Mobile Apps - Legal and Practical Considerations

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP Copyright 2014 BryanCave LLP

May 29, 2014

Jason D. Haislmaier

[email protected]

Mobile Apps Practical and Legal Considerations

Copyright 2014 BryanCave LLP

Matt McKinney

[email protected]

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP

Increasingly Omnipresent

http://pewinternet.org/Reports/2013/Smartphone-Ownership-2013/Findings.aspx


Increasingly Omnipresent

Increasingly Important

Increasingly Scrutinized


Practical → Legal

Purpose

Functionality

Platform


Purpose of the App


Functionality of the App

Functionality is Key to Understanding Legal Issues

• Operates - App simply operates

• Collects – Data from device or user or both

• Connects – To other services or databases or peripherals What does the

app actually do?

• Utilizes – Native functionality of the device (GPS, lights, camera,

accelerometer)

• Shares – Data and information from user or with user

• Ecommerce – Purchase products & services


Platforms, Channels, and Devices

1.75 BILLION smart phones worldwide

7000 different devices access FB daily


Plan for Development?


Mobile App Development Plan

Development Plan Helps Drive Development Agreement

• Good project management & involving all necessary business units

drives success

• Legal team needs to understand

– What will the app do?

– business goals to identify risk areas

• Budgets can vary wildly – must perform diligence on third party

developers

• Who’s involved: Marketing, IT/engineering, product manager, legal,

security, data privacy


• Going it alone? Form an entity

• Enter IP ownership & confidentiality agreements with employees and third

party developers

• Consider protecting IP with copyright, trademarks, patents, and trade

secrets

• Are you sensitive to the inclusion of third party code in the mobile app?

Mobile App Development Agreement

Ownership and IP Protection


Mobile App Development Agreement

Additional Considerations

• Statements of Work contain essential provisions

– Timelines & schedules

– Specifications & requirements

• Non-Competition

– Any unique competitive issues?

• Support & Maintenance

– What is developer’s role with ongoing support & maintenance, particularly w/r/t

changes in devices and distribution platforms


Terms of Service

Privacy Policy


Terms of Service (EULA)

Terms of Service • The app is simply software, a license agreement is critical

– Protect property

– Apportion rights

– Limit liability

• Most platforms have a default license agreements

– Many gaps

– Not tailored to your app

• Often more complicated than a basic software license

– Not *just* software, but part of larger service

– Interaction with other systems, services, devices

• Increasing the likelihood of enforceability

– Simplicity and readability

– Implementation


Terms of Service and Privacy Policy

Privacy Policies

• Long-standard online document

• Describe the ways in which data is collected, used, and shared

• Viewed as voluntary (and often overlooked), now the norm (and required)

• Not just a “policy,” but a set of “promises”

• Increasing requirements (and challenges)

– Describe data collection, usage, and sharing practices

– Disclose data protection (security) practices

– Obtain consent to use of personal data

– Provide opt-out right of certain uses

– Address (growing list of) specific state and federal legislation

– Cover changes in company practices

– All while maintaining transparency and clarity


Implementation


The Mobile “Click-Through”


Privacy Policy Link In-App Store

Privacy Policy Link In-App


In-Menu Opt-Out In-App Opt-In


Content

Yours

Theirs

The Crowd’s

Developed and Owned

Third-Party Licensed

User-Generated (UGC)


Content

Public Domain

Very limited


Content

Digital Millennium Copyright Act of 1998

(17 U.S.C. 512, 1201-05, 1301-22; 28 U.S.C. 4001)


Content

The DMCA

OSP Safe Harbor


Applicable Regulations?


Regulation of Mobile Apps



Just Because It’s An App, Doesn’t Mean It’s Not Regulated

• Some regulations you may expect

– Children's Online Privacy Protection Act of 1998 (COPPA)

– Gramm-Leach-Bliley Act (1999)

– Health Insurance Portability and Accountability Act of 1996 (HIPAA)

• Many others you may not expect

– The Electronic Communications Privacy Act (1986)

– Fair Credit Reporting Act (1970)

– Telephone Consumer Protection Act of 1991


FDA Guidance for Industry

and Food and Drug Administration Staff (September 25, 2013)



Data

Privacy

Security


Increasing Focus

On Mobile

Data Privacy and Security


Source: http://www.thedatamap.org


Federal

State

Self-regulatory



Federal Trade Commission Act

(15 U.S.C. 41, et seq)

“Unfair or deceptive acts or practices”



California Online Privacy Protection Act

(Cal OPPA)

(Cal. Bus. & Prof. Code §§ 22575 -22579)






Codes of Conduct


Emerging Models

For Compliance



In re Goldenshores Technologies, LLC (FTC File No. 132 3087, December 5, 2013)



Knowing and disclosing

What data you collect

How you use that data

Where you share that data

“Transparency establishes trust.”


Closing Thoughts

Many New Rules Apply

• Apps are software, services, and often a whole lot more

• Apps are growing ever more sophisticated

• Not all apps are created equal, so don’t treat them that way

• Take the time to understand the nature and functionality of the app

• Not always WWGD (or WWfbD)

• Data and content are focal points for regulation and enforcement

• Industry codes of conduct cannot be ignored

• Transparency establishes trust

Copyright 2012 Bryan Cave Copyright 2013 BryanCave LLP Copyright 2014 BryanCave LLP

Thank You.

Jason Haislmaier [email protected]

@haislmaier

http://www.linkedin.com/in/haislmaier

Matt McKinney [email protected]

http://www.linkedin.com/in/mattsmckinney

Law

Mobile Apps - Legal and Practical Considerations