Context: The European Union’s Digital Markets Act (DMA) will become (theoretically) enforceable on Wednesday (March 6, 2024), and the European Commission scheduled an Apple DMA compliance workshop on March 18, 2024 (February 24, 2024 games fray article). The EU Commission is already conducting preliminary investigations of Apple’s conduct (February 28, 2024 games fray article).
What’s new: The iPhone maker has just published a whitepaper (PDF) entitled Complying with the Digital Markets Act, touting Apple’s Efforts to Protect User Security and Privacy in the European Union. In that document, Apple claims that EU governments (presumably national data protection authorities) and users reached out to voice concerns over how the DMA’s requirement to allow alternative app stores may compromise user security and privacy. Apple furthermore says bad actors are already preparing to take advantage of the DMA, with a notorious software pirate already having discussed the requirements for the creation of an alternative app store with Apple.
Direct impact: The document is part of Apple’s preparations for the public debate as well as regulatory and judicial proceedings over allegations of Apple’s non-compliance. with the DMA. Above all, Apple seeks to discourage the European Commission’s Directorate-General for Competition (DG COMP) from taking enforcement action. While games fray considers large parts of Apple’s whitepaper pure FUD (fear, uncertainty and doubt) tactics, the DMA could indeed have been crafted in ways that would make such FUD baseless, but the part on alternative app stores has severe shortcomings. Other deficiencies of the app store part of the DMA make enforcement action highly unlikely to achieve the DMA’s objective of “contestable and fair digital markets” (February 19, 2024 games fray article). Buzzwords in the headline of a law are not enforceable. Only a modified DMA would be reasonably likely to result in competition in iOS app distribution (February 20, 2024 games fray article).
Wider ramifications: The DMA risks becoming the biggest embarrassment ever for the European Union’s digital policy and competition enforcement. Unless the DMA is amended, alternative app stores are unlikely to capture even 1% of the iOS app distribution market in the EU. And most of that will be due to “adult content” and other material of the kind that Apple declines to carry in its own App Store. The EU will then be ridiculed for having passed a law that primarily just enabled native iPhone porn apps. Moreover, there could indeed be problems with bad actors capitalizing on certain freedoms under the DMA, which would generate bad press for the EU. Apple is already preparing for a blame game.
Apple’s DMA defense campaign has already begun. Apple knows that its EU app rules have drawn and will draw even more criticism going forward. When even some of the world’s largest technology companies such as Microsoft (January 30, 2024 games fray article) and Meta (February 2, 2024 games fray article) say that those rules don’t make it viable for them to offer EU-based users alternative app stores, it’s clear that Apple has effectively vitiated the DMA. And the EU is already investigating at least the disablement of home-screen web apps.
While games fray wants competition in app distribution (which has proved beneficial to users of personal computers and those selling apps to them), it is key to distinguish the purely pretextual and self-serving parts of Apple’s arguments from legitimate issues. Furthermore, Apple’s shrewd exploitation of the DMA’s weaknesses does not constitute lawless behavior. If a law is not good enough, it must be fixed.
No aspect of Apple’s DMA strategy shows the thin line between pretext and legitimate concern better than the disablement of home-screen web apps:
- It is outrageous that Google (with Chrome), Microsoft (with Edge) and the Mozilla Foundation (with Firefox) are not given the opportunity to enable their browsers to take progressive web apps (PWAs), also called home-screen web apps, to a higher level.
- But it’s also true that the DMA allows every Tom, Dick and Harry to publish a browser (which on the basis of open-source code is not as expensive as if one had to develop everything from scratch), and such browsers may be less secure.
The DMA fails to clearly prevent Apple from disabling home-screen web apps (enforcement may or may not succeed, but Apple would have various arguments in its defense), and it also fails to specify who is allowed to offer an alternative browser.
Apple’s whitepaper focuses on alternative app stores, however. It contains numerous emails that users have sent to Apple CEO Tim Cook to talk about how bad an idea they think the DMA is because they don’t want there to be alternative app stores. They want everything to be under Apple’s control because they feel best protected that way. Unfortunately, Apple likes to engage in astroturfing. Apple pays lobbyists to claim to represent small and medium-sized enterprises (ACT | The App Association), though the small companies don’t pay a cent in membership dues and have no (at least no meaningful) voting rights. On Twitter one can also observe a questionable group of Apple loyalists running a coordinated campaign that may amount to astroturfing. That said, there are indeed Apple users who believe in the concept of a benign dictator and don’t understand that the answer is not to let one company control the digital economy’s access to most of the world’s richest billion or two billion people, enabling that one to simply wipe out an entire business model overnight with just one rule change.
Government agencies concerned
Apple’s whitepaper also refers to concerns expressed by government agencies from within and outside the EU over the changes to iOS that are mandated by the DMA:
“[W]e know that there are real concerns about the changes Apple is making to its platform. Since we announced DMA-related changes to iOS, Safari, and the App Store in the EU on January 25, 2024, we have heard concerns from governments—including government agencies of EU member states—and users about the risks of allowing alternative app stores and alternative payment processors on iOS, and asking how and if we plan to put safeguards in place against those risks.
“Government agencies [emphasis in original], both in the European Union and outside of it, have been quick to recognize the risks created by these new distribution options and the need for protective measures. These agencies—especially those serving essential functions such as defense, banking, and emergency services—have reached out to us about these new changes, seeking assurances that they will have the ability to prevent government employees from sideloading apps onto government-purchased iPhones.
