Editor’s
Note: In response to the success of our earlier post on
terms and conditions for mobile apps, two of our London-based colleagues have
prepared a “remixed” version, which looks at the subject of mobile app terms
and conditions from a European perspective. Enjoy!]
The mobile app has become the new face of business.
It’s no longer sufficient to have a company website. More and more companies
want a mobile app that users can download to their smartphones and easily access. It’s not difficult
to see why. People are voting with their thumbs.
In 2015, overall mobile app
usage grew by 58%, with lifestyle and shopping apps growing 81%, following
previous 174% growth in 2014, according to FlurryMobile. Indeed, FlurryMobile figures
show that mobile commerce now accounts for 40% of online commerce worldwide.
Accordingly, the advantages of an app to business, from a customer marketing,
engagement, service and awareness perspective, are clear.
Even traditionally
conservative sectors such as financial services are being revolutionised by the
mobile app. In 2015, the British Bankers Association identified that banking by
smartphone and tablet has become the main way for UK customers to manage their
finances, with mobile banking overtaking branches and the internet as the most
popular way to bank.
If your company will be among
the many businesses that launch a mobile app in Europe in 2016, one of the key
legal protections your company will need in connection with such launch is
an end user licence agreement (EULA). So, where do you start? Here at MoFo, we
regularly review mobile app EULAs and we’ve noticed a number of issues that app
developers don’t always get right. Here is our list of the key issues you will
need to consider.
1. One size does not fit all
Your EULA will be an important
part of your strategy to help mitigate risks and protect your intellectual
property in connection with your app. It’s unlikely that you would release
desktop software without an EULA, and mobile apps (which are, after all, software
products) warrant the same protection.
While platforms such as Google and
Amazon each provide a “default” EULA to govern mobile apps downloaded from
their respective app stores, they also permit developers to adopt their own
customized EULAs instead—subject to a few caveats, as mentioned below. Because
the default EULAs can be quite limited and can’t possibly address all of the
issues that your particular app is likely to raise, it’s generally best to
adopt your own EULA in order to protect your interests.
2. How to ensure a binding EULA?
Whether an EULA is enforceable
in any particular case will depend on how the EULA is presented to users and
how users indicate their agreement to the EULA. There are several ways that you
can present your EULAs to users. For example, in most app stores, a dedicated
link called “Licence Agreement allows companies to include a link to their
EULAs from their product page.
In addition, it’s advisable for companies to
include language in their apps’ “Description” field making clear to users that,
by downloading and using the app, they are accepting the EULA. Despite this
functionality being available, many apps currently do not provide users with an
opportunity to view the EULA before downloading the app.
However, if you want to
help ensure your EULA is capable of being enforced against consumers in Europe,
the safest approach is to include a link to the EULA and require an affirmative
“click-accept” of the EULA when the app is first opened by a user on his or her
device to demonstrate that the EULA was accepted.
3. Who is bound by your EULA?
If an app is targeted toward
businesses, or toward individuals who will use the app in their business
capacities, then the EULA should ideally bind both the individual who uses the
app and the individual’s employer. If minors will be permitted to use the app,
then the EULA should require that a parent or guardian consents on the minor’s
behalf. If the app is specifically targeted at minors, careful consideration
should be given to any specific legal or regulatory requirements.
For example,
in Europe, particular concerns have been raised about the use of app games by
minors, particularly games that are free to download, but which provide
for in-app purchases; regulators have issued specific guidance of
which developers of app games will need to be aware.
4. Where to put your EULA?
As a technical matter, a EULA
can reside in one of two places: It can be “hard-coded” into the app itself, so
that the EULA is downloaded together with the app, or it can reside on a
separate web server maintained by the developer. The first approach ensures
that the EULA is always accessible to the user, even if the user’s device is
offline. Some users may decide not to download the latest updates, however,
and, as a result, those users may not be bound by the updated terms.
