In 2013, we wrote an article regarding legal issues for mobile applications (Apps). Since then, the number of mobile application downloads have increased by over 400%, and their functionalities have grown tremendously. In fact, Apps have become an essential part of the every-day life of many consumers. As Apps continue to evolve, lawsuits and investigations regarding them have multiplied.
The discussion below provides an update on the legal issues discussed in our 2013 article. While privacy issues have emerged at the forefront and tend to make headlines, developers also need to be aware of other recent developments that affect their ability to secure their intellectual property rights in the App and limit their liabilities.
1. Use of Open Source Software
Most App developers use open source software (OSS) to develop their Apps. The open source software is licensed to them under an open source software license model, such as Apache, General Public License (GPL) and its various version, etc. Each license model has unique requirements, such as attribution, rights over derivative works, commercial use, non-discrimination with respect to platform etc. The importance of understanding and managing OSS license terms in the App development process is hi-lighted by OSS based lawsuits.
For example, in Versata v. Ameriprise, Versata developed and licensed its proprietary software, Distribution Channel Management (DCM), to Ameriprise. Ameriprise passed it on to its subcontractors, who decompiled it and developed a competing product. Versata sued Ameriprise claiming a breach of their license, but Ameriprise countered that since Versata’s software had been developed based on XimpleWare, a software that was licensed to Ameriprise on terms of the GPLv2 license (which requires that the source code of all derivative works be made available under the GPL license terms, upon distribution of the modified OSS), Ameriprise or its subcontractor could decompile and modify the software at will. Versata had failed to recognize that an open source software had been used in developing DCM, and had not integrated the GPL license terms in its own license of DCM. Following this allegation, XimpleWare Inc. sued Versata and its clients for breach of its license terms. Though the cases were settled in 2015, it highlights the importance of managing vendors who might use open source software in App development, as well as understanding and integrating open source software license terms that are used in the App development process.
2. Enforcement of Terms of Service or End User License Agreement
The Terms of Service (Terms) of an App defines the rights and liabilities of the App developer, owner and users. Typically, the App developer includes robust disclaimers for liability and other clauses to protect itself. However, none of this language would matter if the Terms are not conspicuously displayed in a way that would provide the end user an opportunity to read them. In recent years, courts have handed down many decisions holding “browsewrap” agreements unenforceable. “Browsewrap” agreements are those where the user is not required to take any action to agree to the Terms, but instead gets bound by the Apps’ Terms automatically upon the use of the app.
3. End User Privacy
In recent years, there has been an increase in privacy related lawsuits and investigations against App developers due to the expansion in App functionality and data collection efforts. Users and consumer protection agencies are starting to pay more attention to the data collected and shared by Apps in search for privacy violations. Famously, Niantic, the maker of Pokemon Go, was sanctioned by the Federation of German Consumer Organizations since the game violated Germany’s privacy laws by retaining and sharing user data — including players’ location, recent web history, search terms and user messages. Likewise, Yelp was sued for its “friends’ finder” feature in its mobile applications, whereby the app accessed and uploaded contacts information from users’ phones without their express consent to its server.
Given the increasing scrutiny of privacy practices of App developers, which causes monetary as well as reputation harm, it is important for App developers to integrate privacy protections into their app development process and consider the privacy ramifications of data collection and sharing in the App.