Mobile Apps - Legal and Practical Considerations

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP Copyright 2014 BryanCave LLP

May 29, 2014

Jason D. Haislmaier

jason.haislmaier@bryancave.com

Mobile Apps Practical and Legal Considerations

Copyright 2014 BryanCave LLP

Matt McKinney

mmckinney@kkofirm.com

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Increasingly Omnipresent

http://pewinternet.org/Reports/2013/Smartphone-Ownership-2013/Findings.aspx

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Increasingly Omnipresent

Increasingly Important

Increasingly Scrutinized

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Practical → Legal

Purpose

Functionality

Platform

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Purpose of the App

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Functionality of the App

Functionality is Key to Understanding Legal Issues

• Operates - App simply operates

• Collects – Data from device or user or both

• Connects – To other services or databases or peripherals What does the

app actually do?

• Utilizes – Native functionality of the device (GPS, lights, camera,

accelerometer)

• Shares – Data and information from user or with user

• Ecommerce – Purchase products & services

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Platforms, Channels, and Devices

1.75 BILLION smart phones worldwide

7000 different devices access FB daily

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Plan for Development?

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Mobile App Development Plan

Development Plan Helps Drive Development Agreement

• Good project management & involving all necessary business units

drives success

• Legal team needs to understand

– What will the app do?

– business goals to identify risk areas

• Budgets can vary wildly – must perform diligence on third party

developers

• Who’s involved: Marketing, IT/engineering, product manager, legal,

security, data privacy

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

• Going it alone? Form an entity

• Enter IP ownership & confidentiality agreements with employees and third

party developers

• Consider protecting IP with copyright, trademarks, patents, and trade

secrets

• Are you sensitive to the inclusion of third party code in the mobile app?

Mobile App Development Agreement

Ownership and IP Protection

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Mobile App Development Agreement

Additional Considerations

• Statements of Work contain essential provisions

– Timelines & schedules

– Specifications & requirements

• Non-Competition

– Any unique competitive issues?

• Support & Maintenance

– What is developer’s role with ongoing support & maintenance, particularly w/r/t

changes in devices and distribution platforms

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Terms of Service

Privacy Policy

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Terms of Service (EULA)

Terms of Service • The app is simply software, a license agreement is critical

– Protect property

– Apportion rights

– Limit liability

• Most platforms have a default license agreements

– Many gaps

– Not tailored to your app

• Often more complicated than a basic software license

– Not *just* software, but part of larger service

– Interaction with other systems, services, devices

• Increasing the likelihood of enforceability

– Simplicity and readability

– Implementation

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Terms of Service and Privacy Policy

Privacy Policies

• Long-standard online document

• Describe the ways in which data is collected, used, and shared

• Viewed as voluntary (and often overlooked), now the norm (and required)

• Not just a “policy,” but a set of “promises”

• Increasing requirements (and challenges)

– Describe data collection, usage, and sharing practices

– Disclose data protection (security) practices

– Obtain consent to use of personal data

– Provide opt-out right of certain uses

– Address (growing list of) specific state and federal legislation

– Cover changes in company practices

– All while maintaining transparency and clarity

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Implementation

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

The Mobile “Click-Through”

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Privacy Policy Link In-App Store

Privacy Policy Link In-App

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

In-Menu Opt-Out In-App Opt-In

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Content

Yours

Theirs

The Crowd’s

Developed and Owned

Third-Party Licensed

User-Generated (UGC)

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Content

Public Domain

Very limited

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Content

Digital Millennium Copyright Act of 1998

(17 U.S.C. 512, 1201-05, 1301-22; 28 U.S.C. 4001)

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Content

The DMCA

OSP Safe Harbor

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Applicable Regulations?

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Regulation of Mobile Apps

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Regulation of Mobile Apps

Just Because It’s An App, Doesn’t Mean It’s Not Regulated

• Some regulations you may expect

– Children's Online Privacy Protection Act of 1998 (COPPA)

– Gramm-Leach-Bliley Act (1999)

– Health Insurance Portability and Accountability Act of 1996 (HIPAA)

• Many others you may not expect

– The Electronic Communications Privacy Act (1986)

– Fair Credit Reporting Act (1970)

– Telephone Consumer Protection Act of 1991

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

FDA Guidance for Industry

and Food and Drug Administration Staff (September 25, 2013)

Regulation of Mobile Apps

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Data

Privacy

Security

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Increasing Focus

On Mobile

Data Privacy and Security

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Source: http://www.thedatamap.org

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Federal

State

Self-regulatory

Data Privacy and Security

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Federal Trade Commission Act

(15 U.S.C. 41, et seq)

“Unfair or deceptive acts or practices”

Data Privacy and Security

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

California Online Privacy Protection Act

(Cal OPPA)

(Cal. Bus. & Prof. Code §§ 22575 -22579)

Data Privacy and Security

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Data Privacy and Security

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Data Privacy and Security

Codes of Conduct

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Emerging Models

For Compliance

Data Privacy and Security

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

In re Goldenshores Technologies, LLC (FTC File No. 132 3087, December 5, 2013)

Data Privacy and Security

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Knowing and disclosing

What data you collect

How you use that data

Where you share that data

“Transparency establishes trust.”

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Closing Thoughts

Many New Rules Apply

• Apps are software, services, and often a whole lot more

• Apps are growing ever more sophisticated

• Not all apps are created equal, so don’t treat them that way

• Take the time to understand the nature and functionality of the app

• Not always WWGD (or WWfbD)

• Data and content are focal points for regulation and enforcement

• Industry codes of conduct cannot be ignored

• Transparency establishes trust

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP Copyright 2014 BryanCave LLP

Thank You.

Jason Haislmaier jason.haislmaier@bryancave.com

@haislmaier

http://www.linkedin.com/in/haislmaier

Matt McKinney mmckinney@kkofirm.com

http://www.linkedin.com/in/mattsmckinney