
Apple’s outdated legal practices from a developer's point of view - Garbage
https://medium.com/bambuu/a-story-of-apples-excruciating-outdated-legal-practices-e5c144f0aeeb
======
coldtea
> _Nevertheless, I was conversing with Apple Support to fix this mess, but
> this is where the first problems started to appear. You see, apparently I
> had to attach “some kind of government issued photo ID” to verify my real
> name. A bit strange to me, since it’s perfectly fine to change your name on
> the regular Apple ID account, but “I’m no legal wizard” I thought, “there’s
> probably something I don’t understand”._

Well, the "regular Apple ID account" is not selling applications to consumers.

(While Apple could have made changing the developer account name a much better
experience, it's obvious why they require identification to change it)

> _Yeah, I’m totally gonna send a picture of my passport, without concealing
> any information, to a random person on the internet. That’s not dangerous at
> all._

Or, you know, you can stop selling apps. If you've opened any kind of
business, and have dealt with any kind of bank, you'd be giving all those
kinds of documents and more, and have to be there physically too.

> _however it requires that you “provide business or court documentation that
> reflects the change”. No other service provider required this documentation,
> but who knows, maybe Apple’s legal team is just better than the rest._

Do those other "service providers" concern selling stuff as a business? Plus,
if it didn't require anything and some random hacker hijacked your account and
could change the details to theirs easily, you'll be screaming bloody murder.

> _And then it magically happened. 1 month and 21 days after the first form
> submission, the name of the bambuu Apple developer account was officially
> updated. And all it required was 80 $, countless hours, and my will to live.
> All worth it._

Try opening a conventional store. Or any kind of money handling web service...

~~~
madsbuch
> and have to be there physically too.

Not in Denmark, you can do all that online.

> No other service provider required this documentation

Well, Google play?

> Try opening a conventional store. Or any kind of money handling web
> service...

In Denmark this is done before lunch (trust me, I've done it on several
occasions).

~~~
coldtea
Handled users money as a random web person?

If you mean you did the bureaucratic stuff online, I assume you still needed
to give proof of who you are -- perhaps with some state provider digital
signature or whatever.

If not, then it might be easier for the one opening the shop, but it's much
more dangerous for the consumers giving them their money.

~~~
wodenokoto
> perhaps with some state provider digital signature or whatever.

Yes he did. In Denmark it is called "NemID" [1], and is a state issued 2
factor identification system for online interaction with banks and official
services.

Obviously Apple can't rely on this system for all their users, but in theory
they could make it work for Danish users.

[1] [https://en.wikipedia.org/wiki/NemID](https://en.wikipedia.org/wiki/NemID)

~~~
coldtea
Yeah, that would be nice, but as it's not a standard, they probably Apple
couldn't even make it work for Danish users -- they wouldn't go build 2
systems and go out of their way to verify data with the Danish government just
for a few million people (or, actually, just for a few thousands of
developers).

------
slashink
I think the article brings up some good points about the issues of verifying
identity over the internet, something that yet does not have a universal
standard. In Sweden we have a system called "BankID" which basically let's you
use your phone as a 2FA device in order to verify your identity to companies,
the tax agencies, police etc and it works very well, although limited to
Sweden. This is not an SMS based system and is not tied to your SIM card,
instead tied to the application on your phone together with a personal
password. Hopefully a system like this can catch on in the future as a way of
verifying identity.

With this said i will excuse myself for going out of topic here but i am
getting very tired of the recent trend of putting reaction GIF's in pieces
like this. Reading it on desktop is just hard for me when getting into a nice
reading flow, only to be broken up by a reaction GIF 1/3 the size of my
monitor height. Authors adding a GIF to the end does not disturb me, but for
me this article breaks the reading flow by adding so many.

Here is how large one of these reaction GIF's render for me:
[https://imgur.com/a/dYihu](https://imgur.com/a/dYihu)

~~~
tallanvor
I'm guessing BankID in Sweden is very similar to the version in Norway, which
is a pretty horrible service.

In order to use BankID, you have to bind it first to one bank account and use
that bank's code brick to log in. Or you use BankID on your phone which is
tied to your SIM card and some providers will charge you for using it!

It also relies on your phone having service (not just WiFi access), so the
amount you're charged for using it can be much higher overseas.

BankID would be just as secure if they used the authentication scheme behind
Google Authenticator, and it would allow people to use it without additional
costs.

~~~
slashink
No, luckily our version is not tied to the SIM card at all and works on just
wifi devices. It's also free for the consumer to use. For being a service
primarily integrating with banks, i will say it works very well in Sweden and
now most providers has started to support it. Sure, there can always be
improvements and i wish there were a standard not owned by a company, but i'm
also glad when my 80+ year old grandmother has something simple enough to
authenticate that provides a reasonable layer of security.

