How Cardinally Apple Have Changed Requirements For Developers!
Last month, Apple published a guideline for iOS application developers. They touched, among other things, applications for parental control and ensuring the privacy of children. Moreover, part of the new recommendations goes against the decisions that Apple adopted a few months earlier. We discuss the requirements for applications in the App Store, which will take effect on September 3 of this year, and understand the reasons – as well as the possible long-lasting consequences – of this situation.
What has changed – in short
In addition to the presentation of the new Mac Pro, Pro Display XDR and iOS 13 in early June, Apple announced certain changes in the guidelines for application developers. A short post about all these changes came out in the news section of the portal Apple Developer 3 June.
One of the innovations that caused a particularly violent reaction of the American media is the ban on the use of “third-party analytical services or advertising” in applications for children (sections 1.3 and 5.1.4 guidelines). As indicated in clause 5.1.4, “the collection and transfer of data to third parties by applications from the“ Children ”category is prohibited”. The requirement is valid for new applications, and existing ones need to be brought into compliance until September 3, 2019.
In addition, to children are directly related and innovations paragraphs 5.4 and 5.5. Under the new rules, applications that perform parental control functions can, in limited cases, use Mobile Device Management (MDM) technology and the NEVPNManager API. At the same time, Apple stresses that “applications must have useful functionality or entertainment value, regardless of the user’s age” – be it a child or an adult.
Why did they decided to change a policy – and right now
Apple’s guidelines refer primarily to the requirements of American and European legislators, namely the Children’s Online Privacy Protection Act (COPPA) and GDPR. But they note that when creating children’s applications, it is necessary to take into account the experience of other countries and their requirements for the protection of personal data.
True, there is reason to assume that, on their own, COPPA and GDPR are not the only reason for restrictions. Some media outlets directly associate the policy change with the resonant Wall Street Journal report, according to which 79 out of 80 applications tested by them from the App Store used an average of four tracking systems to collect analytics, advertisements, or marketing goals.
Public media separately focused on one of the “childish” applications, which saved the child’s name and age, as well as information about his actions in the application, and then transmitted Facebook data. Criticism of the Wall Street Journal turned out to be particularly painful – shortly before this, Apple launched an advertising campaign, the slogan of which was the phrase: “What happens on your iPhone stays on your iPhone.”
The authors of the material disagreed not so much with the fact of data collection and transmission, but with the opacity of the entire system, in which the user does not know what this or that application actually does. Apple responded by issuing a statement that the company does not interfere in the relationship between the developer and the user, but plans to work in the future to improve the security and integrity of personal data.
And the new politicians, apparently, were the result of this work. It is no coincidence and relief in paragraphs 5.4-5.5. The fact is that back in April, Apple imposed a number of restrictions on applications that implement parental control functions and use MDM technologies. The company then explained the situation by the fact that applications violated the policies of the App Store, since 2017, instructing developers to abandon MDM functionality.
However, applications were “repressed” relatively recently, after the Screen Time service, which is similar in functions, appeared in iOS 12. The situation has raised questions not only from independent application developers, but also from the US government – it is noteworthy that the post about changing guidelines and lifting the “ban on MDM” came out the same day as the New York Times material with information that Apple wanted check for violations of US antitrust laws in connection with the situation in the App Store.
Who else is concerned about protecting children’s privacy?
The case of Apple is not a single one. In a similar situation, Google was a little earlier, which two months ago also released an update of the application policy for children available on Google Play. At this step, the company was prompted to go to the proceedings of the US Federal Trade Commission (FTC), according to which the company did not ensure that application developers comply with the COPPA law.
In addition to Google Play, the FTC turned out to be YouTube. According to the commission, the service also does not meet the requirements of the already mentioned Law on the protection of children’s privacy on the Internet. According to the Washington Post, the situation with YouTube signals that the Federal Trade Commission wants to seriously tighten control in this area – it has significantly weakened since the COPPA came into force in 1998.
True, YouTube was not the first service that came to the attention of the FTC. The commission has already fined a number of companies producing applications for children at a record $ 5.8 million for non-compliance with COPPA.
Returning to Apple: What Developers Think
Most critics agree that the company’s policy is at least inconsistent, which is confirmed by the changes in the rules. The Wall Street Journal goes further and states that if we look for the extreme in a situation with unauthorized use of personal data, then the main fault will lie with Apple, and not with the developers.
By the way, some of them have already spoken about the new politician. One of the companies that fall under the new requirements was PBS and its PBS Kids division (this channel, for example, broadcast Sesame Street from 1969 to 2016). PBS explained that now they will not be able to adequately assess the performance of applications and, consequently, improve their functionality and educational capabilities.
As the channel’s CEO Paula Kerger noted, PBS will be forced to remove applications from the App Store, despite the fact that they are now used by millions of children. PBS believes that making such decisions without considering the opinions of the developers themselves is unacceptable. We want to convey the idea that we like working with these platforms [such as the App Store], they give us amazing coverage. Sit down and talk to us, ”Kerger comments on the situation.
Regarding the update policies spoke on Hacker News and the forum Apple Developer. Most supported Apple in an effort to protect children from advertising, but some noted that the very wording used in the guideline makes it possible to interpret the new rules in two ways.
Thus, Clause 1.3 contains the phrase “Apps in the Kids Category may not include third-party advertising or analytics” (literally, “Applications in the” Children “category cannot include third-party analytics and advertising”) It remains unclear to what the adjective “third-party” (third-party) refers to advertising and analytical services or to advertising only.
In the second case, companies can still use their own developments and apply them for direct analysis of user behavior.
One commentator on the thread on Reddit noted that if the company wanted to give a consistent indication, it would have formulated the requirement differently. And the official wording gives Apple the right to “execute or pardon” developers at its discretion.
Recent events seem to be forcing a review of the status quo of large IT corporations. As for Apple, the view is increasingly heard that the company should choose a side and cannot remain the owner of the App Store and at the same time a player in the application market. What results will the current policy of the company, to be seen in the near future.