Canada: Going Mobile: Seven Key Considerations For Acquiring Mobile App Assets

As more industries look to capitalize on mobile platforms, and as smartphones and tablets increasingly become the "first screen" for customers, mobile apps will continue to play an integral role in connecting businesses with their customers, whether through the marketing of products and services, facilitating transactions and communications or enhancing customer engagement. To get a sense of the popularity of the mobile channel, according to App Annie's 2016 Retrospective (a business intelligence company and analyst firm), total time spent in apps increased by over 150-billion hours in 2016 on a worldwide basis, and worldwide app downloads reached over 90 billion in 2016, with Canada ranking in the top 10 for iOS app downloads.

Where a buyer is acquiring a business to which a mobile app is critical, the buyer should avoid simply lumping the mobile app asset in with other intellectual property (IP) assets. Instead, there are a number of issues and considerations specific to mobile apps and their related functionality that a buyer will not want to lose sight of. This article looks at those issues and considerations in more detail.

First, the Basics: What Are You Buying?

Essentially, a mobile app is software that operates on a mobile device, such as a smartphone or tablet, and more specifically, on a mobile operating system (i.e., Apple's iOS, Google's Android, Microsoft's Windows 10 Mobile, BlackBerry^® 10 OS, etc.). However, a buyer should not overlook other assets beyond IP that are essential to the operation of the app, such as historical customer data and related data analysis and modelling, licence agreements with the mobile app distribution platform (i.e., the App Store), any app development agreements where app development was outsourced, licensing agreements that power app features, arrangements with advertisers and other contracts that may support in-app reward programs and marketplaces (i.e., payment application). Understanding how the app works and interacts with the mobile app ecosystem will inform what app-related assets should be in-scope for the purposes of the transaction.

Unless the back-end servers on which data collected or otherwise used by the app are included in the deal, the buyer will need to transfer the related data to its own platform or to a third-party platform. If this data transfer cannot be done at the same time as closing, then the buyer will require some form of transition support from the seller until alternate arrangements are implemented.

Further, as part of the buyer's overall due diligence, the buyer should understand generally how the app has evolved and been updated over time to address historical bugs, security vulnerabilities or other problems. The buyer should also review the app's end user licence agreement and the applicable store listing pages, including the customer reviews, to understand any unique terms or potential limitations in the app's performance.

The App Store: How Is the App Distributed (or Intended to Be Distributed)?

The app's value is often tied to its distribution or projected distribution. The buyer will want to ensure that the app has been designed and maintained and is, or can be distributed in compliance with the applicable guidelines and terms for the mobile app distribution platform (i.e., Apple's App Store, Google Play, Microsoft's Windows Store, BlackBerry^® World", etc.). These guidelines and terms are typically onerous and non-negotiable, but they must be complied with in order to distribute the app. Mobile app distribution platforms generally reserve the right to terminate the app distribution agreement with any app developer (which would then prevent any further distribution of the app on the mobile app distribution platform) where there is a breach of terms. It may be appropriate for the buyer to seek certain representations and warranties from the seller to confirm that the app is, or can be distributed in compliance with all applicable third-party terms and conditions, as non-compliance could diminish the app's value and potentially lead to fines, penalties or other damages.

IP 101: Who Owns the Mobile App?

It will obviously be critical to ensure that the target actually owns the app, including all intellectual property with respect to the app's source code, algorithms and design. As with any other IP asset, anyone involved in developing the app would have ideally signed an appropriate assignment agreement to ensure that the seller owns all the intellectual property in the app, as well as a confidentiality agreement to protect the confidentiality of the source code. Furthermore, any individual involved in the app development would have ideally also waived their moral rights under copyright law. If the mobile asset was developed by a start-up or early stage company, there might be a greater risk that these protections have not been properly documented. If that is the case, then there is a risk, post-closing, of another party claiming ownership and seeking royalties or even attempting to shut down the app.

