
Apple Just Disabled Clearview AI's iPhone App for Breaking Rules on Distribution - jbegley
https://www.buzzfeednews.com/article/loganmcdonald/apple-clearview-app-violates-tos-supension
======
cantrevealname
> _Apple Developer Enterprise Program should only be used to distribute apps
> within a company._

As much as I dislike the privacy invasive things that Clearview is doing, I
don’t like Apple’s power to ban people from running whatever software they
want _if they’re not using the App Store or asking for endorsement or review
by Apple_. If you’re distributing your software privately and independently of
Apple (i.e., not through the App Store), then you should be able to do
whatever you want. We don’t want a world where car companies get to disable
your car if you carried something in your car that they didn’t like.

~~~
threeseed
Apple is merely treating the phone like a console. I can't play third party
games on my PS4 or Switch. Nor can I run add third party apps to my car, TV or
microwave.

And given how many companies want to use the iPhone for nefarious means I like
the fact that Apple is looking after me. Many other users feel the same.

~~~
toxik
Which is similarly unacceptable, you own it, you decide what runs on it.
Madness that it could ever come to this.

~~~
DenisM
I own it, and I delegated it to Apple to decide what can run on it.

~~~
pdkl95
You could still delegating the decision to Apple without restricting other
people use of their _general purpose computer_ [1] if Apple simply ran a
curation service. Your choice to only use apps that have Apple's stamp of
approval doesn't require forbidding other people from making a different
choice.

A curation service that forbids people from using competing services (or
making their own decisions without any curator) is a monopolist trying to
control a new market.

edit:

[1]
[https://boingboing.net/2012/08/23/civilwar.html](https://boingboing.net/2012/08/23/civilwar.html)

~~~
DenisM
Sure thing, I would not object to your freedom to root your phone or
something. I object to being portrayed as a victim [1] - I like the
arrangement as it is, and I entered it willingly, having a choice.

[1] "Which is similarly unacceptable, you own it, you decide what runs on it.
Madness that it could ever come to this."

~~~
twojacobtwo
That quote does not portray you as the victim. In fact, it reinforces that you
should have the right to choose as you like. If everyone had the choice, there
would be nothing wrong with anyone choosing, just as you have, to give up your
control.

------
dathinab
It's nice, but very dangerous.

I think Clearview AI should have been "taken down" by the government based on
reasonable laws (which I guess don't exist).

I don't think Apple/Google/Amazone or any other company should need to find
ways to "punish" a bad actor. Nor should they be allowed to do so as this is a
abuse of power and a intervention into politics and moral aspects companies
should not do. Nor feel the need to do so. (I mean who decides what
constitutes as a "bad actor").

But then we live in times where the Goverment fail to protect their people (at
least in cyberspace). Sometimes even repeatedly try to endanger their people
(e.g. some of the anti crypto laws). And most importantly increasingly fail to
represent the values of large parts of the population.

So I guess it's now the new normal that companies openly (ab-)use their power
to push (or hinder) certain thinks which should fall into the area of country
governance.

Honestly not really anything new, but sad nevertheless.

~~~
newscracker
> I don't think Apple/Google/Amazone or any other company should need to find
> ways to "punish" a bad actor. Nor should they be allowed to do so as this is
> a abuse of power and a intervention into politics and moral aspects
> companies should not do. Nor feel the need to do so. (I mean who decides
> what constitutes as a "bad actor").

Apple didn’t take any kind of moral decision here. It just enforced its policy
for distribution of apps, just like it did for Facebook and Google last year.
The decision is not about whether Clearview’s app or service is a threat to
society or privacy.

~~~
caymanjim
> Apple didn’t take any kind of moral decision here.

They most certainly did. This is both public virtue signaling and internal
employee appeasement. They have good lawyers, so they had the lawyers come up
with another reason, but it's purely a moral stance.

~~~
cthulha
You can disagree with Apple's policies, or the principles and reasoning of
others. And I'm sure some of those people are these mythical, awful virtue-
signalling hypocrites that people seem to hate so much. But what makes this
virtue signalling/hypocritical rather than a values-based decision?

Maybe you think Clearview is fine to offer the service, but there are people
who disagree based on moral, ethical and practical arguments - and this action
seems in line with Apple's stated privacy concerns and prior enforcement of
their enterprise distribution agreement.

------
wayneftw
I wonder what Apple would do if someone created a corporation to distribute
apps with the enterprise license and every time they want to distribute the
app, the corporation would make the potential user a member of the corporation
first.

I mean this is all just legal bullshit preventing us from using our own
devices the way that we want right? Why not use the same bullshit back against
them…

I don’t have a dog in the fight between Clearview and Apple or law-
enforcement’s use of AI. I’m just irked by this particular restriction on
Apple devices. You just can’t really have a mobile presence without addressing
Apple and even if they don’t have a technical monopoly, it annoys me that they
still have this level of control over the market.

~~~
sixstringtheory
Apple can yank your enterprise certs if they feel you’re abusing them, too.
They did it to Facebook last year:
[https://news.ycombinator.com/item?id=19035834](https://news.ycombinator.com/item?id=19035834)

------
DenisM
I have to wonder - what did they expect? Apple will drop the ban-hammer just
as soon as the target becomes visible. It’s open knowledge. If you’re a
growing company it’s only a matter of time before you grow large enough to
attract their attention.

~~~
threeseed
Apple bans smaller apps and companies all the time. You just don't hear about
it.

In this case it is as clear cut as you can get.

------
koolba
The violation is using the enterprise app distribution platform for customers.
It’s similar to what Facebook was busted for.

------
tekmaven
> Will Strafach, the founder and CEO of Guardian Firewall, an iOS security
> app, said he doesn't see any way Clearview can remedy its situation with
> Apple given the startup's clear flouting of the rules.

A web app can do this easily.

