Cast your mind back several years to the days of iOS 4, when there was a flurry of news items about parents who had purchased iOS apps for their kids, only to discover that a 15-minute password caching policy was enabling those kids to make in-app purchases without parental oversight. I first wrote about it in “iOS 4.3 Now Prevents Inadvertent In-App Purchases” (11 March 2011).” (14 July 2010) and Glenn Fleishman suggested some solutions in “ ” (5 October 2010), but it took roughly eight months before Apple fixed the problem, as I noted in “
In that time, the complaints piled up, to the point where the Washington Post wrote about an 8-year-old who had racked up a $1,400 bill, the Washington State Attorney General complained about it to Apple, members of Congress criticized the company, and the then-chairman of the U.S. Federal Trade Commission promised to look into the situation., and in February 2013,  by agreeing to give affected customers a $5 iTunes gift card, a credit if the amount in question was over $5, or cash if the amount exceeded $30. The total amount involved was never revealed.
We assumed the story had faded away, but it turns out that the FTC continued to investigate, and last week announced that, to the tune of at least $32.5 million. But if the class-action settlement had already resulted in refunds, why was the FTC still involved?
In a recent to all Apple employees, Cook acknowledged the issue and revealed that Apple set out to refund all affected customers in 2013, presumably in response to the class-action suit. Apple sent email about this to 28 million customers, and followed up with postcards when email bounced, and ended up processing 37,000 claims (large numbers, but only a 1.3 percent success rate). Cook was clearly bothered by the FTC ruling, saying that it “smacked of double jeopardy,” but he said that since Apple was already going to do everything the consent decree required, it wasn’t worth a long and distracting legal battle.
Was Apple really so virtuous, though? Why did it take Apple eight months to address the problem technically and a class-action suit before it got around to refunding customers, with no public statements about the topic in that time? In other situations, Apple has acted far more quickly — both technically, in response to security vulnerabilities like Flashback (see “,” 12 April 2012), and publicly, as with the problems with iOS 6’s Maps app (see “ ,” 28 September 2012). I can’t see that Apple deserves praise for handling this situation in a timely fashion.
On the other side of the equation, is the FTC really standing up for consumer rights in a useful way? Apple did fix the technical problem long ago, and independently pursued refunds to affected customers, and yet the FTC persisted in the investigation that resulted in the consent decree, through multiple commission chairs. Perhaps that’s just the way things work in government agencies, though the four FTC commissioners were far from unanimous in the decision. Commissioner Joshua D. Wright issued a, saying:
This is a case involving a minuscule percentage of consumers – the parents of children who made purchases ostensibly without their authorization or knowledge. There is no disagreement that the overwhelming majority of consumers use the very same mechanism to make purchases and that those charges are properly authorized. The injury in this case is limited to an extremely small – and arguably, diminishing – subset of consumers.
Much has also been made of the $32.5 million settlement. Although it’s supposed to go to consumers who were harmed by Apple’s poor interface, it’s unknown how much will actually be so spent, given that only 37,000 people responded to Apple’s offer for refunds of the full 28 million-customer pool and have presumably already been compensated. Monies left over from the $32.5 million will go to the FTC itself, though not for the holiday party fund. Instead, the money will be used to cover administrative expenses related to the refunds and for “informational remedies regarding In-App Charges by children.” Anything left over after that will be deposited in the U.S. Treasury. Draw your own conclusions as to what this could mean in light of the controversy over Apple’s taxes (see “,” 24 May 2013).
There have also been numerous catty insinuations about FTC Chair Edith Ramirez, who was previously a partner at Quinn Emanuel Urquhart & Sullivan in Los Angeles, a law firm that has represented HTC, Samsung, and Google against Apple in a variety of intellectual property suits. Before her appointment to the FTC in 2010 (she was a law school classmate of President Obama’s at Harvard, and adds welcome diversity to the FTC), Ramirez was not involved in any of those cases, so far as I can tell, so there’s no evidence that she would be biased against Apple (her clients included Mattel, Disney, and Northrop Grumman). And remember, the entire thing started under her predecessor, Jon Leibowitz, after a complaint from U.S. Representative Edward Markey.
Speaking of Google, Lieff Cabraser Heimann & Bernstein is investigating claims that Google engages in deceptive marketing practices with regard to in-app purchases and promises a free case review for anyone who was so harmed. (among others) points out that Google Play, the main Android app store, suffers from the same problem that originally tripped up Apple,  and allowing unfettered in-app purchases in that time. The FTC declined to say if it had received equivalent complaints about Google Play, or if it was investigating further. Google responded to the Consumer Reports writer with a standard PR non-statement. But more may happen: law firm
In the end, the entire issue leaves me with a sour taste. Had Apple responded more quickly to the problems with a public statement, technical fix, and customer refunds, none of this would have happened. But happen it did, and it seems that once the millstones of government are set in motion, they grind inexorably to a conclusion, regardless of whether common sense would have moved on to more pressing issues long ago.