Proposed European regulation that could force Apple to allow iPhone users to install software from the web would open ‘”Pandora’s box” and could pose threats to entire networks of computers, Apple software senior vice president Craig Federighi said in a speech on Wednesday.
The remarks at Web Summit in Lisbon, Portugal represent an escalation in Apple’s rhetoric about what could go wrong if Apple is forced to change its App Store policies. Regulators and lawmakers around the world are scrutinizing the company’s control over iPhone software.
Apple is particularly concerned about the Digital Markets Act, which CEO Tim Cook has previously said would result in Apple being forced to allow “sideloading,” or the ability to install iPhone apps from the web instead of through Apple’s App Store.
“European policymakers have often been ahead of the curve,” Federighi said. “But requiring sideloading on iPhone would be a step backward. Instead of creating choice, it could open up a Pandora’s Box of unreviewed malware and software.”
The European Commission, the executive arm of the EU, presented the Digital Markets Act last December. The Act is designed to stop companies like Apple, Google and Meta, the company previously known as Facebook, from abusing their power. It contains a series of rules that would require them to open up their platforms to competitors. Failure to comply could result in fines as high as 10% of the companies’ worldwide annual revenue.
In a report filed with the U.S. SEC last month, Apple specifically named the Digital Markets Act and said that, if enacted, it could require changes to Apple’s App Store that might harm the company’s financial results.
On Wednesday, Federighi didn’t address the potential financial impact to Apple. Instead, he argued sideloading would cause users to be tricked into downloading malware.
“Even if you have no intention of sideloading, people are routinely coerced or tricked into doing it,” Federighi said, citing malware on Google’s Android, which allows sideloading. Google warns users against doing so in system messages and pop-ups, however.
Federighi argued that although technically skilled people might be able to identify malware on the internet, their parents or children might still be fooled, making everyone’s iPhone data less secure.
“The fact is one compromised device including a mobile phone can pose a threat to an entire network,” Federighi said. “Malware in sideloaded apps can jeopardize government systems, affect enterprise networks, public utilities, the list goes on.”
“That one provision in the DMA would force every iPhone user into a landscape of professional con artists constantly trying to fool them,” Federighi said. He said users can choose between iPhones and Android phones that allow sideloading.
Apple has opposed any changes to its App Store that limit how people can install iPhone apps. It’s appealing a decision in a U.S. legal battle with Epic Games that said that Apple has to allow app developers to use their own billing software and link out to it from apps.
Apple says its App Store and approval process provides security and more privacy for its users. But the App Store also generates large amounts of profit for Apple through app download fees and in-app purchases, which can range up to 30%.
Developers and regulators argue that Apple’s control over its App Store, including the prohibition on sideloading, reduce user choice and force software makers to pay Apple for services like payment processing they can do more cheaply on their own.
Federighi’s talk on Wednesday echoed some points made by Apple CEO Tim Cook earlier this year, but went beyond them, especially in discussing scenarios in which iPhone users can be hacked through sideloading.
“I look at the tech regulation that’s being discussed, I think there are good parts of it. And I think there are parts of it that are not in the best interests of the user,” Cook said about the DMA earlier this year in a virtual appearance at a French conference.
“If you take an example of where I don’t think it’s in the best interest, that the current DMA language that is being discussed, would force sideloading on the iPhone,” Cook said. “And so this would be an alternate way of getting apps onto the iPhone, as we look at that, that would destroy the security of the iPhone.”