If you are interested there's some details here
[https://sv.wikipedia.org/wiki/E-legitimation](https://sv.wikipedia.org/wiki/E-legitimation)
that lists the differences.

~~~
tallanvor
That's good to know. I wish Norway would get on board with better practices!

------
tonyjstark
I also changed the name of my company within Apple's developer program. It was
not easy and the most confusing part was that they always send you documents
that look like spam. Their emails look like spam, their letters look like
spam.

Also it took several weeks because apparently they don't have a process in
place to change account names and have to do it by hand and asking the boss
and the bosses boss for stuff like that. I wonder how the whole thing can be
that complicated, I would guess they have to deal with hundreds of startups
per day that want to change their name because the first one was made up while
being drunk or something.

------
_nalply
We pivoted our organisation to non-profit. What we did: we just abandoned the
old account and crated a new one. But even there we hid a snag. Dun &
Bradstreet seemed to have never encountered an association. It took some time
till we got a new DUNS number.

We had luck that our country, Switzerland, has a registry for all entities who
employ people¹: the UID registry,
[https://www.uid.admin.ch](https://www.uid.admin.ch), and our non-profit was
listed in that registry. Phew!

¹: not exactly but it will be tedious to explain the Swiss UID registry here.

------
scarface74
Why is this so “outdated”?

-If you wanted to send Apple a fax, use one of the half dozen apps to take a picture and send it as a fax.

-In the U.S. and probably other countries, Apple has to send you and the government documentation of the money you made on the App Store

-I feel much more comfortable downloading random stuff on iOS knowing that the security model on iOS and to a lesser extent proof of authorship and app review keeps malware and viruses off my phone.

~~~
Tijdreiziger
> If you wanted to send Apple a fax, use one of the half dozen apps to take a
> picture and send it as a fax.

Wtf? It's the 21st century, why do I need to use fax to communicate with a
leading tech company?

> In the U.S. and probably other countries, Apple has to send you and the
> government documentation of the money you made on the App Store

My government expressly warns citizens not to send anyone unredacted copies of
your national identification documents, and it is illegal for companies to ask
for this unless they have a very good reason to do so (very good reasons
include being your employer or bank).

~~~
pwinnski
If you are selling an app in the App Store, then Apple is your employer. That
lines up with the GP's point that Apple is required to send both you and your
government documentation of your income via the App Store.

~~~
Tijdreiziger
Then Apple is your distributor, not your employer.

~~~
scarface74
The IRS requires Apple to send them and you a form 1099K -

 _What does my Form 1099-K report to me?

A Form 1099-K includes the gross amount of all reportable payment
transactions. You will receive a Form 1099-K from each payment settlement
entity from which you received payments in settlement of reportable payment
transactions. A reportable payment transaction is defined as a payment card
transaction or a third party network transaction._

[https://www.irs.gov/businesses/understanding-
your-1099-k](https://www.irs.gov/businesses/understanding-your-1099-k)

I’m sure other countries require something similar.

Either way, they need either Your SSN or your TIN to report it.

~~~
Tijdreiziger
Yes, because you still need to pay income tax over money you earn, whether an
employer paid you or you are independently doing business transactions (i.e.
you are self-employed).

The page you linked even says "It is important that your business books and
records reflect your business income, including any amounts that may be
reported on Form 1099-K."

Another way to think about it: If Apple were your employer, you'd have to fill
out a timesheet and they'd have to pay you at least minimum wage. That's not
the case; if your app sells 0 copies, Apple will pay you exactly nothing,
regardless of how many hours you spent making the app.

------
CodeWriter23
I’m actually glad Apple has some formidable barriers to thwart identity
thieves trying to steal my app revenue.

~~~
Tijdreiziger
I'm not glad that those barriers include doing something my government
expressly warns against (sending someone an unredacted copy of a national
identification document).

------
tinus_hn
This seems a bit extreme but on the other hand Googles approach is completely
worthless.

I would say, start the process while logged in to the account and then have
the legal documents verified at an Apple Store.

~~~
Pyxl101
That's what notaries are for: "Identifying the person appearing before the
notary by reference to significant proofs of evidence including passport,
driving license, birth certificate, diplomatic documents etc." [1] Notaries
are licensed by their governments to perform this service, and can do so by
inspecting the person's documentation and certifying that fact to a third
party like Apple, without needing to share a facsimile of the actual
documentation with the third party directly.

There aren't that many Apple Stores in the entire world. It would be a
considerable burden to expect people to travel to one. Apple Stores are
present in only 17 countries, and there aren't any at all in Africa, India, or
South America. This Business Insider article has a map:

[http://www.businessinsider.com/apple-stores-how-many-
around-...](http://www.businessinsider.com/apple-stores-how-many-around-world-
chart-2017-2)

[1]
[https://en.wikipedia.org/wiki/Notary](https://en.wikipedia.org/wiki/Notary)

