John Menton, Chris Bollard and Rory O’Connor from the Technology and Life Sciences Group in Arthur Cox, explore legal issue for app developers.
The smartphone and tablet computing industry continues to go from strength to strength, meeting the demands of consumers who are unwilling to compromise accessibility for functionality. In tandem with this, the app development industry has created massive opportunities for developers to market and export their products to a global audience. App development is becoming one of the largest and fastest revenue generators for small and start-up technology companies in Ireland. In this article, we touch on some of the legal pitfalls that app developer’s should avoid and offer some practical solutions.
Developers should be careful when incorporating content which may be protected by copyright. If that content is protected by copyright, developers should ensure that they have obtained the appropriate consent/licence to use such content, for example, approach the rights holder and seek a licence or consent to use the material. Failure to do this could result in infringement proceedings being taken by the copyright holder at a later stage.
Apps need some way of distinguishing themselves from the competition and generally use a logo or mark to enable consumers to be able to readily identify them or the service they are providing. Where you have spent time and money building your brand, you should consider registering trademarks to protect it (and checking that the brand/mark that you propose using does not infringe the trademark rights of third parties in the markets where you plan to target the app). This will enable you to take action more easily against those third parties who may try to use the trademark without your permission.
The actual code behind an app is protected by copyright. Where a company commissions the development of an app for its own promotional use, it should ensure that this copyright is assigned to the company. This can be achieved by a simple written agreement or can be incorporated into the agreement commissioning the app. The same principle applies where a developer uses a contractor, consultant or any other third party who is not an employee to assist with development of an app. That person’s copyright in any code which they have written should be assigned to the developer.
Open source software
Where open source software is incorporated into an app, care should be taken to review the licence that accompanies it. Some open sources licences are ‘viral’ in nature. When code which is governed by a ‘viral’ licence is integrated into code you may have written yourself, the result can be that the entire piece of software now becomes open source. This has obvious implications for the ability of others to copy your app.
Many apps contain advertising, especially those that are offered free of charge. Such advertising will be subject to industry codes of practice (such as the ASAI Code of Standards for Advertising, Promotional and Direct Marketing) as well as statutory requirements. Care should be taken to comply with advertising standards and laws. As well as reputational damage, breach of the Consumer Act 2007 carries fines as well as jail sentences.
Data protection authorities are increasingly turning their attention to the ways in which apps collect, store, monitor, track and process personal data. The key to compliance with data protection law generally is to obtain the requisite consent from the user in relation to what you are going to do with their data (and being transparent about the uses of the data at the time the consent is obtained).
Apps that fail to warn users of how their data will be used risk breaching data protection law (as well as losing the trust of users). Apps should make it very clear to the user what data will be collected and the purposes that the data is going to be put it to. Examples of the use of data that should be clearly explained to users might include the use of location data, accessing of contacts list and accessing of user generated content. Where personal data is stored, it must be stored securely. Failure to store data securely can lead to data breaches.
The regulated-self movement has inspired much innovation in the space of health/medical apps. Apps which collect, process and store health information should be aware that this type of data is classified as ‘sensitive’ personal data which in turn attracts more onerous consent requirements under the data protection acts.
There are a number of ways that developers can limit their exposure to liability that might be associated with the use of their app. Firstly, developers should consider incorporating limited companies which would own and promote the app. This provides a basic shield against the developer having personal liability (for example, in the event that the app is found to have inadvertently breached a third parties intellectual property right). Secondly, apps should be accompanied by well drafted terms and conditions which clearly delineate the boundaries of liability in the (remote) event that an app causes harm or damage to a user. Where an app starts to generate revenue, developers should also be aware of their possible tax exposure and seek advice accordingly. Where strong encryption is being deployed in the app then the developer needs to check if the ‘export’ of the app (including the encryption) may be subject to export controls on dual use goods (which include provisions that controls the export of certain types of encryption software).
The boom in the app development industry has created enormous opportunities for developers. Avoiding the pitfalls set out above will go some way to insuring that developers fully benefit from these opportunities.