Bring your own IP?
→ Michael Woller
The commercial use of private apps and the licensing implications of remote software access are hot topics for businesses.
Business use of privately purchased apps
Apps on private devices
BYOD of course requires use of private-owned equipment for business purposes. Thus, employees may also tend to use apps installed on their own devices for business purposes. Apart from the IT security issues which the use of apps not pre-approved by the IT department raises, businesses also need to also consider the licensing implications of this situation.
Applicable license terms
Legitimate use of apps is always based on license agreements needed to be concluded between the apps’ sellers (eg the developers who offered the app in an app store) and the users purchasing the apps. If the app is not sold under individual license terms provided by the seller, the standard licensing terms of the app shop operators may apply. If the applicable licensing terms contain restrictions on the app’s commercial use, these apps may not be used for business purpose. This needs to be considered when facilitating or allowing BYOD within a company’s IT infrastructure.
Commercial use of private apps not covered by Apple’s T&Cs
Let’s take Apple’s terms and conditions as an example: These foresee for apps purchased by a commercial enterprise that such apps may be used by one of the purchaser’s employees on a device “owned or controlled” by the employer (without indicating a restriction on commercial use). On the other hand, Apple’s terms and conditions also read: “If you are an individual acting in your personal capacity, you may download and sync an App Store Product for personal, noncommercial use on any iOS Device you own or control.”
Hence, while a company could purchase and employees could use apps on company owned or company controlled devices, a privately purchased app is restricted to non-commercial use. Employers therefore run the risk of encouraging employees to a breach of license by their employees.
BYOD policy and “controlling” private devices
Employers are therefore well advised to address the use of privately purchased apps in a BYOD policy clarifying that employees shall ensure that they are using only those apps in business which allow for commercial use. Further, in IT environments in which BYOD is a key factor, employers may consider purchasing apps to be used on employees’ private devices (with respect to the Apple app store, this can be done via a separate app store account owned by the company). However – again using the Apple app store terms and conditions as an example – as use of company owned apps is only allowed on devices owned or controlled by the company, the employer would need to ensure that they have sufficient “control” over employees’ private devices (on the one hand, this needs to be addressed in a BYOD policy, on the other it needs to be implemented in the corporate IT environment).
Access licensed software via VDI or remote access to client PCs
Accessing company resources via private devices
Under BYOD, employees also bring their own devices to work to access the company network, or they can access the network remotely with their devices. This non-device bound, ubiquitous access to the enterprise work environment may boost employees’ efficiency and availability.
Remote access via various devices may trigger additional license charges
Businesses need to consider whether their software licensing contracts for products being accessed remotely are compatible with such use of private devices. Various standard software license agreements foresee client-based licensing, meaning that licenses will need to be paid for every device that can access the licensed products. Depending on the respective license terms laid down in the agreements, this generally applies to all devices accessing the licensed software via virtual desktop infrastructure (VDI) or even remote access solutions to client PCs. Of course, this not only concerns corporate workstations, smartphones or tablets, but also employees’ privately owned devices used for business purposes. Thus, in remote access and VDI environments, the use of several devices per user may trigger (additional) license charges.
Review of license contracts advisable
Businesses allowing remote access to certain systems are well advised to review their existing software licensing contracts in view of the current trend to BYOD and multi-device use they are facing, in order to ensure that their infrastructure is still compliant with the current licensing environment.