
Apple: Apps should not require users to opt into tracking to access content - Nextgrid
https://developer.apple.com/app-store/review/guidelines/#unacceptable
======
Nextgrid
Full text of the clause:

> 3.2.2 Unacceptable

> (vi) Apps should allow a user to get what they’ve paid for without
> performing additional tasks, such as posting on social media, uploading
> contacts, checking in to the app a certain number of times, etc. Apps should
> not require users to rate the app, review the app, watch videos, download
> other apps, tap on advertisements, enable tracking, or take other similar
> actions in order to access functionality, content, use the app, or receive
> monetary or other compensation, including but not limited to gift cards and
> codes.

~~~
DoofusOfDeath
I find that policy entirely acceptable, for the same reasons I think shrink-
wrap EULAs should be illegal.

This makes me curious about Apple and iOS / OS X. Does Apple try to require
that the user accepts an EULA for the OS after buying Apple hardware?

~~~
danShumway
It's a very good policy, I wish they'd follow it for their own systems.

To download free apps off the Mac app store I need to set up an account and
provide Apple with an email address, physical address, and phone number. Apps
like the Wireguard GUI don't have access to necessary system APIs outside of
the app store, so the developers have no way to allow users to sidestep giving
Apple that information.

I'm forced to use the command line interface from Brew and mess around with
network interfaces on my work laptop just because I refuse to give Apple my
phone number and home address, even though Wireguard is free and no
billing/payment information would be required for me to download it, and even
though having an Apple account is completely unrelated to their sandboxing
goals or the information that the app needs to run.

Bonus points for telling me I'm providing my phone number "for security
purposes" but providing no option during signup to use a secure 2FA app
instead of SMS.

~~~
saagarjha
> Apps like the Wireguard GUI don't have access to necessary system APIs
> outside of the app store

Wait, on _macOS_? You’re saying the store gives you extra permissions there?

~~~
danShumway
Yes:
[https://lists.zx2c4.com/pipermail/wireguard/2019-February/00...](https://lists.zx2c4.com/pipermail/wireguard/2019-February/003853.html)

------
beervirus
Everybody complains about the walled garden, but damn I love to see things
like this.

~~~
dayjobpork
You do realise Apple could still do this in their app store AND allow 3rd
party app stores?

~~~
systemvoltage
That's a terrifying idea. Horrifying.

I absolutely detest this idea of third party app stores. Please tell me why
this is a good idea when literally your entire life and its contents are
contained in this palm sized device.

Do you really want sideloading of apps that asks average joes for ransomware?

We already have another sandbox - browsers. And you're seeing problems with
extensions, popups, .dmg downloads and .exe virus scans, etc. So much so that
browsers are constantly fighting against attacks for 20 years.

~~~
dylan-m
> We already have another sandbox - browsers. And you're seeing problems with
> extensions, popups, .dmg downloads and .exe virus scans, etc. So much so
> that browsers are constantly fighting against attacks for 20 years.

They are, and, if you look around, they're winning: billions of people use
Windows, MacOS and desktop Linux, safely, to do all manner of things. Billions
of people use the web, which involves all kinds of code from all kinds of
places - none of which is held hostage by a single absurdly valuable
corporation - and, judging by the continuing _success_ of that platform, I
would say it's doing pretty well.

You know what's terrifying? This _argument_ is terrifying. So, you brought up
the web … assuming iOS continues to be what it is, and eventually people just
stop bothering to make websites: is that okay? Is that what we want?

~~~
systemvoltage
I actually want a phone with absolutely no app store. Just browser is fine.
Given the amount of information it holds, adding any kind of apps that allow
system wide access is horrifying to me. Since we don't have such phones, the
next best thing is a store run by a company that can have security staff,
highly paid security engineers and a whole bunch of people trying to make it
secure than some reddit group that wants to distribute apps to billions of
people. For that, as I said, just use a browser.

~~~
dylan-m
App store reviewers are not the people you should be trusting to make your
phone secure. They can and do make mistakes, because their job is to go
through a checklist, look for things they don't like, and maybe run some
analysis tools that other people wrote. (I'm guessing, of course: this process
is completely invisible to the general public). The people who should be
making your iPhone secure are the _developers_ at Apple who are improving how
apps are sandboxed, catching and fixing security vulnerabilities throughout
the OS, sometimes even with open source code and published CVE entries.

If we have so little faith in those developers that we believe the last line
of defence - the App Store reviewers - are the thing holding us back from
disaster, then we definitely should not be using iPhones.

