Mobile applications or "apps" are everywhere. Mobile devices are outselling personal computers, and an increasing percentage of internet access is made through mobile devices. These developments have driven the rapidly growing usage of apps. It has therefore become increasingly important for companies to invest in and develop mobile apps. Because mobile apps are essentially just a specific type of software, app development presents many of the same challenges involved in a traditional software development project. However, there are some pronounced or unique intellectual property, ownership, privacy, data security, and advertising considerations that a company should keep in mind when developing a mobile app.
Intellectual Property Considerations
Intellectual property considerations encompass a large and extremely important aspect of building an app. Generally, apps may contain trademark rights for the app, related services, or the company; copyrightable content, including the code used to build the app; trade secret rights with respect to the functionality and development of the app; and in some circumstances, an app may even contain patentable subject matter. Retaining these rights in an app may require further action to ensure that the various parts of the app are properly protected.
Work-for-Hire Arrangements
In order to assert any intellectual property rights in an app in the first place, a company should ensure that any contractors or third parties who assist in the development of the app sign a work-for-hire agreement or that their contracts contain a work-for-hire provision. A "work made for hire" is a work specially ordered or commissioned [if it fits into one of nine enumerated categories]… if the parties expressly agree in a written instrument signed by them that the work shall be considered a "work made for hire." While a company may obtain intellectual property rights in an app if it is created by an employee within the scope of their employment, for greater certainty, companies should consider a signed agreement by which the employee-developer assigns all intellectual property rights in the app to the employer. Generally, without a work-for-hire agreement, the developer who writes the app may have a claim of copyright (or patent) in the app.
Distribution Considerations
Once an app is built, companies should consider how to disseminate the app to the target audience and to inform others that the app is available for downloading and use. Consider whether the app will be available for free or for a fee, which could create additional obligations to facilitate the payment process. Consider further which app stores and mobile platforms will provide the opportunity and the right to distribute an app. Some platform providers are more prescriptive than others, and the agreements required by app stores and platforms vary in complexity. The agreements offered by app stores and platform providers (e.g., Apple's iOS Developer Program License Agreement or Google's Google Play Developer Program Policies for Android devices) often seek to incorporate various additional usage or compliance policies that may have consequences to the development and distribution of the app. For example, many platforms and app stores specify the minimum terms necessary for inclusion in an end user agreement with users of an app. Additionally, platforms and app stores often require certain amounts of insurance for liability coverage. Platforms and app stores will also likely reserve their right to change or alter their terms at any time and are therefore free to introduce additional requirements. The app must comply with such conditions at all times, as failing to do so has the potential to give rise to legal action and/or the removal of the app from the platform.
Privacy and Data Security
Privacy laws and compliance have become a primary area of concern in mobile app development and implementation. Privacy issues and regulations generally revolve around the following issues:
- The kind of personal information being collected;
- The type of collection;
- The subject of the collection, and whether such subject is under the age of 13;
- The need for and ability to comply with an opt-in or opt-out mechanism;
- The country of origin or residency of end users;
- The freedoms or restrictions on use of the collected data; and
- The requirement to provide notice and a summary of data collection and use practices.
While all personal information must be protected to some degree, the collection of protected health information (PHI) and financial and credit card information (PCI) is uniquely regulated, as is collecting information from children under the age of 13 or even under the age of 18 (or other legal age of majority). Additionally, unlike traditional software applications, mobile apps may collect technical information, such as IP addresses, geo-location, and other transaction data that may be considered personal information and subject to privacy regulations. The foregoing collection and/or use can create regulatory issues, which may further vary by state and country and are constantly evolving. Some state laws specifically require the posting of a privacy policy within the mobile app if any type of personal or credit card information is collected via download or operation of the app. Privacy policies can be monitored by governmental agencies and third parties for accuracy. Non-compliance or inaccuracy can be considered a deceptive trade practice that can lead to fines and other consequences from the FTC.
Advertising Considerations
Marketing or selling an app subjects a company to additional laws and regulations governing advertising. Certain solicitation efforts may require additional compliance with laws governing outreach or communication with end users. Contests and sweepstakes offered through an app likewise require additional compliance. Potential advertising issues require particular consideration when building the functionality of a mobile app.
For example, all communications sent through or in connection with a mobile app can require additional compliance actions with the Telephone Consumer Protection Act (TCPA) and related Federal Communications Commission (FCC) rules. The Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM) rules regulate certain commercial e-mail and text message communications to consumers. Additionally, many state laws exist that regulate commercial text messages. The Federal Trade Commission's (FTC) Truth-in-Advertising laws additionally require that all information about the app be truthful and complete, and that any objective statements about that app must be backed with evidence. Other state specific laws can apply.
Overall, app development can bring great opportunity, visibility, and income to a company. Companies, however, should consider the significant issues associated with development, marketing, licensing, and distribution of an app in order to avoid potential legal liability.