In contrast,
with the second approach, companies can update their EULAs at any time by
simply updating the document on their own web servers, although the EULAs won’t
be available to the user offline. Companies should think about which approach
works best for their specific apps and the associated risk issues. We note
that, under applicable consumer law in Europe, any EULA term that has the
object or effect of enabling the developer to alter the terms of the contract
unilaterally without a valid reason is likely to be considered unfair.
5. What about app store terms?
Some app stores understandably
require that, if a company adopts a customized EULA for its app, that
customized EULA must include terms protecting the applicable app store owner.
(Other app stores, such as the Amazon Appstore for Android, place such
protective terms in their own user-facing agreements and require developers to
acknowledge that such protective terms will apply.) Other third-party terms may
also apply, depending on any third-party functionalities or opensource code
incorporated into the app.
For example, if a company integrates Google Maps
into its app, Google requires the integrating company to pass certain terms on
to its end users. The licensors of any open-source code used by an app may also
require the company to include certain disclaimers, attributions, usage
restrictions or other terms in the EULA.
6. Consumer
protection
There are various consumer
protection requirements that will need to be considered if your app is
going to be targeted at consumers in Europe. In particular, specific
information will need to be provided to such consumers, including with respect
to the identity of the app developer, app charges, functionality of the app,
how the app operates with relevant hardware/software (interoperability), and
whether any geographical restrictions apply, and so forth.
Consumers also have
a right to withdraw from the contract, i.e. “return” the
app within 14 days of concluding the contract, except where the consumer
expressly consents to the download and acknowledges that in completing the
download the user will lose this cancellation right. Therefore, it’s important
in Europe for your EULA to contain an acknowledgment that the consumer waives
this cancellation right on download of the app.
In addition, within Europe,
individual member states may have other requirements affecting apps that you
will need to take into account. Although most EU member states don’t currently
have national consumer protection legislation specifically concerning sales of
digital content to consumers, since October 1, 2015, UK consumers have enjoyed
new rights and remedies with respect to digital content.
Any company
targeting an app at consumers in the UK should now take into account
implied quality standards in terms of satisfactory quality, fitness for purpose
and compliance with description. Also, even where the app is provided free of
charge, if the app causes damage to a consumer’s device or other digital
content, then the app provider will be liable for such damage. As detailed in
our post on This lack of harmonisation within Europe has led to the European
Commission proposing new EU laws that
would give consumers new rights of remedy and redress where digital content is
faulty or inadequately described by the seller.
7. Be
clear and fair
It’s not just a question of
what information to include in your EULA, it’s also important to carefully
consider how your EULA is written. A common complaint is that EULAs are too
long, filled with impenetrable jargon and hard to read, created more to protect
companies in the court room than help the consumer make an informed choice.
In order to avoid the wrath
of European consumer protection regulators, and to help ensure that your
EULA is enforceable, you should aim to use plain language that is
understandable to consumers. Where complex and technical issues need to be
covered, particular care will be needed. You should avoid obscure legal jargon,
including removing references to phrases which may be unfamiliar to consumers
such as “indemnities”, “consequential loss”, “assignment”, etc. In addition,
because space on a mobile device screen is limited, it’s advisable to keep the
terms as concise as possible and easy to navigate.
Even if a EULA is written in
plain language, extremely one-sided provisions—such as a disclaimer of direct
damages (rather than a cap on such damages)—are at risk of being held to be
unfair and unenforceable against the consumer. At the same time, the EULA is
ultimately a legal document, and so you’ll want to make sure that any
slimmed-down or simplified EULA still provides you with adequate protection.
Of course, it’s not just a
question of compliance with consumer law. Where your app relates to a regulated
sector, e.g. financial services, health and gambling, there are
likely to be other regulatory requirements that you will need to comply with.
And these regulatory requirements may go beyond the EULA itself and affect the
way the app is designed and structured. Therefore, it’s very important to
consider compliance issues from the development stage.
Lastly, if you collect
personal information through your mobile app, remember that, in addition to
your EULA, you will need to have a privacy policy in place and ensure that you
comply with applicable data protection and privacy laws; such laws are often
far more burdensome in Europe than in the United States—but that’s a topic for
a separate article!
No comments:
Post a Comment