Infrequently Noted

There has been a recent flurry of regulatory, legislative, and courtroom activity regarding mobile OSes and their app stores. One emergent theme is Apple's shocking disregard for the spirit of legal findings it views as adverse to its interests.

Take, for instance, Apple's insistence that it would take "months" to support the addition of links to external payment providers from within apps, nevermind it had months of notice. There is a case to be made that formulating policy and constructing a comissions system takes time, but this is ridiculous.

Just sit with Apple's claim a moment. Cupertino is saying that it will take additional months to allow other people to add links within their own apps.

Or consider South Korea's law, passed last August, that elicited months of stonewalling by Google and Apple until, at last, an exasperated KCC started speaking a language Cupertino understands: fines. Having run the clock for half a year, Apple has started making noises that indicate a willingness to potentially allow alternative payment systems at some point in the future.

Never fear, though; there's no chance that grudging "compliance" will abide the plain-language meaning of the law. Apple is fully committed to predatory delay and sneering, legalistic, inch-measuring conformance. Notably, it signaled it feels entitled to skim equivalent revenues to it's monopoly rents for payments paid through third-party processors in both Korea and the Netherlands. If regulators are going to bring this to heel, they will need to start assuming bad-faith.

Dutch regulators have been engaged in a narrowly-focused enquiry into the billing practices of dating apps, and they came to remarkably similar conclusions: Apple's pracctices are flagarantly anti-competitive.

In a malign sort of consistency, Apple responded in the most obtuse, geographically constrained, and difficult-to-use solution possible. Developers would need to submit a separate, country-specific version of their app, only available from the Dutch version of the App Store, and present users with pejorative messaging. Heaven help users attempting to navigate such a mess.

This "solution" was poorly received. Perhaps learning from the KCC's experience, Dutch regulators moved to impose fines more quickly, but perhaps misjudged how little 50 million EUR is to a firm that makes 600× as much in profit per quarter. It certainly hasn't modulated Apple's duplicitous audacity.

Cupertino's latest proposed alternative to its 30% revenue cut will charge developers that use external payment processors a 27% fee which, after the usual 3% credit card processing fee... well, you can do the math.

Regulators in the low countries are rightly incensed, but Apple's disrespect for the rule of law isn't going to be reformed by slowly deployed half-measures, one vertical at a time. Structural change is necessary, and the web could bring that change if it is unshackled from Apple's slipshod browser engine.

A Floor for Functional Browser Choice #

With all of this as context, we should seriously consider how companies this shameless will behave if required to facilitate genuine browser choice. What are the policy and technical requirements regulators should set to ensure fairness? How can the lines be drawn so delay and obfuscation aren't used to scuttle capable competitors? How can regulators anticipate and get ahead of brazenly bad-faith actions, not only by Apple, but Google and Facebook as well?

Geographic Games #

One oligopolist response has been to change anti-competitive behaviour only within small markets, e.g. making changes only to the "dating" category of apps and only within the Netherlands. Apple and Google calculate that they can avoid the Brussels Effect by making a patchwork set of market-specific changes. A goal of this strategy is to confuse users and make life hard for rebellious developers by tightly drawing "fixes" around the letter of the law in each jurisdiction.

While technically meeting legal requirements, these systems will be so hard to use that residents and businesses blame regulators, rather than store proprietors for additional day-to-day inconvenience. Because they're implemented in software, this market well-poisoning is cost-free for Apple. It also buys bad-faith actors months of delay on substantive change while they negotiate with regulators.

Could regulators include language that stipulates how market fairness requirements cannot be met with country-specific versions of apps or capabilities? This quickly hits jurisdictional boundaries, likely triggering years of court appeals. This is undesirable as delay is the ne'er do well's friend.

Regulators generally have scope over commerce within their territorial borders. Multilateral treaty organisations like the the WTO have supranational jurisdiction but no appetite or the treaty scope to tackle firm-level competition issues. They focus instead on tariffs and "dumping" practices that privilege one nation's industries over another, as those are the sorts of disputes national laws cannot address.

A More Durable Approach #

Effective regulation needs market-opening technologies that function without constant oversight. The lines drawn around undermining this technology should be so clear, and the consequences for stepping over them so painful, that even Apple, Google, and Facebook dare not go near them.

When regulators adopt similar (if not identical) regulations they increase the costs to bad actors of country-specific gamesmanship. Regulators that "harmonise" their interventions multiply the chances of compliance, creating a "Brussels of the Willing".

A competitive landscape for web browsers should be part of any compliance framework because:

• A world with safe, capable web apps provides businesses alternatives to app store gatekeepers.
• Browser competition (enabled by meaningful choice) has consistently delivered safety and control to users far ahead of operating systems. Compare, for instance, the late addition of mobile OS controls for location tracking, ad blocking, and bluetooth compared with the web's more consent-oriented track record.
• Web apps put pricing pressure on platform owners, forcing them to innovate rather than extract rents. Many classes of apps trapped in app stores only use standardised APIs that happen to be spelled differently on proprietary OSes. They could be delivered just as well through the web's open, interoperable, and liberally licensed standards, but for gatekeepers denying those features to browser and scuppering app discoverability on the web.
• Web applications create portability for developers and businesses, lowering costs and improving access to services. This enhances the bargaining power of small firms relative to platform owners.

