Welcome

Return Home
Keep up to date with my latest tweets
Picture Gallery
Symbian and smartphone news
Visitor Information
About Me

7th
SEP

Legal Aspects of Augmented Reality Development

Posted by augmentedplanet under Augmented Reality, General

Previous Post:   Next Post:

Very few developers I meet know anything about marketing their applications to generate sales or raise overall awareness, even less know anything about the legal aspects of software development. To find out if there are any special considerations that relate to the development of augmented reality applications, we contacted Pillsbury Law to get an insight into legal issues around virtual world & video games.

No mater what kind of software you develop, close your IDE, product mangers grab a cup of coffee; settle back and have a read of our exclusive Q&A with Pillsbury Virtual World & Video Game attorneys Sean F. Kane and John L. Nicholson. It could save you thousands in litigation costs.

Augmented Planet: Firstly, tell us about virtualworldlaw.com and how you help developers stay out of trouble.

Sean Kane:  Pillsbury was the first major law firm to establish a practice dedicated to virtual worlds, video games and social media (www.pillsburylaw.com/virtualworlds).  Augmented reality (AR) is a sector we follow closely.  We have about 30 or so attorneys in our Virtual Worlds and Video Games team who work with developers and other clients to ensure that they are complying with a whole host of cutting-edge legal issues.  We do this by engaging with clients at an early stage and are typically involved in providing advice on business model and technology design issues for a given service or application.  This lets us fully understand a client’s needs and vision for the application, and counsel them on necessary or problematic design elements – before significant time and financial resources are spent on programming and development.

We also routinely attend and participate in many industry events and legal conferences to stay ahead of emerging issues and technologies.

Our team started the Virtual World Law Blog (www.virtualworldlaw.com) to present daily analysis of rapidly evolving business, legal and regulatory issues associated with AR, virtual worlds, goods and currency, and other social media issues.

AP: From my experience, developers generally don’t worry about the legal aspects of the application.  They build it; release it, and then sit back waiting for Apple or Google to send the cheques.  Do developers really need to worry about the legalities of releasing software or is this just a lot of fuss over nothing?

Sean Kane:  Developers must absolutely be aware of and consider legal aspects prior to releasing an application.  Generally, all software is subject to some form of Intellectual Property (“IP”) protection (i.e. copyright, patent, trademark, trade secret).  There are statutory damages available if one developer infringes on another’s rights.  Damages can range from several hundred dollars to several hundred thousand dollars per occurrence of infringement.  We have seen numerous cases where even unknowing infringement was punishable with serious consequences.

So, burying one’s head in the proverbial sand is not sufficient protection.  The same goes for complying with applicable laws concerning things like privacy, virtual goods transactions, handling currency and other mechanisms.  This is an important point, because when you look at the industry, the traditional boundaries between what was a “game,” a “social media” platform or handheld app are all blurring.

The more features developers aim for across these categories, the more they need to appreciate and address significant regulatory issues.

John Nicholson:  In addition to the IP issues, we frequently see new companies try to take shortcuts by copying someone else’s privacy notice and terms of service (TOS).  Not only is this potentially copyright infringement, but a developer who merely cut-and-paste’s someone else’s TOS – which itself may have been blindly copied from another source – runs the risk of the TOS being deeply flawed and not relevant to their objectives and business model.  This presents serious business problems.

As a developer, your privacy notice and TOS reflect operational aspects of your business – how you plan to make money, protect your users and manage risks.  You may have made choices about how your applications and company will operate that are vastly different from TOS text that is widely copied.  If you are careless with your TOS design, you run the risk of actually violating your own TOS, privacy, and other rules.

Developers must avoid this pitfall, as it is a scenario likely to draw attention from government regulators such as the Federal Trade Commission (FTC) here in the U.S.

AP: If I am developing applications for a hobby or I’m a small company, isn’t worrying about legal aspects just overkill?

Sean Kane:  If you are developing applications merely for your own non-commercial use you may have a “fair use” defence available, but it is still necessary to understand the controlling legalities.  Moreover, if you are seeking to monetize an application being a “small company” is not a defence to legal liability.  What would be a better option is to retain counsel that are knowledgeable about augmented reality since a limited budget will go a longer way with attorneys that don’t need to be first trained about what you are developing.

AP: What if a developer thinks “Yeah, but, the chances of me being caught are low, right?  And even if anyone does have objections they’ll only go after big companies who can afford to pay.”

Sean Kane:  Not necessarily, part of any serious intellectual property protection scheme is to monitor any and all potential infringements.  This can be done by the IP owner itself, its attorneys or contracted-out to third parties.  Given the sophisticated technology currently available, monitoring is not a difficult endeavour.  Moreover, IP holders sometimes have little latitude to ignore one infringement, and prosecute another.  An IP owner’s failure to take certain action can result in a loss of the right to seek relief against a future (and potentially larger) infringer.  This is a major component of good IP portfolio management.

