Many startups and app developers today are needlessly breaking laws and pulling in too much data, which will send them head-first into a battle with the Federal Trade Commission.

“We’re seeing in our lab apps pulling in data things that are wholly unrelated to functionality,” said David Vladek, the FTC director for the Bureau of Consumer Protection.

“If you don’t want to see us, don’t collect data you don’t need, don’t collect data that’s unrelated to your app. Don’t collect information you don’t know what you’ll use or what you need.”

Vladek said many apps pull in geolocation data and other data points that might not even be useful to the app maker. Normally that’s a privacy concern, but if the app is pulling in data for a minor it is breaking the law, unless a parent has given explicit permission.

The FTC entered into a large civil penalty with employee benefits company Ceridian because the company held onto data for “way longer than they needed it,” Vladek said. Ceridian was eventually breached and hackers stole information about tens of thousands of users.

“If you don’t come up with that novel use for that data, it’s an albatross that will come back and bite you,” he said. “You don’t want to see us, we don’t want to see you, let’s just work together to keep it that way.”