Legalmatter

By: Brian J. Meli

Most, if not all high-profile consumer brands commit considerable time, energy and treasure to safeguarding their valuable trademark and copyright assets from would-be infringers. Those efforts tend to focus on rooting out domain name cybersquatters, keeping brand names and logos off of inferior knock-offs, stemming the illegal copying and distribution of copyright-protected merchandise, and shutting down the illicit websites that notoriously traffic in all of the above. But there’s a new front in the war on intellectual property, one where the threat posed by counterfeited and pirated goods has quietly become just as insidious. Far from the big-box shelves, the online auctions and the Internet landing pages that have long been the front lines of this conflict; hidden in plain sight only a few taps away, lies a large and expanding commercial ecosystem rife with infringement activity—a place that, until recently, has operated largely outside the focus of brand enforcement officials. This relatively new and dangerous frontier is the mobile app marketplace.

The nature of a new threat

In August, 2012 the Department of Justice, in cooperation with the FBI, launched a criminal investigation that led to the seizure of several Internet domains accused of selling pirated apps. The resulting 2014 criminal case United States v. Dye, charged four individuals with criminal conspiracy and with violating the U.S. Copyright Act by illegally reproducing and distributing unauthorized Android apps en masse via various alternative mobile app marketplaces. The case was the first to involve federal criminal charges for the sale of pirated mobile applications, and for many it was an eye-opener to the types of illegal activity permeating the app world.

While willful, large-scale intellectual property theft has long been a criminal offense punishable by heavy fines and even prison time, federal charges are usually reserved for the most egregious cases. So in prosecuting the Dye case, the DOJ forced many in the IP community to stand up and take notice of a threat that devoted app users had already been aware of for some time. While the Dye defendants distributed over one million pirated apps worth an estimated $700,000, it wasn’t simply the scope of their activity that captured the Justice Department’s attention, but the danger inherent to this type of infringement—a danger not just to brand owners and legitimate software developers, but to the public at large.

Unauthorized, or “rogue” apps, as they’ve come to be called, can contain viruses, malware or other types of malicious code that, when installed on a mobile device, can steal data, including contact lists, bank account numbers, medical records or potentially anything else stored on the device. That means these apps can present a threat not just to intellectual property, but to personal property as well; raising grave security and privacy concerns for the general public.

Of course unauthorized apps come in many different shades, and not all varieties carry the criminal hue. Often times otherwise legitimate third party apps will simply display logos, trademarks or other proprietary content without the owner’s permission, and in this case the wrongdoing is limited to the app developer’s failure to properly secure a license. There may or may not be a specific intent to deceive consumers, but often that is the end result. According to a recent study by the World Trademark Review, one unnamed luxury jewelry maker reported finding 53 unlicensed apps, compared to 4 official ones, in the Google Play marketplace. Some of those 53 apps were no doubt intentionally misrepresenting the brand, but others may have simply been guilty of improperly displaying the company’s trademarks.

Of course many app developers do have more nefarious intentions, often times going to great lengths to design authentic-looking copycat apps that mimic more popular offerings. Some of these phony apps are simply looking to cash in on the popularity of the originals, while others are intent on scamming the unsuspecting downloader. Popular game franchises like Candy Crush and Angry Birds have been the target of various look-a-likes scams, as has the messaging app WhatsApp. If you were to google your favorite app, along with the words “fake” and/or “unauthorized,” there’s a good chance you’ll find reports of at least one impostor roaming the app landscape. More often than not those in the know can distinguish these imitations from the authentic templates they’re designed to mimic, but less sophisticated users may nonetheless fall victim to the deception.

Some developers (the Dye defendants being the prime example) will even attempt to decrypt an app in order reverse-engineer its copyrighted software and recreate a “clone” that’s essentially indistinguishable from the genuine article, a process that implicates federal copyright law as well as trademark and unfair competition laws. In the Dye case these pirated apps were sold at significant discounts to the real things via alternative, unregulated marketplaces. But they can also find their way into more reputable quarters of the app world, like Apple’s App Store, the Windows Store and Blackberry World; platforms that, along with Google Play, are all vulnerable to screening lapses. And when pirated apps are funneled through mainstream sales channels, conditions become ripe not only for rampant copyright infringement, but for consumer confusion and widespread loss of faith in the legitimacy of the channels themselves.