“Several have told us that they plan to block sideloading on every device they manage. One EU government agency informed us that it had neither the funding nor the personnel to review and approve apps for its devices, and so planned to continue to rely on Apple and the App Store because it trusts us to comprehensively vet apps.
“These agencies have all recognized that sideloading—downloading apps from outside the App Store—could compromise security and put government data and devices at risk.”
For the avoidance of doubt, Apple does not mean by the pejorative term “sideloading” what Google means. On Android, it means to install an app directly from the web. Under Apple’s DMA compliance plan, it means alternative app stores. The DMA doesn’t say users must be able to install apps from the web. It says apps must be installable without needing Apple’s Core Platform Services (which in this specific context means the App Store). Apple allows installing the frontend apps of alternative app stores from the web, and then one can install other apps via those app stores. That interpretation is anticompetitive, but makes legal sense (January 26, 2024 games fray article).
One should carefully interpret Apple’s claim that it has “heard concerns from governments.” That does not mean that they all reached out proactively. There may also have been a FUD effort by Apple reaching out to government agencies (and possibly also corporate customers) that resulted in those comments.
Also, all of those government agencies presumably rely on Microsoft technologies in some ways, and it’s hard to imagine that they wouldn’t be prepared to authorize the use of a Microsoft app store for the iPhone.
Apple warns that alternative app stores enable distribution of pornography, apps that promote addictive substances, pirated material
Apple’s whitepaper talks about what Apple will do as part of notarization, and what the limits are. Apple will perform certain security checks and impose its App Tracking Transparency (ATT) policy, which raises serious competition concerns that games fray will discuss on another occasion. But Apple “won’t be able to prevent apps with content that Apple wouldn’t allow on the App Store—like apps that distribute pornography, apps that encourage consumption of tobacco or vape products, illegal drugs, or excessive amounts of alocohol, or apps that contain pirated content (or that otherwise steal ideas or intellectual property from other developers)—from becoming available on alternative app marketplaces.”
Let’s look at these items now:
- As for adult content, it’s an individual choice to consume it or not, but other computing platforms have definitely survived its availability.
- Advertising for “tobacco or vape products” is already heavily regulated in the EU (and rightly so), and at least for traditional tobacco, it should preferably be banned altogether. But that is for governments to decide. Apple distributes material that endangers human health: homeopathy. Most of the time it’s harmless, or even helpful by means of a placebo effect, but when people rely on bogus instead of evidence-based medicine, they may die as a result. Case in point, Steve Jobs himself was reportedly hesitant to undergo surgery at an earlier stage because of a certain New Age philosophy. Apple also (together with Google) blocked an update to the UK’s official COVID tracking app that would have been helpful. In light of all of that, Apple is not the best self-appointed EU commissioner for health.
- Illegal drugs are, as the adjective indicates, illegal. That’s why Apple doesn’t have to make itself the world’s policeman but should leave enforcement to governments.
- The excessive consumption of alcohol is a serious problem, but again, it’s up to governments to take measures against it.
- Pirated content and other forms of intellectual property theft are, again, illegal already. Such material has also passed Apple’s App Review repeatedly.
It’s possible that Apple will closely monitor (beyond its obligations) apps that are submitted for distribution through third-party app stores, and will at some point publish a report that alternative app stores are mostly used by bad or at least controversial actors. But that will also be due to the fact that Apple doesn’t create an opportunity for sophisticated good actors.
Even if more apps of the kind described above became available, the solution would not be remonopolization (restoring Apple’s app distribution monopoly). Government agencies might just have to become more closely involved. Unlike Apple, they won’t use all sorts of app review guidelines for commercial gain.
Notarization may give rise to controversy
It’s too early to tell because the new rules haven’t entered into force yet, but Apple’s insistence on notarization will likely raise various issues.
At minimum, its unreasonable for Apple to impose its ATT rules on apps distributed via alternative app stores: there should also be competition among different advertising systems.
It remains to be seen how quickly Apple will actually check third-party apps that are designated for distribution via alternative app stores. There is a risk of apps that are submitted for distribution on Apple’s own App Store being reviewed much more swiftly.
Requirements for alternative app stores
It is not per se unreasonable that Apple wants the operators of alternative app stores to be well-resourced and to perform certain monitoring tasks. However, the question is whether Apple will apply dual standards just in order to revoke someone’s license to operate a third-party app store. Even Apple’s own App Store has had a number of fraudulent apps, such as children’s games that mutate into illegal casino games after a while. It’s possible that Apple will use the slightest oversight by an alternative app store operator for a pretext to shut them down while actually not having done the best job it could to follow up when fraudulent apps were reported online, such as by Kosta Eleftheriou (TechCrunch article list).
Competition means innovation and an incentive to provide security and protect privacy
Even the judge who ruled against Epic Games’ antitrust claims concerning the App Store, United States District Judge Yvonne Gonzalez Rogers, noted during the 2021 Epic Games v. Apple trial that competition among app stores could also mean that they try to innovate with a view to security.
The near-term problem in the EU is that users in the EU won’t get the benefit of competitive pressure on Apple from the likes of Microsoft and Meta. Simply put, Apple’s terms and rules are designed in such a way that it doesn’t make sense to distribute apps via an alternative app store if Apple would also carry them in its own App Store. As a result, shady, controversial and even illegal stuff will be overrepresented on alternative app stores. And Apple will capitalize on that.
Apple’s concerns could be satisfactorily addressed by an amended DMA while still enabling the competition Apple seeks to avoid. For the most part, Apple’s whitepaper is just advocacy, but there is room for improvement.