FTC Takes the Lead in mHealth App Regulation

March 24, 2016 - In what could be the “new normal” for mHealth app regulation, the Federal Trade Commission is sanctioning the developer of an app that pledges to improve visual acuity, saying the company doesn’t provide enough proof that the app works.

In fining California-based Carrot Neurotechnology $150,000 and ordering that the company refrain from making certain claims on its Ultimeyes app, FTC officials said the company hadn’t proven its app through a randomized and blinded study. A 2014 study done with the University of California-Riverside baseball team, officials said, wasn’t random, nor was a control group used properly.

“(C)ompetent and reliable scientific evidence shall consist of human clinical testing of the Covered Product or Service that is sufficient in quality and quantity, based on standards generally accepted by experts in the relevant field, when considered in light of the entire body of relevant and reliable scientific evidence, to substantiate” representations about the product, the FTC’s order stated.

The FTC did note that the company includes several studies in its supporting literature, and that it “does not challenge the validity of perceptual learning in general or the evidentiary standards for conducting basic research in this field.”

Alongside the fine, the FTC ordered Carrot Neurotechnology to stop advertising that Ultimeyes improves vision; benefits “a broad range of activities ranging from athletics to … reading, watching TV and driving;” improves contrast sensitivity by 100 percent and improves vision by an average of 31 percent and two lines on the Snellen eye chart; and reverses, delays or corrects presbyopia … “and diminishing the need for glasses or other visual aids, unless the representation is non-misleading and, at the time of making such representation, respondents possess and rely upon competent and reliable scientific evidence to substantiate that the representation is true.”

iMedicalApps, which reported in the FTC action in what it still considers an “almost Wild West environment in the mobile health marketplace,” said it was interesting that the FTC took action instead of the U.S. Food and Drug Administration. That could create confusion among mHealth developers and healthcare providers developing their own apps.

“In light of such regulation, hopefully innovation within the mobile health market will not suffer, as such hefty fines could easily decimate a small mobile application developer,” the news report added. “Is the bar set so high at this point that mobile app companies will consider seeking some sort of ‘clearance’ from the FTC before promoting any app with treatment claims?”

Some say the FTC is stepping up on mHealth enforcement because the FDA hasn’t. Bradley Merrill Thompson, an attorney with the Washington-based law firm of Epstein Becker & Green and a longtime expert on mHealth app regulation, recently told Bloomberg BNA the FTC sees enforcement as a better tool that the FDA’s premarket approval process.

“In some ways, this makes political sense because it gets FDA out of the hot seat of going after small entrepreneurial app developers,” Thompson told Bloomberg BNA, adding that the FTC “uses its enforcement tools to go after what at least they consider to be shysters.”

Thompson said the FTC and FDA may have a tacit agreement to allow the FTC to crack down on mHealth apps while the FDA stands pat. But while the FDA might want “to refrain from an enforcement role for a while,” it may muddy the waters in future mHealth policy matters.

The FTC has also signaled its intent to crack down on apps that put consumer health information at risk.

Jessica Rich, director of the FTC’s Bureau of Consumer Protection, recently testified before a Congressional subcommittee that her agency is seeing more and more consumers taking control of their health data through apps and mHealth devices. It’s the FDA’s responsibility, she said, to make sure consumer health information isn’t being gathered through those mHealth channels and shared with outside sources.

“Many of the entities creating these new consumer-facing products and services are not covered by HIPAA, which only provides protections for health information held or generated by certain covered entities - namely healthcare providers, health plans and healthcare clearinghouses, and their business associates,” she said. “The entities creating these new products are, however, within the FTC’s jurisdiction in most instances.”