protection Concepts to Cloud Computing

Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

KINGDOM OF SAUDI ARABIA. Capital Market Authority CREDIT RATING AGENCIES REGULATIONS

WEBSITE HOSTING SERVICES AGREEMENT. Effective Date: 1/1/2015

Terms of Use (basic) 1

MMA CODE FOR RESPONSIBLE MOBILE MARKETING A code of conduct and guidelines to best practice

NBA Math Hoops Privacy Statement and Children s Privacy Statement Updated October 17, 2013.

TEXTUAL PROPOSAL TECHNICAL BARRIERS TO TRADE (TBT) Article 1 Objective and Scope

Guide for consumer credit firms

COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS

CONSULTATION PAPER NO

Message 791 Communication from the Commission - SG(2012) D/50777 Directive 98/34/EC Notification: 2011/0188/D

E-Gap Terms and Conditions of Use

EU regulatory framework for e-commerce

I. Personal data and its use in the business to business environment.

COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL

Acceptable Usage Policy

Privacy Policy Draft

merchant application form

Computer Network & Internet Acceptable Usage Policy. Version 2.0

Under European law teleradiology is both a health service and an information society service.

Procon Frostbite 1.1 and subsequent releases End User License Agreement Revised: April 7, 2015

GENERAL TERMS OF USE MYGEONAUTE.COM

Transcription:

Common position of national authorities within the CPC Network Assessment of proposals made by Apple, Google and relevant trade associations regarding in-app purchases in online games By letter dated 9 December 2013, the Danish Consumer Ombudsman, representing the CPC network, and the Directors General for Consumer Policy and for Justice of the European Commission asked the Internet platform providers Apple and Google as well as the association of on-line game developers ISFE to propose solutions to identified problems regarding in-app purchases in online games. Based on the exchanges held with the relevant companies and associations, Member States, cooperating together within the CPC Network, facilitated by the European Commission, have come to the following conclusions: 1) Apple/iTunes a) Misleading advertising of games as free Following the exchanges with CPC authorities, Apple now displays the text "In-App Purchases" in close proximity to the download button for all apps that are marketed on Apple's platforms as "free" but that offer "in-app purchases". The font of the text "In-App Purchases" is considerably smaller than the word "FREE" and may be difficult to read on smaller screens. Apple offers consumers information about the potential costs for at least 10 most popular in-app purchases for each specific on-line game. In June 2014, Apple introduced a modification to its App Review Guidelines, requiring app developers to ensure that in all information accompanying their apps the presence of possible inapp purchases be clearly identified 1. CPC authorities consider that only apps where in-app purchases are optional can be presented as "free" without misleading consumers. This stems from Annex I, Nr 20 of the Unfair Commercial Practice Directive (UCPD), Article 7(4) (c) UCPD and Article 6(1) (e) of the Consumer Rights Directive (CRD). As set out in the CPC common position of 9 December 2013 2, an on-line game cannot be marketed as "free" where the consumer cannot, without making in app purchases, play the game in a way that he/she would reasonably expect. This is to be assessed on a case-by-case basis for each app that includes in-app purchases. Internet platform providers need to ensure that apps that 1 2 Guideline 3.13: https://developer.apple.com/appstore/resources/approval/guidelines.html IP/14/187 of 27/02/2014: http://europa.eu/rapid/press-release_ip-14-187_en.htm. 1

