Enterprise App Development: Legal Considerations
A Handy Checklist To Avoid Lawsuits
Before developing and deploying mobile apps, businesses have a host of legal issues to consider. This is especially true on the enterprise level for employee-facing apps. Without preparing for these issues before deployment, an enterprise could face serious legal consequences.
Ensuring User Privacy
With more mobile apps being deployed to employees, it is critical that organizations have the right protocols in place to protect data. As businesses adopt Bring Your Own Device (BYOD) policies, there is added pressure to ensure that personal data on employee devices is not breached.
“End-user privacy is a key consideration for mobile app development,” said attorney Mark Tyson of Tyson Law. “Apps frequently require or request access to personal information of end users, such as contacts, photographs, biometric data (for photo-tagging), and health information.”
Employees have legal rights to their own personal data, and businesses have to ensure that their work-related apps do not infringe on those privacy rights. There should be safeguard that prohibit a business from stealing the personal data of employees.
"One of the most pertinent legal concerns for companies using apps and/or storing data is ensuring that the information is protected and being used in compliance with the most up-to-date legal standards," said attorney Erica DiAngelo of DiAngelo Law. "A company should revamp its internal policies and employee agreements to define the purpose and limitations of the app."
“The aim of the agreement is to disclose the rules and restrictions that employees must follow when using the technology,” said David Reischer, Esq, COO of LegalAdvice.com. “The ToS allow the employer to maintain rights to terminate abusive accounts, limit potential liability and allow parties to disclaim warranties. Data collection and employee privacy are clearly also important broad policy concerns that should be included in the Terms of Service.”
The ToS can include rules about not using the app for illegal activities or spamming. Some organizations are including rules in the ToS that prohibit users from suing.
Respecting Copyright Laws
Lawsuits from enterprise app development can also originate outside of the organization due to copyright issues. Within an app, even one designed only for internal use, the content must be owned by the enterprise, or the content must be copyright-free.
“The entire constellation of intellectual property rights is implicated by mobile app development. An app’s content—including its code, text, graphics—may be protected by copyright,” said Tyson. “The name of the app may protected by trademark. The app’s source code may qualify for protection as a trade secret. A process or method embodied in the app may be patentable. The app developer should consider executing confidentiality and restricted use agreements to protect proprietary information about the app. The app developer should also ensure that it owns the IP through assignment agreements, particularly if third-party contractors are used to develop the app.”
Enterprises should protect the app from copyright lawsuits. If there are content contributions from employees, contractors, or third-party companies, it is imperative to leverage written agreements from contributors.
“Utility patents can protect the function and features of the app, while design patents can protect the icons and interface of the app,” said Bryan Wheelock, attorney with Harness Dickey. “Patents applications must be filed within one year of the disclosure of the app, and should be filed before any disclosure of the app.”
Basic Legal Standards For Apps
An enterprise should strongly consider having limited liability insurance for protection against potential app-related lawsuits. This would be a wise investment, especially with the average defense and settlement costs for business lawsuits being $160,000. Certain sectors will also have additional considerations due to regulations.
"Depending on the nature of the company, additional concerns will arise, for example, if a law firm or a medical facility were to utilize the app, all of the regulations surrounding those industries would still apply and the company would need to be careful to ensure the coding and security is up to those standards,” said DiAngelo. “One question a company in those fields might ask itself is, can anyone other than the intended recipient of a private message, including IT technicians and third party platforms, access that private message? If so, it may want to rethink its systems."