This document discusses practical and legal considerations for mobile apps. It notes that apps are increasingly omnipresent and important, but also increasingly scrutinized. The purpose, functionality, and platform of an app are important to understand its legal issues. Development plans and agreements should address ownership, IP protection, specifications, support and more. Terms of service and privacy policies must be implemented properly. Content may be owned, third-party, or user-generated and is subject to copyright law. Apps may be regulated in unexpected ways, such as for data privacy, security, and health. Transparency in an app's data practices is important to establish trust.
6. Copyright 2012 Bryan CaveCopyright 2013 BryanCave LLP
Functionality of the App
Functionality is Key to Understanding Legal Issues
• Operates - App simply operates
• Collects – Data from device or user or both
• Connects – To other services or databases or peripherals What does the
app actually do?
• Utilizes – Native functionality of the device (GPS, lights, camera,
accelerometer)
• Shares – Data and information from user or with user
• Ecommerce – Purchase products & services
9. Copyright 2012 Bryan CaveCopyright 2013 BryanCave LLP
Mobile App Development Plan
Development Plan Helps Drive Development Agreement
• Good project management & involving all necessary business units
drives success
• Legal team needs to understand
– What will the app do?
– business goals to identify risk areas
• Budgets can vary wildly – must perform diligence on third party
developers
• Who’s involved: Marketing, IT/engineering, product manager, legal,
security, data privacy
10. Copyright 2012 Bryan CaveCopyright 2013 BryanCave LLP
• Going it alone? Form an entity
• Enter IP ownership & confidentiality agreements with employees and third
party developers
• Consider protecting IP with copyright, trademarks, patents, and trade
secrets
• Are you sensitive to the inclusion of third party code in the mobile app?
Mobile App Development Agreement
Ownership and IP Protection
11. Copyright 2012 Bryan CaveCopyright 2013 BryanCave LLP
Mobile App Development Agreement
Additional Considerations
• Statements of Work contain essential provisions
– Timelines & schedules
– Specifications & requirements
• Non-Competition
– Any unique competitive issues?
• Support & Maintenance
– What is developer’s role with ongoing support & maintenance, particularly w/r/t
changes in devices and distribution platforms
12. Copyright 2012 Bryan CaveCopyright 2013 BryanCave LLP
Terms of Service
Privacy Policy
13. Copyright 2012 Bryan CaveCopyright 2013 BryanCave LLP
Terms of Service (EULA)
Terms of Service
• The app is simply software, a license agreement is critical
– Protect property
– Apportion rights
– Limit liability
• Most platforms have a default license agreements
– Many gaps
– Not tailored to your app
• Often more complicated than a basic software license
– Not *just* software, but part of larger service
– Interaction with other systems, services, devices
• Increasing the likelihood of enforceability
– Simplicity and readability
– Implementation
14. Copyright 2012 Bryan CaveCopyright 2013 BryanCave LLP
Terms of Service and Privacy Policy
Privacy Policies
• Long-standard online document
• Describe the ways in which data is collected, used, and shared
• Viewed as voluntary (and often overlooked), now the norm (and required)
• Not just a “policy,” but a set of “promises”
• Increasing requirements (and challenges)
– Describe data collection, usage, and sharing practices
– Disclose data protection (security) practices
– Obtain consent to use of personal data
– Provide opt-out right of certain uses
– Address (growing list of) specific state and federal legislation
– Cover changes in company practices
– All while maintaining transparency and clarity
25. Copyright 2012 Bryan CaveCopyright 2013 BryanCave LLP
Regulation of Mobile Apps
Just Because It’s An App, Doesn’t Mean It’s Not Regulated
• Some regulations you may expect
– Children's Online Privacy Protection Act of 1998 (COPPA)
– Gramm-Leach-Bliley Act (1999)
– Health Insurance Portability and Accountability Act of 1996 (HIPAA)
• Many others you may not expect
– The Electronic Communications Privacy Act (1986)
– Fair Credit Reporting Act (1970)
– Telephone Consumer Protection Act of 1991
26. Copyright 2012 Bryan CaveCopyright 2013 BryanCave LLP
FDA Guidance for Industry
and Food and Drug Administration Staff
(September 25, 2013)
Regulation of Mobile Apps
30. Copyright 2012 Bryan CaveCopyright 2013 BryanCave LLP
Federal
State
Self-regulatory
Data Privacy and Security
31. Copyright 2012 Bryan CaveCopyright 2013 BryanCave LLP
Federal Trade Commission Act
(15 U.S.C. 41, et seq)
“Unfair or deceptive acts or practices”
Data Privacy and Security
32. Copyright 2012 Bryan CaveCopyright 2013 BryanCave LLP
California Online Privacy Protection Act
(Cal OPPA)
(Cal. Bus. & Prof. Code §§ 22575 -22579)
Data Privacy and Security
34. Copyright 2012 Bryan CaveCopyright 2013 BryanCave LLP
Data Privacy and Security
Codes of Conduct
35. Copyright 2012 Bryan CaveCopyright 2013 BryanCave LLP
Emerging Models
For Compliance
Data Privacy and Security
36. Copyright 2012 Bryan CaveCopyright 2013 BryanCave LLP
In re Goldenshores Technologies, LLC
(FTC File No. 132 3087, December 5, 2013)
Data Privacy and Security
37. Copyright 2012 Bryan CaveCopyright 2013 BryanCave LLP
Knowing and disclosing
What data you collect
How you use that data
Where you share that data
“Transparency establishes trust.”
38. Copyright 2012 Bryan CaveCopyright 2013 BryanCave LLP
Closing Thoughts
Many New Rules Apply
• Apps are software, services, and often a whole lot more
• Apps are growing ever more sophisticated
• Not all apps are created equal, so don’t treat them that way
• Take the time to understand the nature and functionality of the app
• Not always WWGD (or WWfbD)
• Data and content are focal points for regulation and enforcement
• Industry codes of conduct cannot be ignored
• Transparency establishes trust