Mobile applications or "apps" are everywhere. Mobile devices are outselling personal computers, and an increasing percentage of internet access is made through mobile devices. These developments have driven the rapidly growing usage of apps. It has, therefore, become increasingly important for nonprofit organizations to invest in and develop mobile apps. Because mobile apps are essentially just a specific type of software, app development presents many of the same challenges involved in a traditional software development project. However, there are some pronounced and unique intellectual property, ownership, privacy, data security, and advertising considerations that every nonprofit should keep in mind when developing a mobile app.

Intellectual Property Considerations

Intellectual property considerations encompass a large and extremely important aspect of building an app. Generally, apps may contain trademark rights with respect to identifying the app, related services, or the nonprofit; copyrightable content, including the code used to build the app; trade secret rights with respect to the functionality and development of the app; and, in some circumstances, an app may even contain patentable subject matter. Retaining these rights in an app may require further action to ensure that the various parts of the app are properly protected.

Work-for-Hire Arrangements

In order to assert any intellectual property rights in an app in the first place, a nonprofit should ensure that any contractors or third parties who assist in the development of the app (even if such development is done on a cost-free or volunteer basis by a contractor or third party) sign a work-for-hire agreement or that their contracts contain a work-for-hire provision. A "work made for hire" is a work specially ordered or commissioned [if it fits into one of nine enumerated categories]…if the parties expressly agree in a written instrument signed by them that the work shall be considered a "work made for hire." While a nonprofit may obtain intellectual property rights in an app if it is created by an employee within the scope of their employment, for greater certainty, nonprofits should consider a signed agreement by which the employee-developer assigns all intellectual property rights in the app to the employer. Generally, without a work-for-hire agreement, the developer who writes the app may have a claim of copyright (or patent) in the app.

Distribution Considerations

Once an app is built, nonprofits should consider how to disseminate the app to the target audience and to inform others that the app is available for downloading and use. Consider whether the app will be available for free or for a fee, which could create additional obligations to facilitate the payment process. Consider further which app stores and mobile platforms will provide the opportunity and the right to distribute an app. Some platform providers are more prescriptive than others, and the agreements required by app stores and platforms vary in complexity. The agreements offered by app stores and platform providers (e.g., Apple's iOS Developer Program License Agreement or Google's Google Play Developer Program Policies for Android devices) often seek to incorporate various additional usage or compliance policies that may have consequences to the development and distribution of the app. Additionally, platforms and app stores often require certain amounts of insurance for liability coverage and likely will reserve their right to change or alter their terms at any time and are therefore free to introduce additional requirements. The app must comply with such conditions at all times, as failing to do so has the potential to give rise to legal action and/or the removal of the app from the platform.

Privacy and Data Security

Privacy laws and compliance have become a primary area of concern in mobile app development and implementation. Privacy issues and regulations generally revolve around the following issues:

  • The kind of personal information being collected;
  • The type of collection;
  • The subject of the collection, and whether such subject is under the age of 13;
  • The need for and ability to comply with an opt-in or opt-out mechanism;
  • The country of origin or residency of end users;
  • The freedoms or restrictions on use of the collected data; and
  • The requirement to provide notice and a summary of data collection and use practices.

While all personal information must be protected to some degree, the collection of protected health information (PHI) and financial and credit card information (PCI) is uniquely regulated, as is collecting information from children under the age of 13 or even under the age of 18 (or other legal age of majority). Additionally, unlike traditional software applications, mobile apps may collect technical information, such as IP addresses, geo-location, and other transaction data that may be considered personal information and subject to privacy and other regulations which may vary by state and country and are constantly evolving. Some state laws specifically require the posting of a privacy policy within the mobile app if any type of personal or credit card information is collected via download or operation of the app. Privacy policies can be monitored by governmental agencies and third parties for accuracy. Non-compliance or inaccuracy can be considered a deceptive trade practice that can lead to fines and other consequences from the Federal Trade Commission and/or state Attorneys General.

Advertising Considerations

Marketing or selling an app subjects a nonprofit to additional laws and regulations governing advertising. Certain solicitation efforts may require additional compliance with laws governing outreach or communication with end users. Contests and sweepstakes offered through an app likewise require additional compliance. Potential advertising issues require particular consideration when building the functionality of a mobile app.

For example, all communications sent through or in connection with a mobile app can require additional compliance actions with the Telephone Consumer Protection Act and related Federal Communications Commission rules. The Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM) rules regulate certain commercial email and text message communications to consumers. Additionally, many state laws exist that regulate commercial text messages. The Federal Trade Commission's Truth-in-Advertising laws additionally require that all information about the app be truthful and complete, and that any objective statements about the app be backed with evidence. Other state-specific laws, and the laws of foreign countries, can apply.

Overall, app development can bring great opportunity, visibility, and income to a nonprofit organization. Nonprofits, however, should consider the significant issues associated with development, marketing, licensing, and distribution of an app in order to avoid potential liability risks.