Additionally, start-ups should be aware that companies may specifically target smaller developers for infringement claims, believing that they lack sufficient litigation budgets, as a means to quickly obtain favourable decisions which can potentially also be used against larger infringers.

Outside of IP, your question is also typical of the mindset developers everywhere often have toward regulatory issues their applications touch.  Regulatory counselling is a burgeoning area of our practice, because different governments are responding to the rise of virtual currencies, for example, in different ways.  Advance knowledge and compliance when it comes to these regulations is critical for both developers, and those who may acquire and integrate their technology later on.

AP: When I use my car’s GPS the first thing that comes up when the application loads is a disclaimer telling me not to use the application while driving.  If I am using the latest augmented reality mobile application while walking and have an accident, is there any potential liability for the developer?

Sean Kane:  As with anything today, there is always the potential that someone will bring an action for damages.  You can see warning labels on almost every consumer product available, some advising against quite ridiculous and unexpected uses of the product.  Many of these labels are meant to prevent product liability lawsuits.  Given that there are attorneys making their careers suing companies over damages allegedly resulting from product’s design flaws, potential liability goes with the territory of every product.

Developers would do well to ask “What is the likelihood of some damage or injury resulting from the use of my application?”  If the application cannot be feasibly redesigned to avoid potential damage, use of a disclaimer should be considered.

AP: Does augmented reality pose a greater liability over other mobile applications?  For example, I don’t need to be told not to e-mail while walking – so why would an augmented reality application be any different?  Or, does highly immersive AR, for example, provoke new questions?

Sean Kane:  It really depends on the nature of the augmented reality application.  If the application’s purpose is for it to be used while a person is moving around a city full of traffic and other hazards, then a developer may take on a higher degree of responsibility compared to an application meant to be used stationary at one’s home.

The inherent danger of the application’s use will vary by its purpose and design, and users do not always apply good judgment.  Driving and texting, for example, is seen as a growing road hazard despite a host of awareness campaigns and new laws.  Developers should always consider what alternative uses a person might put their application through that differs from its intended use.

AP: “Ambush marketing” made headlines around the recent World Cup games.  Several young ladies were thrown out of a game for advertising Bavaria beer.  A developer later created an augmented reality layer that put the ladies back in the stadium.  The layer disappeared very quickly, so one can only assume that FIFA and all its might demanded it be removed.  Who therefore owns the cyberspace around public venues and how is it realistically possible to enforce it?

Sean Kane:  This would really depend on the jurisdiction where the use occurred, as IP protections can differ greatly.  Since the augmented reality use you describe is built upon an image of the stadium, you initially must identify who holds the copyright in the stadium image used.  It may be FIFA or it may belong to a third party that shot the footage.  In the United States, for example, buildings themselves were not traditionally afforded copyright protections.  However, approximately 20 years ago the Copyright Act was amended to allow for protection of certain aspects of buildings under some circumstances.

Other building designs or elements have been filed as trademarks and protection may flow from such registration.  Just because an owner allows for the public to enter a facility does not mean that there is no protection available for the building.

With sporting venues, it may also come to a contractual issue.  In the U.S., for example, the fine print on some admission tickets essentially gives bearers a “license,” in effect, to attend and do certain things, but not others.  Technologies like AR could prompt changes in these ticket terms, because while teams and venues may not object to spectators taking still photographs, for example, that might not be the case with “broadcasting” real-time game shots via their mobiles, or otherwise incorporating the event into a product or service.

AP: My application uses a marker to present content to my users, are markers copyright free?

Sean Kane:  Markers could be copyright protected, as can any other image or work of advertising.  Once a marker is embodied in a “tangible form,” which can include digital or printed form, it may be subject to protection, provided it meets the legal requirements for copyright.  Two important legal factors to use in considering a marker’s level of protection are its “originality” and whether its nature is merely “functional.”

AP: Not that I deliberately set out to copy others, but when I build an augmented reality browser, it’s pretty difficult not to copy how others have implemented their user interface.  There is only so much screen real estate to use.  Are there any issues I should be aware of?

Sean Kane: It may be possible under copyright law for two independently created works to be separately protectable even if they are virtually identical.  Moreover, under the “Scenes a Faire” doctrine, there may be elements of a user interface that are so intrinsically necessary, that the scope of copyright protection available may be limited.

Copyright law protects the actual expression of an idea, but not the idea itself.  Coincidentally having some of the same elements as another application is not, on its face, an automatic infringement.  That said, if the totality of the look and feel of two applications is substantially similar it is likely that liability will be found, unless one party can demonstrate its work is not at all based on the other work.

Under patent law, knowledge or willfulness is not a necessary element for a finding of infringement.  Therefore, it is necessary to strive for all of the work to be original and not merely a derivation of protectable elements from an earlier application.

AP: Are there any legal aspects I should be aware of when building geolocation applications? Specifically, I am thinking about the location data I may hold about where users go.

John Nicholson:  This is one of those questions that just doesn’t have a quick answer.  Collecting, storing, processing and sharing personal information about your users, including their whereabouts, can be a minefield, and, ideally, it’s something you should talk with an AR or game-savvy lawyer about as you’re designing the application.