include in-app purchases which are marketed as "free" on their platforms comply with the relevant provisions of EU consumer protection law, as described above. b) Exhortations to children In June 2014, Apple informed CPC authorities that in each of the ios Developer Program License Agreements and in the App Review Guideline 22.1, Apple points out to developers that the burden of compliance with national legal requirements rests with the developers. There is a generic statement in App Review Guideline 22.1 that "Apps must comply with all legal requirements in any location where they are made available to users. It is the developer's obligation to understand and conform to all local laws". No further measures have been proposed by Apple as regards app developers. Apple proposes to create a specific e-mail address through which enforcement authorities can inform Apple about possible violations of applicable law and coordinate discussions with the developers concerned. It also proposes to designate a specific team to process any such notifications and respond to the appropriate government entity. However, so far no precise implementation date for these proposals has been put forward. Article 14(1) (b) of the e-commerce Directive requires Apple to take down any app from its platforms if the company becomes aware that it involves an illegal activity, such as direct exhortations to children (UCPD Articles 5(3) and 5(5) and Annex I, Nr 28). This means that Internet platform providers have a responsibility to ensure that games on their platforms do not contain direct exhortations to children. In this context, the absence of a fully operational and efficient mechanism for consumers and competent authorities to notify such illegal activity to Apple further reinforces the possibility that such illegal activity be solely imputed to Apple (cf. Article 2(b) of the UCPD and Article 2(2) of the CRD). Clear instructions to the app developers that on-line games involving direct exhortations to children are banned from distribution in the EU market are highly relevant. Apple is strongly encouraged to provide transparency on the actions taken on the basis of consumer complaints, notifications by CPC-authorities (provided by the specific e-mail address) or instances in which it decided to take actions on its own initiative. c) Information about and consent to purchase Apple has clarified that its settings regarding payment approval will continue to vary according to the different devices and operating systems. Although, regrettably, no concrete and immediate solutions to address the concerns linked to payments' authorisations were proposed to this date, CPC authorities note that Apple has proposed to address these concerns in the future. So far, no firm commitment and no precise 2

implementation date for any possible future changes have been put forward, in particular as regards the default settings. Hence, CPC authorities note that the 15 minutes' payment window currently offered by Apple should not remain the default setting in the future. Consumers must be able to choose between this setting and a setting requiring authorisation of each purchase individually. Consumers should be given a genuine choice between these two options. This means that these options should be presented in a neutral way to consumers, without the 15 minutes' window option being the default setting. Furthermore, consumers should be informed about settings' options not only at the first purchase on a device, but regularly (possibly over a certain period of time) to make sure that their consent to the payment settings has been explicitly given. Regardless of the choice of the consumer concerning the default settings for authorising payments, explicit consent to each in app purchase has to be given in any case. Consumers could be given a possibility to set a maximum amount for in app purchases made without individual payment authorisation. The information on changing settings made by the consumers should be easily accessible and comprehensible in case they want to change it. CPC authorities reiterate that, according to Articles 7(2) and 7(4) (d) of the UCPD and Article 6(1) (g) of the CRD, consumers must be clearly informed about the arrangements for payment before each purchase. According to the CRD, any purchase must be subject to the explicit consent of the consumer and the trader needs to provide the consumer with the necessary information. This requirement applies on all devices and under all operating systems. Reference is also made to Article 54 (2) of the Payment Services Directive concerning unauthorised payments. d) Provision of the trader's email address Apple has proposed to create and display an email address that customers can use to contact Apple with concerns about their purchases on Apple's platforms. Apple states that it will also make it possible for consumers to contact developers directly, via a support URL provided on all store pages on which Apple is making content available in the EU. A date of implementation of this proposal has not been provided. Article 5(1) (c) of the e-commerce Directive requires that consumers are clearly provided with the information society service provider's e-mail address. In combination with Article 7(5) UCPD, this Article provides that the email address of the trader is material information. The e-mail address must also be provided according to Article 6(1) (c) CRD. Apple's proposals, if and when fully and adequately implemented, could address the concern over the provision of the trader's email address. 3

2) Google a) Misleading advertising of Games as free Google has removed the word "free" from its Google Play platforms for on-line games that are free to download but contain in-app purchases. Information about the presence of inapp purchases has been made more prominent and clearer for the consumer. Google has proposed to display in the future the price range (from the minimum to the maximum cost) of all the in-app purchases offered by each specific on-line game displayed on its platforms. Google has agreed to display the price range information in ways that make it easily accessible to consumers on the app product page. Google will implement this change on Google platforms by 30 September 2014. Google's proposals, once fully implemented, could be considered to be compliant with relevant EU consumer protection legislation, notably Annex I, Nr 20 of the UCPD, Article 7(4) (c) UCPD and Article 6(1) (e) CRD. b) Exhortations to children Google has implemented a dedicated email address for CPC authorities and the European Commission to report to it breaches of EU law appearing on its platforms. Additionally, Google has proposed to clearly draw the attention of game developers world-wide, through the Google Developers Console, to the specific prohibition on exhortation to children laid down by the UCPD for any game distributed on the EU market. Google will fully implement this proposal by 31 July 2014. Google has undertaken to act swiftly when a non-compliant game is brought to its attention. This includes the immediate review of each complaint and, as appropriate, either to contact and warn the trader concerned or to directly remove the infringing app from Google platforms. Where Google encounters serious or repeated breaches of the relevant EU consumer protection legislation, and in particular breaches of the ban on exhortation to children, Google will ban the trader from offering apps on Google Play platforms. Google's proposals, once fully and adequately implemented, could be considered to be compliant with relevant EU consumer protection legislation, notably Articles 5(3) and 5(5) and Annex I, Nr 28 of the UCPD. CPC authorities recommend that, when implementing these proposals Google needs to ensure transparency about consumer and other complaints received and about the actions taken on their basis, including instances where Google decides to remove apps from the platforms or ban traders from offering apps on the platforms. This could for example include a regular feedback about such actions to CPC authorities and to the European Commission. 4