For the web to perform these essential market functions on mobile, regulation must disrupt the status quo and facilitate competition from within. This also provides a solution to user safety and security concerns that pervasive sideloading may raise, as browsers are aggressively sandboxed. Meanginful choice, coupled with powerful browsers, can deliver better outcomes:

Table Stakes #

Discussion of sideloading and alternative app stores often elides requirements that regulators should put in place to create competition amongst capable browsers. I have previously proposed a set of minimal interventions to ensure meaningful user choice. To restate the broadest points:

• Platform vendors' own products must respect users' browser choices within applications which are not themselves browsers.
• Mobile OSs should provide a simple, global way to opt-out of "in-app browsers" across all applications.
• Developers must be provided with a simple way for their content to opt-out of being loaded via "in-app browsers".
• System-level "in-app browser" protocols and APIs should allow a user's default browser to render sites by default.

iOS Specifics #

Because Apple's iOS is egregiously closed to genuine browser competition, regulators should pay specific attention to the capabilities that vendors that port engines will need. They should also ensure other capabilities are made available by default; the presumption for browser developers must be open access. Apple has shown itself to be a serial bad-faith actor regarding competition and browser choice, so while an enumeration of these features may seem pedantic, it sadly also seems necessary.

Today, Apple's Safari browser enjoys privileged access to certain APIs necessary for any competing browser vendor that wants to match Safari's features. Only Safari can:

• Construct new sub-processes for sandboxing web content. Competing browsers will need to do the same, and be allowed to define a tighter sandbox policy than Apple's default (as they already do on Windows, macOS, and Android).
• JIT JavaScript code. For reasons covered extensively last year, there's no legitimate reason to disallow competing browsers from running at full speed.
• Install Web Apps to the iOS homescreen. Competing browsers must be allowed to match Safari's capability that allows it to install PWAs to the device's homescreen and serve as the runtime for those apps.
• Integrate with SFSafariViewController. Competing browsers set as the user's default must be allowed to also handle "in-app browsing" via the SFSafariViewController protocol without requiring the user to opt-in.
• Provide its own networking layer and integrate with Private Relay's closed APIs. Competing browsers must be allowed access to OS-integrated capabilities without being forced to use Apple's slower, less reliable networking stack.

As a general rule, competing browsers must also be allowed access to all private and undocumented APIs that are used by Safari, as well as iOS entitlements granted to other applications.

Regulators must also ensure capabilities are not prohibited or removed from browsers by secret agreements that Cupertino forces developers to sign. Further (and it's a shame this has to be said), Apple must not be allowed to comply with these terms by further neutering Safari's already industry-trailing feature set.

Apple must also be required to allow browsers with alternative engines to be procured directly through its App Store. It is easy to predict a world of country-specific sideloading regulations, with Apple attempting to blunt the impact of competitive browsers by continuing to banish them from their "legit" discovery surface.

Web browsers must also be allowed to implement the Web Payments API without being forced to use Apple Pay as the only back end. Apple must further be enjoined from requiring specific UI treatments that subvert these flows and prejudice users away from open payment systems.

Lastly, Apple must not be allowed to publish new versions of browsers through an arbitrary and capricious "review" process. Regulators must demand that Apple be forced to publish new browser versions and, if it objects to features within them, file a request for regulatory arbitration of the dispute post publication. Apple has long demonstrated it cannot be trusted with the benefit of the doubt in this area, and allowing updates to flow quickly is critical to ensuring users of the web remain safe.

Only within the contours of this sort of regime can ongoing enforcement of negotiated policy proceed in good faith.

If you live or do business in the UK or the US, what you do in the next seven days could define the web for decades to come. By filing public comments with UK regulators and US legislators this week, you can change the course of mobile computing more than at any other time in the past decade. Read on for why this moment matters and how to seize the day.

By way of background, regulators in much of the anglophone world (and beyond) spent much of 2021 investigating the state of the mobile ecosystem.

This is important because Apple has succeeded in neutering the web's potential through brazenly anti-competitive practices and obfuscation. Facebook and Google, meanwhile, have undermined user agency in browser choice for fun and profit.

I kid.

It was all for profit:

Public statements from leading authorities who have looked into this behaviour leave a distinct impression of being unimpressed. Here's the unflappably measured UK Competition and Markets Authority (CMA) weighing in last month:

Apple and Google have developed a vice-like grip over how we use mobile phones and we're concerned that it's causing millions of people across the UK to lose out.

The CMA's 400+ page interim report (plus an additional ~200 pages of detailed appendices) didn't make the waves it deserved when it was released near the winter holidays.^[1] That's a shame as the report is by turns scathing and detailed, particularly in its proposed remedies, all of which would have a profoundly positive impact on you, me, and anyone else who uses the mobile web:

The report sets out a range of actions that could be taken to address these issues, including:

• Making it easier for users to switch between iOS and Android phones when they want to replace their device without losing functionality or data.
• Making it easier to install apps through methods other than the App Store or Play Store, including so-called "web apps".
• Enabling all apps to give users a choice of how they pay in-app for things like game credits or subscriptions, rather than being tied to Apple's and Google's payment systems.
• Making it easier for users to choose alternatives to Apple and Google for services like browsers, in particular by making sure they can easily set which browser they have as default.

