Thinking Carefully about Abolishing the App Store

Apple is under siege. It’s their time in the barrel, the apple barrel. Sorry, I can’t help myself. While the odds are the company will shrug off its current problems, it is nonetheless clear that the company is having a rough couple of months. Their decision to reduce device tracking and browser cookies has earned praise from privacy advocates, but howls of protest from ecommerce merchants who dubbed the move “the cookie apocalypse.”

Privacy concerns are still very much an issue with Apple. The recent scandal about a priest accused of sexual impropriety after activists got location data from his iPhone, reveals how much more work remains for Apple and others with regard to user privacy. Then, the explosive allegations that governments around the world had used sophisticated spyware to surveil journalists’ iPhones further inflamed the contentious debate about the right to privacy versus the abuse of technology by the state.

Then, there’s the not so minor matter of anti-trust momentum against Apple. As part of the “break up big tech” talking point that’s been floating around the political scene for the last year or so, a rare bipartisan consensus is forming that Apple must be held accountable for its allegedly anti-competitive business practices. Last month, Democratic Senator Amy Klobuchar and Republican Senator Mike Lee jointly sent letter scolding Apple for refusing to testify at a Senate anti-trust hearing on App Store competition.

Klobuchar, Lee and others in Congress may move to shut down the App Store through anti-trust measures. At issue is Apple’s requirement that developers pay a license fee to participate and then pay Apple a 30% commission for digital purchases made inside the apps. Apple also mandates use of their proprietary in-app payment service.

The anti-trust case may have merit, but security and privacy experts are warning, “not so fast.” For example, Aidan Fitzpatrick, Founder and CEO of Reincubate, has concerns about the unintended consequences of shutting down the App Store. Fitzpatrick has been immersed in the world of Apple security and privacy for over a decade, having founded Reincubate in 2008 after building the world’s first tool for iOS data recovery.

Aidan Fitzpatrick, Founder and CEO of Reincubate

For one thing, as Fitzpatrick sees it, the App Store is the closest thing the world has to a secure app resource. Business impacts aside, Apple’s requirements that app developers purchase a developer license from Apple, coupled with Apple’s review of apps before they are sold in the store, provide a measure of security for iPhone users. “The license fee and app review may not seem like much, but they’re quite an effective deterrent against hackers who may want to spread malware through apps,” Fitzpatrick explained. “Hackers don’t necessarily like paying license fees and submitting to code reviews.”

Fitzpatrick is not sure consumers—or government regulators—are quite prepared for what would happen if apps can be “side loaded” onto iPhones, without going through App Store screening processes. “It makes life a lot easier for developers,” he said. “That’s great, up to a point. You can develop an app, and anyone can just install it on their device. Then, what happens when hackers start distributing malicious apps in that same way? It could quickly become a security and privacy nightmare.”

Such a scenario would threaten all iOS users, but in particular, Fitzpatrick worries about vulnerable groups like the elderly. “You could have a massive increase in fraud targeting the elderly and other groups that lack sophistication about their devices,” he added.

This is just one unintended consequence from possible anti-trust measures against the company. One might hope that if the government wants to break up the store, it could work to ensure that security and privacy measures remain in place.