Top Stories

Licensing Mobile Apps: A Legal Checklist

By Richard Stobbe
Posted: 9th July 2012 08:47

Apps are not just for Angry Birds anymore.  The licensing of mobile apps is becoming more common for business-to-business software vendors who are extending the reach of their enterprise applications to take advantage of opportunities in mobile and cloud computing.  If you are a vendor of enterprise software and you want to add mobile functionality, here are a few of the most important legal issues to consider:
Check the EULA:
Compared to the full suite of desktop functionality, the mobile app may represent a small piece of your overall software product.  But even a mobile app needs an end-user license agreement (EULA).  Cloud computing service providers may have service terms that are designed for web access to their software, and they may not perceive the need for a "traditional" EULA, but in the case of a mobile app, remember that this is a "traditional" license where a copy of the application resides on the user's device and system.  So point number 1 is to check the EULA. 
Software vendors should understand that apps launched on the iOS platform will come with a "ready-made" EULA courtesy of Apple.  Other platforms will come with other license terms.  Software vendors should consider developing a custom EULA if there are good reasons for doing so after a risk assessment.  A few other points to note: If you prepare your own EULA on the iOS platform, take note of Apple’s “mandatory terms” that must be included in every license.  Under the Android Market Developer Distribution Agreement, the default terms grant a "non-exclusive, worldwide, and perpetual license".  If you don't want to grant such a broad license, then consider a custom-made EULA. 
Review Privacy:
App developers should get legal advice on privacy issues.  The privacy problem with apps has been percolating for some time and several high-profile reports have brought attention to this issue.  In several cases, app developers have (intentionally or otherwise) harvested private details about app users by dipping into address books and location-data.  In Canada, the privacy landscape is complex, but is underpinned by private-sector privacy laws that apply to “personal information” across all industries, at both the federal and provincial level.
In the US, the California Attorney General recently entered into an agreement with mobile app platform vendors - Amazon, Apple, Google, Hewlett-Packard, Microsoft and Research In Motion - to improve privacy protections for app users.  This arrangement implements certain “privacy principles” and requires app developers to have a privacy policy, something that would bring app developers in line with Canadian law.  If you don’t have a privacy policy, then consider developing one along with the launch of your mobile app.  It can be a useful exercise to determine what information is being collected, from whom, for what purpose. 
Check the Data:
Ownership and control of data is a critical issue for end-users.  In the case of mobile apps that are an add-on for broader enterprise or cloud-based software offerings, the data issue is even more complicated.  Who owns it?  Who is responsible for it?  Where does the data reside?  On the device, on customer’s server, on the vendor’s server, or with a third-party host in the cloud?  These issues can be addressed within the app EULA, or it may be possible to cover them within the EULA for the enterprise software application.  Data escrow may also be appropriate in some cases.
Consider where and how the mobile app will be distributed?  For example, in some cases, mobile apps can be contained within a "closed" system, which permits distribution within a company.  However, if you are a vendor wishing to distribute your mobile app to all of your customers, the easiest method of distribution may be, for example, through Apple's App Store.  This means the app will be available to users in over 60 jurisdictions around the world.  Consider the jurisdictional issues – for example, one app developer realized that its marketing materials offended advertising rules of the Federal Trade Commission in the United States, which triggered an FTC complaint and ultimately a fine. 
It goes without saying that your mobile app should be integrated with the other services or software products (whether these are desktop, virtualised or web-based services).  But consider this both from a technical perspective as well as a legal perspective.  Does the app EULA dovetail with the EULA for your enterprise software applications?  What promises, warranties or limitations are available under each document?  Does one agreement pick "Alberta law" while the other one falls under "California law"?  Consider the situation where the enterprise EULA makes promises or guarantees that user-generated data will be archived by the licensor and provided in a particular format to the customer on request.  If that data is collected through the mobile app, and resides on devices of users, then this promise may be difficult or impossible to perform. 
Brands and Trade-marks:
Lastly, the marketing of mobile apps deserves particular attention.  You may have secured trade-mark rights for your enterprise software, but you should also consider trade-mark rights for the app itself.  Apple's App Store is still something of a wild-west when it comes to trade-mark rights.  Consider treating the mobile app just like you would any other product – branding and brand protection should be considered in the most important jurisdictions where your customers will be downloading and using the app.

Richard Stobbe is an intellectual property lawyer with Field Law in Calgary, Alberta.  Richard has worked and studied in the field of IP law for over 10 years, including in the areas of IP licensing, software licensing, mobile software application law and licensing, internet law, e-commerce law and trade-marks.  He is the chair of the Licensing Executives Society (Calgary Chapter), member of the Canadian Bar Association (Technology and Intellectual Property Law Section), and publisher and editor of
Richard can be contacted by calling +1 403 260 8508or alternatively via email at

Related articles