c) Information about and consent to purchase Google has begun implementing changes allowing consumers, at the moment of the first payment on a device, to choose between three settings: (i) a password requirement for every purchase (including in-app purchases), (ii) a password requirement every 30 minutes or (iii) never a password requirement. For subsequent purchases on the same device, the settings chosen by the consumer at the first purchase will apply. The current password setting is to be displayed on the settings overview page. Google will implement these proposals by 30 September 2014. Under the setting requiring a password for every purchase, once the in-app purchase order is started, the user will receive a request for a password. This request will inform the user about the current password settings. Where the password request also allows the user to completely remove the password protection, a warning about possible unauthorised purchases will be displayed prominently. For Google's implementation of these proposals, CPC authorities underline that the information on how to change settings should be easily accessible and comprehensible for consumers that would like to change settings on their own initiative. This should include a prominent display of information about consequences of choosing each of the three options. CPC authorities also note that consumers should be informed about their possibilities for choosing payment settings not only at the first purchase on a device, in order to ensure that their consent to payment settings will remain explicit over time. Regardless of the choice of the consumer concerning the default settings for authorising payments, explicit consent to each in app purchase has to be given in any case. Consumers could be given a possibility to set a maximum amount for in-app purchases made without individual payment authorisation. According to Articles 7(2) and 7(4) (d) of the UCPD and Article 6(1) (g) of the CRD, consumers must be clearly informed about the arrangements for payment before each purchase. According to the CRD, any purchase must be subject to the explicit consent of the consumer and the trader needs to provide the consumer with the necessary information. Reference is also made to Article 54 (2) of the Payment Services Directive concerning unauthorised payments. Google's proposals, once fully and adequately implemented, could be considered to be compliant with the above mentioned provisions of EU consumer protection law. d) Provision of the trader's email address Google displays the game developers' name, website and email address on the specific app product pages. Google will display the developer's geographical address on each specific app product page for all on-line games that are paid and/or include in-app 5

purchases and will add an email contact information link on Google Play. Google will implement this proposal by 30 September 2014. Google has proposed to strengthen the product support by, e.g., introducing maximum time limits for developers (5 days going down to 24h in cases that Google notifies to them to be urgent) to respond to consumer inquiries. At the same time, it has proposed that, if app developers provide inadequate user support, they will first face warnings and then possibly removal of their apps or, in the most serious cases, even the developer's ban from Google Play platforms. Google will implement this proposal by 31 August 2014. In addition, Google has made available an email address that allows national enforcement authorities and the Commission to report breaches of the law directly to Google. Google's proposals, once fully implemented, could be considered to be compliant with relevant EU consumer protection legislation, notably Article 5(1) (c) of the e-commerce Directive, Article 7(5) UCPD, and Article 6(1) (c) CRD. 3) ISFE In response to the CPC position, ISFE has informed its members of the concerns raised and held discussions. CPC authorities and the European Commission have invited ISFE to propose concrete actions to address the identified problems and to take inspiration for a consumer friendly presentation of key information requirements from the display model annexed to the CRD guidance. A similar call has been made to two other on-line game developers' associations that have in the meantime approached the CPC network (ISGA and EGDF). XXXXXX This position concludes this joint CPC enforcement action, without prejudice to any actions at Member State level on outstanding legal issues, including on-going national enforcement actions. CPC authorities and the European Commission will monitor how the mechanisms proposed by the companies have been introduced and function. 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information