The app's source code should be examined to determine whether it includes any open source code, and in particular whether it includes any "copyleft" code that may have a viral effect of making the entire app subject to a copyleft licence that requires public disclosure of the app's source code (which effectively negates the app's proprietary nature), and/or distribution of the app on a royalty-free basis.

A buyer will also want to identify any actual or possible claims that the app (or use of the app) infringes any intellectual property rights of any person. While litigation searches and searches of registered intellectual property can be undertaken as part of a buyer's due diligence, there are limits to how useful and complete these searches are. To the extent that a buyer may consider distributing the app in any jurisdiction(s) where the app is currently not being distributed, the buyer should investigate whether there are other competing apps or other apps with similar names or designs that are already being distributed in such other jurisdiction(s), which may lead to intellectual property infringement claims either by or against the buyer. Furthermore, an intellectual property infringement claim may be grounds for the mobile app distribution platform to remove the app from the distribution platform and/or from devices on which it has been installed.

Data Safety First: Are the App and Data Secure?

Data security is top of mind for all M&A practitioners these days, especially with recent headlines of potentially serious transaction risks and purchase price reductions arising from a data breach. Mobile apps raise important data security considerations, as a security breach or any unauthorized disclosure could lead to widespread user dissatisfaction with the app, as well as potential litigation exposure based on the nature and volume of the data typically collected by the app.

It is important to understand the nature of the data collected, used, and transmitted by the app, where such data is stored (and where it is not stored), whether on the mobile device, in a private cloud, and/or in a public cloud and how such data is secured. A buyer will want to confirm who has access to such data, how such access is restricted, how such data is transmitted and how such transmission is encrypted and secured. Any known security breaches should be identified and examined to determine how such security breach occurred and the likelihood of recurrence of the same or a substantially similar breach.

Privacy Matters: Does the App Comply with Applicable Privacy Laws?

As noted above, mobile apps often collect vast amounts of data, including personal information. The federal privacy commissioner and the privacy commissioners of Alberta and British Columbia have identified good privacy practices for app developers. In a joint publication, the privacy regulators recognize certain unique characteristics of the mobile environment that can present challenges in respect of the proper collection, use and disclosure of personal information and noted there have been reports of unauthorized access to customer information (including contact lists and photos).

A buyer should conduct appropriate due diligence to confirm how the privacy policy is disclosed to app users, that appropriate consents are obtained in respect of notifications and that the collection of personal information does not include non-essential information.

Local vs. International: Where is the App Used?

If the app can be downloaded and used internationally, or if the buyer intends to distribute the app in other jurisdictions, a buyer should consider how such distribution is or will be tailored to foreign markets (i.e., translation of user guides/screenshots, local customer support/resources, etc.). A buyer should also consider what regulatory framework, if any, applies or could apply to the app or the services provided through the app. As a first step, a buyer may want to consider compliance with foreign privacy laws to the extent the app can be used outside of Canada and is used to collect personal information.

If it is determined that there is any regulatory or other risk involved in making the app available outside of Canada, an app developer can choose to implement technical controls to ensure that the app cannot be downloaded or used in specific jurisdictions (including by setting appropriate restrictions in the applicable mobile app distribution platform, if available).

Don't Forget the People: What Will Happen to the App's Owners and/or Developers After Closing?

The app's owners and/or developers likely have considerable knowledge about the app, its users and the business. Where the continued engagement of such individuals is essential to the continued operation and development of the app and/or business, it is important to ensure that the deal is structured in such a way so that there is sufficient incentive for these individuals to continue their engagement. Traditional financial incentives are effective, but a buyer should also carefully consider how these individuals can be integrated into the buyer's business.

We expect that the trend towards mobile is only going to intensify and companies will continue to embrace and move towards more app-centric strategies to grow their customer base and build customer engagement. Accordingly, mobile app assets should be treated thoughtfully as part of any acquisition so that a buyer does not ultimately end up with a key customer engagement channel that is "broken" or materially deficient.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.