~~~
systemvoltage
App store reviews are executing the policies and tools that security engineers
built. Whether it is a human checking these policies or automated scripts
doing it, the point is that the policies governing those filtering processes
are conceptualized, written and developed by experts that know what they're
doing and they get paid a handsome amount [250k USD and upwards]. You're also
switching from AppStore to the whole device. The device is secure _because_ of
things like T2 chip and billions that probably went into making it possible.

It's really obvious to me which is more secure - a 2 trillion dollar company
with vested interest and one of the key selling points, that is privacy; or
... literally anything else.

------
ffpip
Such things are never going to come to Android are they? Every preinstalled
app abuses every permission possible

~~~
cmeacham98
Pre-installed apps where you can't disable them or revoke their permissions
are a cancer on the Android ecosystem. Especially fun when they have
permissions like "access the filesystem" or "obtain device location" or "send
notifications".

~~~
ffpip
There used to be a security app on my MIUI phone. Security apps can't do
anything on android, because each app is sandboxed. But of course, it had full
non-revocable permissions including physical sensors, precise location,
contacts, camera and microphone.

I hope someone cracks open their 'security' app and controls every MIUI
device, just for them to learn their lesson.

~~~
wadkar
I am getting a feeling that that might be the reason for it’s existence

------
cblconfederate
Thats a good thing. Can Apple guarantee that they themselves are not tracking
their users' app preferences/behaviour either?

~~~
NovemberWhiskey
There's a fairly simple _cui bono_ aspect to this.

Apple makes money by selling products to their users or taking a cut of the
users' purchases in their marketplace.

Facebook and Google, on the other hand, make most of their money by selling
micro-segmented access to their user base to third parties.

Which of these two kinds of companies stands to benefit from harvesting more
data about their users whenever possible?

~~~
cblconfederate
Apple profits from knowing their users' app/music/news/books/siri etc
preferences and making purchase suggestions, don't they?

~~~
sbuk
That's not quite the same as selling that information to political 'think
tanks' to buy influence in an election.

~~~
cblconfederate
That's kind of besides the point. Could this info be e.g. passed to US
authorities if requested? Is it being used for nefarious purposes? We don't
know.

At least in EU (and thus all apps made in EU) you can ask for personal info to
be deleted. The list of apps downloaded is certainly sensitive info that
reveals many preferences. Can you ask apple to delete this info?

~~~
sbuk
Under the GDPR it is permitted to keep PII, resposibly, if that PII is used
for conducting normal business, which should ideally be anonymised. Arguably,
apps that you have downloaded from an online store fall under this category.
You can close an AppleID, thereby deleting donload info, but you'll lose
access to the apps that you have purchased, including IAPs. There is
absolutely a discussion to be had around that, but that's moot with regard
your point. Asking Apple to delete the info about app purchase history is self
defeating. A better question to aim at Apple is to ask if the data is
anonymised. The same is true of Google Play.

See [https://ico.org.uk/for-organisations/guide-to-data-
protectio...](https://ico.org.uk/for-organisations/guide-to-data-
protection/guide-to-the-general-data-protection-regulation-
gdpr/principles/storage-limitation/)

~~~
cblconfederate
> You can close an AppleID, thereby deleting donload info

That's not what GDPR requires. I am sure Apple has a way to request to delete
sensitive info such as app purchases without loss of service, or else they d
be in violation in EU.

> to aim at Apple is to ask if the data is anonymised.

I can't see a way in which my app purchases could be anonymized (then it
wouldn't be personal information)

~~~
sbuk
Let's form the issue here using an example from the regulation:

 _A bank holds personal data about its customers. This includes details of
each customer’s address, date of birth and mother’s maiden name. The bank uses
this information as part of its security procedures. It is appropriate for the
bank to retain this data for as long as the customer has an account with the
bank. Even after the account has been closed, the bank may need to continue
holding some of this information for legal or operational reasons for a
further set time._

