Infrastructure // PC & Servers
News
3/10/2010
05:08 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

GDC: iPhone Developers Face Hidden Risks

Most iPhone developers don't fully understand the regulatory compliance challenges that accompany app distribution.

Apple's iPhone Developer Program License Agreement, the contract that the company requires iPhone developers to accept, came under fire this week when the Electronic Frontier Foundation, a cyber rights advocacy group, posted a critique of the document.

The EFF characterizes the Agreement as "a very one-sided contract" and Apple as "a jealous and arbitrary feudal lord" intent on protecting itself from competition. With the upcoming release of the iPad and an imminent U.S. Copyright Office ruling on the legality of "jail-breaking," the organization is urging developers to demand better terms and Apple customers to support those demands.

While Apple's contract does contain some unusual and arguably unnecessary restrictions -- like prohibiting developers from discussing the terms of the Agreement -- one-sided contracts aren't unusual. Even the EFF concedes as much.

Apple's power to set the terms under which developers and consumer are able to use its software and hardware is a function of demand -- if the majority of developers or customers were unhappy, they could abandon the iPhone ecosystem for something better. The fact that they don't suggests the alternatives are wanting.

Yet the contractual terms under which iPhone developers have to operate may be noteworthy more for the risk they represent to developers than for their abrogation of free speech rights.

At the Game Developers Conference in San Francisco, Vernon Law Group attorney Mark Methenitis discussed the iPhone Developer License Agreement, the Registered iPhone Developer Agreement, and several related legal documents that iPhone developers have all accepted but few have read.

Based on a show of hands in the audience of developers, Methenitis estimated that perhaps 5% of those present claimed to have read the Apple contracts to which they've agreed.

Echoing the EFF, Methenitis acknowledged that the contracts are one-sided, but he also said they're probably legal because "they aren't outside the realm of being reasonable."

As an example of the asymmetrical nature of the agreements, he noted that while Apple asserts that information it provides to developers is confidential, it also declares that information developers provide to Apple is not confidential.

"It's good to be king," he said.

While living as Apple's subject in the magic iPhone kingdom may be appealing to developers because of the access to potential customers, it also places a burden on developers they may not fully appreciate. Amid the confusing legal jargon are clauses that state developers bear the burden of compliance with applicable U.S. laws and, if their apps are distributed outside the U.S., international laws.

This means, Methenitis said, that an iPhone app with a health component might be subject to FDA regulation as a medical device or that an app that collects customer information might be subject to European Union privacy laws. Such laws do get enforced, as can be seen from the recent conviction of three Google executives for privacy law violations in Italy.

Even more troublesome is the fact that most apps that use encryption are subject to U.S. export controls. So if your app creates an SSL connection, for example, it would be subject to export control laws, according to Methenitis.

While it might appear to be easy enough to avoid distributing one's app in countries like Cuba, Iran, and North Korea, there are also various lists of people, such as the Specially Designated Nationals List, to whom export controlled apps must not be distributed.

Methenitis stressed that these are not laws to be ignored. Export control law violations, if prosecuted, can result in fines of around $10,000 and/or as much as five years in prison per violation, he said. That's per download.

Another potential problem: The terms of the agreements require developers to indemnify Apple, Methenitis said. That means that if Apple gets sued over a developer's app, the developer must pay for Apple's legal defense. You have to sell a lot of apps to afford the hourly rates of Apple's lawyers.

Admittedly, most developers won't find themselves in such situations, but it's nonetheless worth being aware of the potential risks.

"On a certain level, if you want to publish with Apple, you're at their mercy," said Methenitis.

Comment  | 
Print  | 
More Insights
Server Market Splitsville
Server Market Splitsville
Just because the server market's in the doldrums doesn't mean innovation has ceased. Far from it -- server technology is enjoying the biggest renaissance since the dawn of x86 systems. But the primary driver is now service providers, not enterprises.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.