MediaTech Law

By MIRSKY & COMPANY, PLLC

Update: Privacy for Mobile Apps – The Limits of Transparency

In June of this year, Senator Al Franken (D. Minn.) introduced the “Location Privacy Protection Act of 2011” (S. 1223).  According to the bill summary available on Franken’s website, a 2010 investigation by the Wall Street Journal revealed that 47 of the top 101 mobile applications for Apple iPhones and Google Android phones disclose user location without consent of the user.

According to Franken’s bill summary, current law prevents disclosure of user location during telephone calls without user consent. Currently, no similar legislation protects user location when a user accesses information through a mobile web browser or mobile application. Franken claims that his bill will close loopholes in the Electronic Communications Privacy Act that allow for this distinction.

If S. 1223 passes, companies will be required to obtain permission not only to collect mobile user location information but also to share that information with third parties. Additionally, the bill seeks to put in place measures to prevent stalking through location information.

As of this writing, Franken’s bill has been assigned to the Senate Judiciary Committee and is being cosponsored by Sens. Blumenthal, Coons, Durbin, Menendez, and Sanders.

Original Post (published 9/8/2011)

When was the last time you read a license agreement after installing software or downloading an app on your smartphone? If you’re like most people, the answer is probably never.

According to some estimates, fewer than 8 percent of us actually read the entirety of those agreements, despite rising concerns about digital privacy and data collection.

Read More

Twitter API and Legal Issues for App Developers

Much has been made lately of tension between Twitter and its outside developers.  The issues stoking the fire are less legal issues than business issues brought to front-burner by two particular factors:

(1) The maturity of Twitter as a development platform, or in the words of Ryan Sarver of Twitter, “In the early days, all the clients except Twitter.com were built out by ecosystem companies, mainly because Twitter was so focused on keeping the lights on.  But we learned that in order for us to really grow, we had to start taking over that core experience.” (quoted in the NY Times, 7/17/11).

(2) A reported Federal Trade Commission inquiry into the relationship by the , which has (in some views) caused Twitter to re-think its liberal open-door policy when it came to permitting outside development on its platform.

An excellent story and accompanying podcast on this subject appeared in the NY Times last week, written by Claire Cain Miller.

Bottom line: Twitter is seeking to control the applications that control access to Twitter, meaning desktop and mobile, and leaving the field open to enterprise applications, usability applications, analysis and similar applications.

Certainly the business reasons seem pretty clear, in that Twitter seeks to control core functionality – and the development of that core functionality – of the mother ship.  Although it is not terribly surprising that that strikes some critics as cynical, see for example here (“Twitter, just be honest: ‘The only way we can figure out how to make money is same ol’ display ads and we need to own the client for that.’”)

There are legal issues here, namely the ability of the platform to restrict access to its API.  As Claire Miller and others have noted, part of the problem for Twitter is that developer expectations may have been artificially inflated.  But there is more.  The FTC hint of antitrust scrutiny may be causing Twitter some heartburn about its historical open-ness.  Some analogy from two unrelated contexts: In trademark law, the concept “use in commerce” requires confirmation of continued public use of a registered trademark every 5 years or so.  In real property law, a property owner’s failure to restrict public access to property – and thus demonstrate its private claim – can, under some circumstances, support a court’s granting a permanent public right of way.

Quoting Rob Diana from Regular Geek, “Twitter also now owns the platform as a whole and must be as reliable as a utility company.  They must provide all of the capabilities that consumers need in the clients.” (emphasis added) A danger for a “public utility” of the information superhighway is creeping expectation of the duties and obligations of public purpose: Loss of commercial freedom, permanent regulatory scrutiny and public stakeholder claims.  It may very well be that Twitter is acting much like New York’s Rockefeller Center, which closes public access to traffic one day a year as a legal “fiction” in order to continue to assert private ownership rights.

Twitter rolled out its new API TOS (“Developer Rules of the Road”) in March of this year.  Rob Diana noted at that time that the announcement may have been – or perhaps should have been – anticlimactic, in that “A basic Twitter client is a terrible idea in today’s ecosystem.”  Wrote Diana:

Unless there is major functionality outside of the existing solutions, a new client is a losing idea. There is a high barrier to entry when we already have third-party clients like Tweetdeck, Seesmic, HootSuite and PeopleBrowser. This does not include some of the other applications that focus on team or brand management. So, by saying not to develop a new client, Twitter has saved us and investors a lot of time and money.

Read More

Dropbox TOS – In Praise of Clarity

Earlier this month, Dropbox spawned a new kerfuffle in internet-land with changes to its Terms of Service (TOS).

The outrage was fast and furious.  A nice deal of blog and Tumblr and other commentary zeroed in on changes Dropbox announced to its TOS before the 4th of July holiday, and in particular how this or that provision “won’t hold up in court”.  See for example J. Daniel Sawyer’s commentary here.

Sawyer was referring to language in the TOS for cloud-server services granting ownership rights to Dropbox or other cloud services.

At least I think that’s what he was referring to, because the Dropbox TOS did not actually grant those ownership rights to Dropbox.  Dropbox’ TOS – like similar TOS for SugarSync and Box.net – granted limited use rights to enable Dropbox to actually provide the service.  Here is the offending provision:

… you grant us (and those we work with to provide the Services) worldwide, non-exclusive, royalty-free, sublicenseable rights to use, copy, distribute, prepare derivative works (such as translations or format conversions) of, perform, or publicly display that stuff to the extent we think it necessary for the Service.

To be clear, if Dropbox actually claimed ownership rights to customer files – and actually provided for the same in its TOS – there’s no particular reason such a grant “won’t hold up in court”.   There are certainly cases of unenforceable contracts – contracts that are fraudulently induced or in contravention of public policy, for example – but a fully and clearly disclosed obligation in exchange for a mutual commitment of service is enforceable.

Read More