Apple is opening small cracks in the iPhone’s digital fortress as part of a tougher regulatory push in Europe that aims to give consumers more choices – at the risk of creating new opportunities for hackers to steal personal and financial information stored on the devices .
The overhaul, which rolled out in the European Union last Thursday, represents the biggest changes to the iPhone’s App Store since Apple introduced the concept in 2008.
People in Europe can, among other things, download iPhone apps from stores not operated by Apple and get alternative ways to pay for in-app transactions.
European regulators hope that the changes imposed by the Digital Markets Act (DMA) will loosen the control that Big Tech’s ‘digital gatekeepers’ have gained over the products and services that consumers and businesses use as they become more dominant forces in the world. daily life.
The measures came into effect just days after EU regulators fined Apple almost €1.8 billion for thwarting competition in the music streaming market.
Apple has lashed out at the new regulations because of unnecessary security risks for iPhone users in Europe, exposing them to more scams and other malicious attacks launched from apps downloaded from outside their ecosystems and raising the specter of even more more unsavory services that sell pornography, illegal drugs and other illegal drugs. other content that the company has long banned from the App Store.
Despite efforts to maintain security safeguards while adhering to new rules in the 27-nation bloc, Apple warns that “the changes required by the DMA will inevitably create a gap between the protections that Apple users outside the EU can rely on and the protection available to users in the EU in the future”.
Apple’s warnings should be taken with a grain of salt, experts say.
Managing mobile devices is “completely different” from third-party app stores, and Apple is “deliberately confusing it here to muddy the waters,” said Michael Veale, an associate professor at University College London who specializes in digital rights and regulation.
“Apple’s App Store is not a proxy for corporate data security; apps in it regularly send data to insecure cloud servers, to hidden third-party trackers, and more,” he said.
Some smaller tech companies, such as music streaming service Spotify and video game maker Epic Games, are also attacking Apple’s ways of complying with the DMA as little more than a facade that makes a “mockery” of the regulations’ intentions.
“Rather than creating healthy competition and new choices, Apple’s new terms will create new barriers and strengthen Apple’s stronghold over the iPhone ecosystem,” Spotify, Epic and more than two dozen other companies and alliances wrote in a March 1 letter to the European Commission. the EU executive branch that oversees the DMA.
Epic, which makes the popular game Fortnite, also claims that Apple is already brazenly violating the DMA by rejecting an alternative iPhone app store it wanted to release in Sweden. Epic claimed that Apple thwarted its attempt to compete in retaliation for scathing criticism from CEO Tim Sweeney, who led a largely unsuccessful antitrust case against the iPhone App Store in the US.
In response, EU regulators said Thursday they want to question Apple over allegations that it blocked Epic’s app store. Apple was defiant, saying it had “chosen to exercise that right” to launch the app store based on Epic’s past behavior.
Europe’s changing digital landscape is forcing changes at other tech powerhouses like Google and Facebook, but the new regulations strike at the heart of Apple’s philosophy of maintaining ironclad control over every aspect of its products.
This “walled garden” approach, coined by late co-founder Steve Jobs, starts with the meticulous design of the hardware and then extends to all the software that powers the devices and oversees the commerce that takes place on them.
This approach built an empire with annual sales of almost $400 billion (€365 billion). Apple traces its success to the trust it built through decades of vigilant stewardship of the iPhone and other popular products like the iPad, Mac and Apple Watch.
Even Epic’s Sweeney acknowledged that one of the reasons he uses an iPhone is because of the strict security measures Apple has implemented to thwart hackers and protect the privacy of its customers. This came during testimony in a trial in May 2021, resulting in a US judge ruling that the App Store is not a monopoly.
In that decision, the judge demanded that Apple allow links to third-party payment options in iPhone apps in the US. It’s a requirement the company began allowing earlier this year after the U.S. Supreme Court declined to hear an appeal on the issue.
Apple – which is rolling out changes in Europe via an iPhone software update – still won’t allow alternative iPhone app stores in the US and more than 100 other countries outside the EU.
European regulators appear convinced that the benefits consumers can reap from more competition will outweigh the increased safety risks.
One potential positive is lower prices for digital transactions within apps if competing stores charge lower commissions than the 15 to 30 percent fees Apple has imposed for years.
But critics doubt this will happen as Apple still plans to charge fees after app downloads reached relatively low barriers and created other hurdles that will make it difficult for alternative options to make significant inroads in Europe.
Apple insists that the security issues spawned by the DMA are so concerning that the company has heard from government agencies (particularly those in defense, banking and emergency services) that want to ensure that employees with iPhones can no longer access apps related to are distributed outside. Apple’s Walled Garden.
“These agencies have all recognized that sideloading (downloading apps from outside the App Store) can compromise security and compromise government data and devices,” Apple said.
Veale, the digital expert, pushed back.
“Any company or government that believes that ‘App Store apps are safe’ may need to revamp its security and data protection teams or policies,” he said.