That last point is an important one. While rogue apps put consumers at risk, they certainly aren’t the only ones who stand to lose from their proliferation. With the staggering amount of apps available today, the possibility for escalating confusion and ill-will among consumers being duped into downloading glitch-ridden knock-offs they presume to be the genuine article, is a serious concern. Consumer backlash and a loss of faith—not only in the brands behind the apps, but the marketplaces that facilitate the transactions—is an ever-present concern. And that’s to say nothing of the potential millions in lost revenue that these impostors can siphon from legitimate app developers.

What’s a brand to do?

Precisely because there are so many apps out there, policing the marketplaces is increasingly difficult for brands with limited resources. While the marketplaces do police themselves, and are constantly working to fine tune their internal processes to keep unauthorized apps out, brand owners cannot simply rely on Apple and Google to do the heavy lifting for them; especially brands whose value is heavily intertwined with apps, such as social media and other web-based companies.

Every business that has a mobile app presence should strive to take an active monitoring approach to protect the integrity of their brand. That doesn’t necessarily mean assigning full-time dedicated resources to it. But it does, at a minimum, mean making sure that eyes and ears are focused on the threat. In larger organizations, it also means making sure key personnel know what apps the company has available in the marketplace at any given time; and what, if any, third parties have been licensed to develop apps on its behalf, or on behalf of approved partners. 

Once an infringing or unauthorized app has been identified, the resulting enforcement actions should be swift, and incorporate a two-pronged approach that goes after the suspicious app at its source, as well as alerting the marketplace that has listed it. The cease and desist letter is among the first lines of defense against any alleged infringer, simultaneously putting them on notice to your claim and demanding they remove the offending material. But the marketplaces also have effective means of dealing with copycats, and they should be involved early in the process. Both Google and Apple have responsive policies in place to allow brand owners to easily report incidences of copyright and trademark infringement. Apple’s content dispute tool and Google’s content removal form will also put brand owners in direct contact with the developers of questionable apps, and this can prove indispensable in identifying and locating rogue developers. Last but not least, if the issue with the app in question involves copyright infringement, then the brand owner can also initiate a notice of infringement under the DMCA.

A consumer perspective

If you’re a consumer of apps, a little caution (and some common sense) can go a long way. While you should always buy apps from a known, reputable source, that’s still no guarantee that what you’re about to download is legitimate, so it’s always a good idea to take additional verification steps. Never download an app without looking into the developer who’s behind it. Most marketplaces list the developer of each app and provide a link to their site. Check to see if the developer’s name matches the app. A lot of times it won’t, because many legitimate apps are developed by third parties licensees. But in that case take a minute to do a little research on the developer. It won’t take long, and you’ll know exactly who wrote the software you’re about to download onto your device.

Don’t stop there. Take a minute to scan some of the app’s reviews to see what others have to say about it. If it’s not a legitimate app, chances are you’ll find that out fairly quickly in a review. Also browse the app’s permissions. Different marketplaces display permissions in different ways, but the reputable ones will list the programs on your device (like your webcam or your contacts) that the app will access once it’s downloaded. Beware of apps that seek permission to access personal information or files that aren’t necessary for serving its purpose. Finally, be wary of apps from free services, like Facebook or Google, that charge a fee. With some exceptions, if the service is free on the web, the app should be free also.

Appilogue

The issue of unauthorized apps isn’t going away. With revenue from app sales predicted to reach $77 billion by 2017, the problem is only going to become more pronounced. But there are tangible steps that brands and consumers alike can take to protect themselves from harm. Rogue apps will never be eradicated, just as the problem of pirated and counterfeit physical goods will never be completely solved. But with more education, better communication and enhanced cooperation between developers and app marketplaces—as well as some moderate effort on the part of consumers—it’s a problem that can be managed at acceptable levels.

The content of this blog is intended for informational purposes only. The information provided in this blog is not intended to and does not constitute legal advice, and your use of this blog does not create an attorney-client relationship between you and attorney Brian J. Meli. Under the rules of certain jurisdictions, the material included in this blog may constitute attorney advertising. Prior results do not guarantee a similar outcome. Every case is different and the results obtained in your case may be different.