I wish the EU was a little less short sighted with this regulation.
It's completely fair to request that Apple provide APIs for interoperability purposes. And these requests obviously need to come initially from third party hardware developers.
But there needs to be some mechanism for protecting the privacy and security of users that is evaluated by experts and not EU regulators. It's very obvious that companies e.g. Meta are trying to abuse the DMA in order to try to get more user data and not for interoperability purposes. And it's not what the world needs right now.
Apple forfeited the right to be safety arbiter for their users when they used it as a cudgel to extract supra-competitive profits from customers. Same reason why we drenched the US phone system in red tape back in the 80s and 90s to make phone service competitive. It led to a shitton of funny scams but it also is the only reason why we got home Internet service at all. The phone companies were screaming up and down about how dial-up Internet was going to kill the phone network, but we didn't listen and made them work around it.
As for Facebook[0] "abusing the DMA", the correct solution for that is for the EU to put interoperability restrictions on Facebook that let us use Facebook without their shitty apps. Apple should be allowed to write a third-party Facebook client so that people can uninstall Facebook without losing access to their friends still using it.
[0] It is always ethical to deadname corporations.
Meta has been requesting things like access to all Messages, Photos, Call Logs etc under the guise of interoperability but which would be an unprecedented gift of private data.
Meta already profiles and molests the data of iOS users in Safari. Apple can try to play superhero net-nanny for their userbase, but the choice to give a company your data is a deliberate choice. After all, you can't use either MacOS or iOS without agreeing to Apple's own EULA. It's facetious to pretend that Facebook users aren't aware of what they're getting into post Cambridge Analytica.
Apple has no right to moderate what iPhone users run on their hardware any more than they can on Mac. That includes borderline malware like Avast Antivirus and the Facebook app.
They buy it from your telecom provider for pennies on the dollar, then connect your phone number to the shadow profile associated with your identity scraped from your friend's posts, photos and uploaded contact info.
Very common in regulatory derelict-states like the US. The solution is consumer protections, not begging for a stronger corporate nanny.
That's how APIs should be. Apple doesn't treat HTML as an endpoint that needs discriminatory features to prevent users from sending private information. That's how all of their software should work, as it already does on Mac.
Apple absolutely does treat the web as an endpoint that needs discriminatory features to protect users. See tighter controls of:
1. location data
2. notifications
3. long term state
4. background processing
5. photo access
6. web access on local network
7. sensor access (e.g. accelerometer)
8. state sharing with other parties (e.g. 3rd party cookies)
There is no regulatory body that can apply economic penalties to security and privacy abuses on the open web. The App Store model on the other hand requires a real identity verification to sign up as a developer, static applications which can be verified by review, and real penalties for abuses (refusing to publish new versions, removal from the store, potential legal action by Apple for contract violation).
As an example - an API for reading the personal contacts database can only have a gate for access with no limits on abuse once access is granted. The App Store model lets Apple apply real penalties for abusive behaviors of such an API. The web does not have a regulator, so the hypothetical UX for sharing a contact is designed to be much more restrictive with a higher barrier of user consent.
Privacy is not solved by trusting one corporation's service over another, either. Apple cannot exercise private entitlements to deny competitors fair access to their features. Therefore, the current entitlements they use need to be secured for them to be ready for third-party users.
I am not saying this is a panacea. I am acknowledging that Apple has to reconsider what their security model looks like in the face of new demands.
Well, I hope you enjoyed your diatribe. I was addressing security, not privacy. No corporation has the right or ability to promise privacy to any free persons in a free society. I thought that was assumed on a site like Hacker News.
>No corporation has the right or ability to promise privacy to any free persons in a free society. I thought that was assumed on a site like Hacker News.
You're back to arguing against your own imagination.
> there needs to be some mechanism for protecting the privacy and security of users
Apple is not in a position to be the one evaluating security of 3rd party offers. Apple markets itself as one but the reality is that it’s a conflict of interest for them to perform this function.
It’s also not up to Apple to decide what privacy is and later change their minds because for example Apple Intelligence needs access to “personal context” or they receive information requests from the US government, or similar.
All companies operating within the EU are subject to privacy and consumer protection regulations and allowing for interoperability doesn’t change any of that.
It's completely fair to request that Apple provide APIs for interoperability purposes. And these requests obviously need to come initially from third party hardware developers.
But there needs to be some mechanism for protecting the privacy and security of users that is evaluated by experts and not EU regulators. It's very obvious that companies e.g. Meta are trying to abuse the DMA in order to try to get more user data and not for interoperability purposes. And it's not what the world needs right now.