Based on that, I'd suggest its entirely reqasonable to posit:

 _An online app store holds personal data about it 's customers. This includes
payment information and a list of apps that have been purchased, including
free apps, and which of those apps have been downloaded. It is appropriate for
the app store to maintain this information so they can allow the customer to
install apps on their devices and link in app purchased made in those apps to
the correct account. Even after the app has been removed from a device, the
app store may need to continue holding some of this information for legal
and/or operation reasons._

Arguing that app store purchases are sensitive is some what missing the wood
for the trees. What matters is what is done with the information. If Apple (or
Google, Sony and Microsoft - they all run similar stores) use this in an
attempt to target app store recommendations, the negative inpact on the
individual is extremely debatable, certainly from the point-of-view of GDPR.
If they are using the information to build a profile of an individual to sell
access to that individual to 3rd parties, then there is a problem.

------
dathinab
I do not think Apple should have the power to do such decisions.

I do not like tracking at all.

But I think this is something which needs to be handled by governments
(laws/regulations) not by apple forcing their opinion about what is right onto
everyone else by abusing their marked positions.

In this case it might be beneficial for the users.

In others cases it was not beneficial for the users at all but only for apple.
Like if I remember correctly apps where not allowed to state that they are
Pebble compatible because Pebble did compete with the Apple Watch at least
theoretically, similar platforms like Netflix/Amazon Prime got special terms
wrt. the pay cut but a Netflix/Amazon Prime for gaming wasn't allowed at all
for dubious reasons (with that reasons any content gateway like browsers,
newsfeeds, Netflix etc. would not be allowed) oh and guess what it seems Apple
is currently working on their own Gaming/Game Streaming platform...

So yes anti tracking is good. But I still belive Apple is again abusing their
monopoly like positions for their own benefits, let's not forget Apple has
their own app network which likely isn't affected by this.

~~~
slipheen
Governments ought to be the place for this level of regulation, absolutely -
But right now, governments aren't regulating.

In the mean time, I'm glad Apple is. If Apple wasn't doing this, no one would
be.

~~~
zoredache
Never heard of regulatory capture?

If the government regulates something, that very often means that the
incumbents will donate/bribe officials to pass regulations that favor the mega
corps.

Getting government regulations that actually favors the consumers is somewhere
between difficult and impossible.

------
canadianwriter
"Apps should not require users to rate the app, review the app, watch videos,
download other apps, tap on advertisements, enable tracking, or take other
similar actions in order to access functionality, content, use the app, or
receive monetary or other compensation, including but not limited to gift
cards and codes."

Bunch of apps started doing the above "enable tracking" part already - good
thing Apple specifically disallowed it, should nip that problem before 14
comes out.

~~~
Nextgrid
Out of curiosity, which apps?

------
2Gkashmiri
I remember ios 5 I think brought app permissions. Essentially say app A should
not get location or contacts and put this behind a password. The app couldnt
do shit. Then android after late got some permissions but its still lame IMO.
App can deny you access without a permission. A recent thing I have seen on
android is permission protection or whatever. The system gives dummy or no
access to the contacts for example instead of actual contacts. Sounds good but
now every app can detect this and bugs you to allow the sameby nagging you.
Look, if I want to deny app A or B access to contacts, as far as the app is
concerned it should get 0 access. Not blocking or pseudo blocking but a
sinkhole type "huh. Nothing here". It should not be able to detect this. Same
for internet access. If I deny internet to an app, that app should think its
in flight mode. Thats it.

Same thing here. Say I dont want to be tracked, apps should think I have
allowed access and go ahead. Why should they tailor access based on my
permission to track ? My installing the app is proof I want to use the app. I
just dont want it to be tied to anything. Kinda like the original "sandbox"
idea

~~~
mumblerino
Correction: iOS has had permissions at least for as long as apps were allowed
and more permissions were added over time.

