Apple faces March 5 deadline for third-party app stores – but don’t hold your breath

Apple will have until March 5 next year to comply with Europe’s Digital Markets Act, which in theory means that it will have to permit either third-party app stores, or sideloading of apps, by that date.

The deadline has been revealed after Apple confirmed that it qualified as having “gatekeeper” status, meaning that it is one of the companies that will be subject to the upcoming law. However, don’t expect much to change on this date …

How the Digital Markets Act (DMA) will impact Apple

The DMA is a piece of antitrust legislation aimed at tech giants. The goal is to increase competition in the sector by removing some of the advantages held by dominant players, and to make it easier for startups to compete.

If the law is applied in the way the EU intends, then it will affect Apple in three ways:

• Apple must allow developers to use third-party payment platforms
• Users must be free to install apps without doing so through Apple’s App Store
• iMessage will have to interface with other messaging platforms

We add the rider here for reasons I’ll discuss in a moment.

Apple has confirmed it is subject to the DMA

Initially, there was some uncertainty over whether Apple would be affected by the DMA. Some politicians wanted the law to be laser-focused on social networks like Facebook and Twitter, while others wanted it to target the very largest tech companies across the board.

It was confirmed back in 2021 that the broader definition would apply, bringing Apple into the firing line.

Somewhat bizarrely, however, the EU required companies to confirm that they are big enough to qualify. Reuters reports that Apple has now done so.

Alphabet’s Google, Amazon, Apple, Meta Platforms and Microsoft have notified the European Commission that they qualify as gatekeepers under new EU tech rules, EU industry chief Thierry Breton said on Tuesday.

One thing is certain; two things aren’t

What is certain is that Apple will have to allow developers to choose to use a third-party payment platform when selling apps through the App Store.

This is already the case in the US, through the ruling in the Apple vs. Epic Games lawsuit (though Apple is now appealing this to the US Supreme Court).

The App Store and iMessage implications, however, are likely to take years to play out.

Why the uncertainty about apps?

Those who framed the law intend it to force companies like Apple to let their customers choose how they install apps.

The idea is that iPhone owners can choose whether or not to use the official App Store; developers can choose to sell apps directly to customers; and anyone who wants to can create their own third-party app store, which consumers can choose to use instead of Apple’s one.

However, the wording of the DMA does contain a potential get-out clause, and Apple is likely to seize on this to challenge it in court. Take a deep breath: If you’ve ever wondered whether anyone in the world writes longer sentences than me, wonder no more.

In order to ensure that third-party software applications or software application stores do not endanger the integrity of the hardware or operating system provided by the gatekeeper, it should be possible for the gatekeeper concerned to implement proportionate technical or contractual measures to achieve that goal if the gatekeeper demonstrates that such measures are necessary and justified and that there are no less-restrictive means to safeguard the integrity of the hardware or operating system. The integrity of the hardware or the operating system should include any design options that need to be implemented and maintained in order for the hardware or the operating system to be protected against unauthorised access, by ensuring that security controls specified for the hardware or the operating system concerned cannot be compromised. Furthermore, in order to ensure that third-party software applications or software application stores do not undermine end users’ security, it should be possible for the gatekeeper to implement strictly necessary and proportionate measures and settings, other than default settings, enabling end users to effectively protect security in relation to third-party software applications or software application stores if the gatekeeper demonstrates that such measures and settings are strictly necessary and justified and that there are no less-restrictive means to achieve that goal. The gatekeeper should be prevented from implementing such measures as a default setting or as pre-installation.

Tl;dr, Apple could argue that forcing users and developers alike to buy and sell apps through the App Store is the only realistic way to protect them from malware and scam apps (cough).

What about iMessage interoperability?

In principle, the DMA says that Apple (and other affected companies) must allow message interoperability. In other words, if you use iMessage and I use WhatsApp, Apple must provide a means for us to exchange messages within our respective preferred apps.

The real point of this is not to help fellow tech giants like WhatsApp owner Meta, but to allow startup messaging companies to solve the biggest Catch-22 they face: Nobody will install a messaging app until lots of people are already using it.

However, the DMA wording here is weak. It essentially says that companies like Apple must share technical specs for doing this, and the EU will then decide whether the paper(s) comply with the law.

Gatekeepers should ensure interoperability for third-party providers of number-independent interpersonal communications services that offer or intend to offer their number-independent interpersonal communications services to end users and business users in the Union. To facilitate the practical implementation of such interoperability, the gatekeeper concerned should be required to publish a reference offer laying down the technical details and general terms and conditions of interoperability with its number-independent interpersonal communications services. It should be possible for the Commission, if applicable, to consult the Body of European Regulators for Electronic Communications, in order to determine whether the technical details and the general terms and conditions published in the reference offer that the gatekeeper intends to implement or has implemented ensures compliance with this obligation.

There is also a similar security get-out clause here.

In all cases, the gatekeeper and the requesting provider should ensure that interoperability does not undermine a high level of security and data protection.

9to5Mac’s Take

If I had to guess how this will all play out, what will happen is this:

• The law will come into effect;
• Apple will comply with the payment platform part;
• The company might publish a very densely written white paper on iMessage interoperability, deliberately making this as unhelpful as possible to any messaging company hoping to take advantage of it;
• Apple will initially ignore the app store part;
• When challenged, it will try to use the security get-out clause;
• The EU will take it to court;
• The case will take years to work its way through to the final appeal.

So yeah, the March 5 deadline is a thing, but don’t expect much to change by then.

Photo: Jimmy Chang/Unsplash