This is shockingly blunt language from a regulatory body:

Competition & Markets Authority @CMAgovUK



Our market study has provisionally found that:

❌ People aren’t seeing the full benefit of innovative new products and services such as cloud #gaming and web #apps.

[2/5]

10 02:19 AM · Dec 14, 2021

Competition & Markets Authority @CMAgovUK



Our provisional findings also suggest:

💷 customers could be facing higher prices than they would in a more competitive market.

[3/5]

9 02:20 AM · Dec 14, 2021

The report demonstrates that the CMA understands the anti-competitive browser and browser-engine landscape too. Its findings are no less direct than the summary:

Impact of the WebKit restriction

As a result of the WebKit restriction, there is no competition in browser engines on iOS and Apple effectively dictates the features that browsers on iOS can offer[.]

The CMA has outlined its next steps and is requesting comment until February 7^th, 2022.

Apple, in particular, has demonstrated that it is a bad actor with regards to competition law. This post could easily contain nothing but a rundown of fruity skulduggery; that's how brazen Cupertino's anti-competitive practices have become. Suffice to say, Apple sees being fined 5M EUR per week over entirely reasonable requests a "cost of doing business." Big respect-for-the-rule-of-law vibes.

But this sort of thing isn't going to last. Regulators don't like being taken for a ride.

...Meanwhile in Washington #

On this side of the pond, things are getting serious. In just the past two weeks:

• The Senate Judiciary Committee — last seen here being dissembled-to by Apple in sworn testimony — voted to move serious legislation out of committee after lobbying by firms that somehow failed to notice that Apple's extortionate terms are an "economic miracle."
• 35 states' attorneys general filed amicus curiae briefs in support of Epic's appeal against Apple.

We're even getting gauzy coverage of pro-regulatory senators. It's quite the moment, and indicates dawning awareness of these blatantly anti-competitive practices.

This Is About More Than Browsers #

It's tempting to think of browser choice and app store regulation as wholly separate concerns, but neither the web nor apps exist in a vacuum. As the desktop web becomes ever-more powerful on every OS, even the most sophisticated app developers gain more choice in how they reach users.

Unleashing true choice and competition in mobile browsers won't only help web developers and users, it will level the playing field more broadly. Native app developers that feel trapped in abusive policy regimes will suddenly have real alternatives. This, in turn, will put pricing pressure on app store owners that extract egregious rents today.

Web apps and PWAs compete with app stores for distribution, lowering the price to develop and deliver competitive experiences. This allows a larger pool of developers and businesses to "play".

App store "review" and its capricious policy interpretations have always been tragicomic, but true competition is needed to drive the point home. Businesses are forced into the app store, requiring they spend huge amounts to re-build features multiple times. Users risk unsafe native app platforms when the much-safer web could easily handle many day-to-day tasks. We're only stuck in this morass because it helps Google and Apple build proprietary moats that raise switching costs and allow them to extort rents from indie developers and hapless users.

A better future for mobile computing is possible when the web is unshackled, and that will only happen when competition has teeth.

What You Can Do #

This is the last week to lodge comment by email with the UK's CMA regarding the findings of its interim report. Anyone who does business in the UK and cares about mobile browser choice should send comments, both as an individual and through corporate counsel.

For US residents, the speed at which legislation on this front is moving through Congress suggests that this is the moment for a well-timed email or, more preferably, call to your elected senator.

If you live or do business in the US or the UK, this week matters.

Whichever geography you submit comment to, please note that regulators and legislators have specific remits and will care more or less depending on the salience of your input to their particular goals. To maximize your impact, consider including the following points in your comments:

• Your residence and business location within the district they serve (if appropriate)
• How a lack of choice, including missing features and an endless parade of showstopping bugs, have hurt your business or forced you to accept unfair app store terms
• Support of specific provisions in their proposals, particularly regarding true browser choice
• The number of employees in your firm or the amount of business done annually in their geography
• The extent to which you service export markets with your technology
• The specific ways in which unfair App Store, Play Store, or browser choice policies have negatively impacted your business (think lost revenue, increased costs, bugs, etc.)
• Your particular preferences regarding competition both on the web (e.g., the availability of alternative browser engines on iOS) and between the web and native (e.g., the inability to offer a lower-cost, higher service web experience vs. being forced into app stores)
• Specific missing features and issues that cause you ongoing business harm
• If you are contacting a politician or their office, your willingness to vote on the issue

Leaving your contact information for follow-up and verification never hurts either.

It's been 761 weeks since Apple began the destruction of mobile browser choice, knowingly coating its preference for a "native" device experience (in web-friendly garb) at the expense of the mobile web. This is the week you can do something about it.

Carpe diem.