Screenshot in the Camera section of this iPhoneOS 2 review:
[https://www.imore.com/iphone-os-2-review](https://www.imore.com/iphone-
os-2-review)

~~~
saagarjha
I find it very interesting that Maps is asking for permission to access your
location.

------
RcouF1uZ4gsC
This is one of the reasons, I am actually in favor of only having the App
Store on Apple. As soon as you have another way to distribute apps on the
iPhone, app developers will try to migrate to the less privacy conscious store
that lets them do all their dark patterns.

Sometimes, let the consumer choose does not work. For example, if governments
did not regulate kids products and just said let the consumer choose, the
market would be filled with unsafe products. Sometimes you need someone
enforcing standards.

Apple’s enforcement of standards is one of the big reasons why I choose their
ecosystem.

~~~
spideymans
Certain developers (ahem... Facebook) love to cry about Apple’s walled garden,
without acknowledging that the reason that iOS and its walled garden is so
popular is precisely because these large developers have proven to users that
they are completely untrustworthy. If they conducted their business more
responsibly, and if users could trust that these developers wouldn’t abuse
their privacy and security, perhaps the mobile software ecosystem would be
more open in nature.

------
mensetmanusman
“I should still be able to view where I am on this map without letting anyone
know where I am”

~~~
reaperducer
_“I should still be able to view where I am on this map without letting anyone
know where I am”_

Seems perfectly reasonable. We used to do it before there was an internet to
feed our locations to. I did it on my Palm III.

Heck, my car does it today. And is able to show me all the nearby coffee shops
with zero internet connection, thus no snitching.

------
andrewjl
This is a terrific policy.

I think irrespective of how good the App Store policies are, every user should
be given the right to load non-App Store apps if they so choose. It's totally
fine if it's buried 10-levels deep in settings. It's fine if they cannot do it
easily by just clicking a random link due to security considerations. It's a
good idea to make it hard to do by accident, and I expect if Apple wanted to
they could create an awesome UX that preserves safety & security while
respecting device owner sovereignty of what can go onto their device.

Might seem like a trivial thing, but it would have made all the difference for
the civil liberties protests in HK when their app got banned from the App
Store.

------
tempodox
Nice words, but to whom do they apply? Apple just postponed the upcoming iOS
14 tracking restrictions that Facebook complained about to next year.

------
ugh123
Could say the same thing about these cookie-accept popups as some will just
redirect you off their site if you don't accept.

~~~
noisem4ker
Those go against the GDPR.

------
prophesi
Would this also apply to forcing users to enable location for content that
only partially requires it? In particular, Snapchat has some location-based
filters, but even the ones that don't require location (purely cosmetic,
rewind, slow-mo, etc filters) are disabled.

------
pkamb
> Apps should allow a user to get what they’ve paid for without performing
> additional tasks, such as [...] uploading contacts

WhatsApp gates many features behind Contacts access. Do the same rules apply
to everyone, even Facebook?

------
jariel
Apple's policies are starting to read like governmental regulatory documents,
and their internal process like an opaque, private Judicial system.

This is not good for us in the long run.

We need a new version of the FCC that's smart enough to engage lightly for the
most part, but heavily and smartly where necessary in this new digital age.

------
daveisfera
> (iii) Artificially increasing the number of impressions or click-throughs of
> ads, as well as apps that are designed predominantly for the display of ads.

So they're going to remove most of the games that my kids have been duped into
installing from an ad in another game? ;p

------
ryandrake
I've always wondered why do companies call it "opt" in if it's not optional?

~~~
perryizgr8
It is optional, of course. The other option is to not use the app.

------
dellcybpwr
Should not vs may not. Any difference?

------
egberts1
Yep. Ditched a web cam because some China-made app wanted my location.

------
coronadisaster
Can they trick you into thinking it is required?

------
_Microft
Anything else wouldn't be GDPR compliant anyways, would it?

~~~
Nextgrid
In Europe it indeed wouldn't, however GDPR enforcement has been severely
lacking despite the potential for significant fines, so Apple taking matters
into its own hands (and using its influence and power over the App Store) is
very good news.

------
ATsch
This is already legally required by GDPR but I guess it's good for apple to
check for it.

~~~
matthewmacleod
This is not required by GDPR.

~~~
cblconfederate
the tracking thing is

------
Angeo34
Apple wants all the data for themselves obviously.

