Distribution Agreements - Part 2: Apps and their legal challenges

More and more software is used on mobile devices, almost all applications used do offer additional apps to be installed on a phone or other mobile device. These programs, also known as apps, can be easily downloaded and installed from the respective App Store of some major providers. After I gave an overview of the distribution models in the first part of our series, this second part is about the special form of distribution via an App Store.

An app provider (who maybe obtains the software from a developer or exercises the distribution rights) does not make direct contact with the customer or user, but rather this contact takes place via another provider such as the App Store (Apple) or Play Store (Google). It is often not clear for the customer or user with whom he actually concludes or has a contract, e.g. a license agreement or a subscription agreement.

App Store: intermediary or authorized dealer?

When downloading via the App Store or Play Store, the question arises as to whether the provider/ operator of the store is distributor or sales representative as defined by the common concepts of distribution law. The stores and their suppliers often leave this question unanswered or use general terms and conditions that have their roots in the Anglo-American legal system which has a different approach.

If you take a closer look at the typical terms of use, it from a German law perspective there is not an easy answer what type of contract is concluded. The terms and conditions may result in a “rental agreement” pursuant to German law since there is no mention of a perpetual license, but rather of a timely-limited usage right and there is no right to transfer or assign the license, neither according to the terms and conditions nor technically, since a transfer to another device is rather not possible.

Pursuant to German law general terms and conditions are not effectively incorporated in an agreement (in any kind of agreement!) if they can only be accessed of after the actual purchase has already been concluded. Even the payment process is often upstream. In this respect, it needs to be considered that the respective agreement is concluded with the app provider via the operator of the store. The question is then, however, what content and thus also what contractual character these terms of use may have.

With such deficiencies in terms of transparency, up to the question of who is actually the contracting party of the end (probably the operator of the Store), what the user is allowed to do, etc., the terms and conditions do not meet the German requirements for effective information, enforceable and valid contractual clauses.

Dominant market position

Finally, the problem of antitrust law should also be mentioned. In the case of the contractual terms imposed by the store providers one can claim "the abuse of a dominant position by imposing unreasonable contractual terms and conditions".

This is exactly what the game manufacturer Epic Games has done. The provider of the popular computer game Fortnite has filed a lawsuit against Apple because it can enforce a commission of 30 percent in its App Store due to its market power. Apple must now actually change its App Store rules. According to the ruling of a California court, the corporation must now allow developers to offer their users alternatives to Apple's payment mechanism in the App Store. If users pay on the app providers' websites themselves, apps can be offered more cheaply and manufacturers can earn more. The outcome of the case is open; both Apple and Epic have appealed. Google also responded to growing criticism of its market power by lowering the levy for subscriptions made through the Play Store.

Data protection

The impact if an app is not compliant with data protection laws should not be underestimated. This is generally due to the fact that the provider (not only the operator of the store) also takes over the data generated during the download. In addition, there is also the possibility of various non-contractual partners gaining access to the device via the app, for example to appointment calendars, address directories, and the like.

Non-compliance with data protection law gets really problematic in the case of special types of data, especially health data. The lack of clarity as to with whom exactly what type of contract is actually being concluded continues with the invalidity of consent declarations under data protection law (due to lack of transparency, among other things). Therefore, the special features of health data protection should already be taken into account from the developer side, so that the necessary features and parameters are available, for example, for authorization assignments. To this end, providers would have to establish appropriate specifications. In addition to technical measures for security, consideration should also be given to obtaining effective consent for data collection and processing.

Cross-border constellations

Apps often involve cross-border contractual constellations, as the target group largely consists of consumers from different countries. This raises the question of jurisdiction and choice of law.

With regard to the contractual relationships between app developer, store operator and user within the scope of the European Union, the Rome I Regulation must be applied. It must first be examined whether exceptions to the free choice of applicable law apply. Mandatory national provisions that conflict with the free choice of law usually do not apply to app contracts, since consumer-protection provisions of private law are not considered to be such mandatory provisions.

However, consumer protection must not be de facto thwarted by the deviating choice of law and the consumer's legal position thereby curtailed. Since the German consumer protection regulations are among the most far-reaching in an international comparison, this will probably lead in practice - against the backdrop of the favorability principle to be applied here - to the German consumer protection regulations (such as revocation rights, regulations on distance selling, regulations on electronic commerce) being observed, provided that the app provider has also geared its activities to the German market.

In factual situations with reference points outside the EU, the following applies against the background of the regulations of the Lugano Convention (this concerns the relationship between EU member states and Switzerland, Norway and Iceland): the (German) consumer protection regulations may not be circumvented.

Incidentally, German law also applies directly to telemedia service providers established in Germany if the telemedia are offered or provided on a businesslike basis in another EU member state. This is stated in the German Telemedia Act (TMG).

Regulate rights and obligations

Especially when selling via app stores, very complex questions arise for the software provider. Therefore, before deciding to distribute via an app store, providers should clarify which constellation best accommodates the distribution of their software and which risks they are willing to bear. We advise providers and sales partners of software products on the drafting of contracts and help them to identify and contractually regulate the relevant issues.

Michaela Witzel, LL.M. (Fordham University School of Law), Certified Expert for IT Law