The U.S., Canada, Mexico and Europe, for example, have all taken different approaches to the legal protection of personal information.  The U.S. has the most business-friendly, laissez-faire approach, which regulates information where there is a likelihood of harm associated with it – financial, medical and information about children under the age of 13.  Other kinds of information are treated as being covered by the “contract” between the user and the collector embodied in the privacy notice – so we’re back to talking about the importance of a solid TOS.

Geolocation is an emerging category, where businesses, consumers – society, really – are trying to get a comfort level on privacy.  As usual, “the devil is in the details.”  Depending on how you collect and share it, location data might raise concerns about children’s safety, if predators or non-custodial parents have the means to follow children.  Location data might also disclose sensitive medical information about the user, if they visit specific clinics or offices.

AP: Do you see AR or other developers making common privacy mistakes in this area?

John Nicholson:  Yes.  A common problem occurs when developers either simply don’t do what they say in the privacy notice, or they suddenly decide to make a radical change in what they do with personal information and try to change their privacy practices.  We all saw this in the uproar over Facebook’s changes to its privacy practices, for example.

Properly configured, AR can achieve what is considered to be the ideal best practice in privacy management – the concept of “real-time notice and consent.”  For example, if a user has subscribed to a geolocation sharing application/service, the user could select options for informing other members of their location: notify all automatically (default open), notify only friends, notify specific individuals, request permission to notify when an registered individual comes within a certain range, do not notify (default closed), but if that user is a child under 13, you may need parental consent for anything other than the default closed option.

Similarly, on the marketing front, AR-powered advertising could provide real-time privacy notice and selections for users, but you might want to be careful about dropping ads to someone visiting a hospital or clinic.  Finally, even if you don’t share location data or serve up location-specific ads, you probably need to think ahead about what you will do if law enforcement in your country approaches you to request location data they believe you may have on a specific user or users.

AP: So are you saying that there may be different rules about the collection and use of personal information depending on where the service is being used?

John Nicholson:  Absolutely.  And if you plan to host your service in one location – like California – and you have users in the EU, then you may be “exporting” personal information you collect from the EU to the US, simply by virtue of your IT architecture.  This requires jumping through some legal and operational hoops – something start-up developers may not anticipate.  It’s not impossible, just something you need to pay attention to and deal with appropriately.

AP: Back to managing privacy within AR worlds – how are developers supposed to know that a user is under the age of 13?

John Nicholson:  That’s always tricky.  Many websites and applications actually ask – for example, you might develop an AR product that does special things on someone’s birthday.  You might also ask the user’s age so that you can serve up age-appropriate ads – think content triggered by walking past a toy store, for example, versus bars or other adult-oriented businesses.

If you hold information about a child’s age, it’s pretty easy to say that you need to comply with the Children’s Online Privacy Protection Act, or COPPA, in the U.S.  But it is not that simple.  You might also be developing AR products that are tailored to children – think of animated characters, images like rainbows, and so on – that a reasonable person would consider “targeted” at children under 13.  In this case, affected developers would probably have to comply with COPPA, as well.

What makes COPPA in the U.S. market challenging for AR and other developers is that they must first obtain parental consent to collect and use certain information about children under 13, and also give parents a way to see the their children’s information and a means to revoke the consent.

These legal requirements all have software programming and business implications developers need to consider early at the design stage – it is much harder and far more expensive to re-engineer for them after launch.  Right now, the FTC enforces COPPA in the U.S. and failure to comply can result in fines of $1,000 per instance.  So while COPPA can be challenging to comply with, it’s just another thing certain developers need to anticipate and deal with appropriately.

___________________________________________________________________________

As you can see, there are a lot of legal issues to consider with some scary consequences. In the long term it never pays to assume that you are complying with the law and ignorance is most definitely not bliss, especially if your software is released in oversea markets. If in any doubt you should always take legal advice from a recognised source.

Thanks to Sean Kane and John Nicholson from Pillsbury Law for taking the time out to talk to us and answer our questions, and to Tom Resau for setting up the interview.

Mr. Kane is a member of the firm’s Intellectual Property practice and a member of the Virtual Worlds & Video Games team. Mr. Kane has represented clients on transactional matters involving various entertainment, communications and consumer products business segments, such as video games, virtual worlds, computer software, the Internet, music publishing, records, motion picture (feature and independent films) and television production and distribution. He also has considerable experience litigating complex business disputes in federal and state courts at trial, appellate levels and in ADR forums throughout the country.

Mr. Nicholson is an attorney in Pillsbury’s Global Sourcing group. Mr. Nicholson helps clients structure, negotiate and document complex sourcing transactions.

He is also a lead member of the firm’s Privacy and Data Protection practice and an active member of the firm’s multidisciplinary Virtual Worlds and Video Games team.

You can contact them or follow the Pillsbury Law blog dedicated to virtual world and games related issues at: www.virtualworldlaw.com

Previous Post:   Next Post:

Tags: |

Leave a Reply