~~~
dzhiurgis
Web apps on iOS is "a decision tree where at every step you loose".

I love web apps, but still haven't used a single real PWA on iOS.

~~~
tekmaven
We're talking about an image upload and search results. If apple won't allow
it, this is the only possible step where you can win.

------
newscracker
While people are debating whether Apple should have the power to revoke
certificates and disable such apps, I for one am glad that in the instances
where this has been made public, they’ve all been shady apps meant to mislead
and abuse people with a broader aim to subvert human society itself.

Look at the previous well known cases about this same decision — Facebook
tracking people’s every move with a “VPN” software, and Google doing the same
(though on a smaller scale) with its own “VPN” app.

These apps and app makers knew about the restrictions on the App Store, and
yet they proceeded to bypass it through the enterprise program because the app
makers (or those specific teams) and the apps are shady end-to-end. AFAIK,
both Facebook and Google pulled the offending apps and decided not to go ahead
with them on iOS. But they did continue (again AFAIK) with those on Android.

While we can hope that such bad publicity helps expose such massive threats to
people around the world, there’s not much that can actually be done without
regulation.

~~~
saagarjha
> they’ve all been shady apps

As nice as it is to see these apps be pulled, I would be more comforted if
Apple were applying their rules uniformly instead of going after companies
after the supposedly shady behavior makes the press.

~~~
cwyers
How else was it supposed to work in this case? The whole point of the story is
that Clearview was bypassing Apple's review process by using a signing key
meant for distributing an app _internally_ to distribute the app to third
parties outside of the store. Apple couldn't know about the misbehavior prior
to disclosure because the whole point was to keep Clearview outside of their
review process.

~~~
saagarjha
There are a number of easy-to-find examples where Apple is currently not
revoking certificates.

~~~
yladiz
What are the examples?

------
harrisonjackson
Can't they just skin the app and license it to these companies?

They just need an enterprise account for each company (or police force or
whatever) to distribute the app internally. If anything this just enables them
to charge more assuming they've proven out the capabilities and the ROI.

Then each company can distribute it as their own app internally - all within
the guidelines of the enterprise TOS.

If just skinning it isn't enough then they can create an SDK and have then
consult each company to develop its own app that uses this SDK as part of it.
It isn't like Apple restricts enterprise app from using other services and
APIs within their own apps.

I don't think the TOS are particularly unfair or hard to work within in this
case.

~~~
cydmax
This is the solution I would recommend to ClearView to stay in business.

Either they don’t have the expertise to distribute enterprise apps or their
clients are not capable of maintaining a MDM software and an Apple Enterprise
Account. The latter really bugs me though. It implies that e.g. police
officers can install any software on their work devices if they wanted too,
which might endanger citizens because of possible data leaks by device loss or
hacks. With a MDM you can wipe sensitive data remotely and separate private
data from work relevant data.

We distribute our business apps as unsigned xcarchives and our clients resign
them with their Enterprise Certificates and Provisioning Profile and this can
distribute them as they like.

------
yalogin
Unfortunately Clearview is like an invasive pest that is out of control in the
wild. Apple removing from their store is not going to dent it.

~~~
saagarjha
The complaint was that this app was being distributed outside of the store,
which is against the terms of the Enterprise developer agreement.

------
sjg007
Well it could become a progressive web app.. can u grant camera access to one?
U for sure can upload a photo right?

------
technick
Google needs to follow in these foot steps and remove it from Android phones.

------
wellthisisgreat
what a wonderful gentleman the founder of that company is

[https://en.wikipedia.org/wiki/Hoan_Ton-
That](https://en.wikipedia.org/wiki/Hoan_Ton-That)

~~~
adaisadais
Slightly fallacious (ad hominem) but might be allowable here haha.

~~~
taywrobel
Linking to someone’s Wikipedia is ad hominem now?

------
kristianc
By definition, didn’t most news ‘Just’ happen?

------
javagram
Would Apple allow this to be placed into the App Store? (IMO, they should)

It seems like a lot of companies are apparently using the developer program as
an end-run around App Store review.

In the case of a tool like this it seems like the obvious solution would be to
use Android phones for police officers, etc. so they can use apps without
needing to get Apple to review and approve them.

~~~
sp332
They could use TestFlight to distribute apps that are not on the public App
Store. Not the Developer Enterprise program.

~~~
jjeaff
TestFlight is limited to 10,000 testers per app.

~~~
Aachen
That's still a _lot_ of law enforcement officers (or worse) looking people up
if Clearview was limited by that. As far as I'm concerned this sort of power
belongs with an agency that only takes orders from a judge in each of the ~198
countries we have on earth. You don't want Joe Cop abusing this for whatever
they please. _If_ this sort of thing should even be legal in the first place
(I think in Europe the last word has yet to be had).

~~~
dathinab
Problem is they don't _only_ sell to law enforcement.

As far as I know, they sell to anyone which pays well and don't go public
about using it.

I.e. I wouldn't be surprised if some questionable agencies focused around
dodgy detective work or "discrediting" PR work. Heck I also wouldn't be
surprised if he literally (but probably unknowingly) sold it to organized
crime for which it quite valuable for tracking down witnesses which need to be
pressured into keeping silent or some other bullshit usage.

I mean that is one of the major problems with the whole think: It's not a
government/state controlled database only used by law enforcement. (Which
still would be a problem but a bit less).

