Today, we’re releasing a new paper, “Tending the Garden: How to Ensure that App Stores Put Users First.” It is topical, because this week is also Apple’s Worldwide Developer Conference — an annual event primarily geared toward software creators. This event gives them a preview of upcoming operating system versions and application programming interfaces (APIs) — information they need to keep their apps updated. This year, Apple also announced that it was shifting the Mac from Intel-based chips to “Apple Silicon,” that is, its own in-house chips that use the ARM instruction set. It’s exciting stuff for people who love to get into the weeds of computing technology.
Last week was another big week for Apple developer news, but of a less positive note. A conflict between Basecamp, developers of Hey, a new email service, and Apple demonstrated the power that Apple has over developers — in this case, eventually forcing Basecamp to offer new, free functionality in its app. (Apple’s policy, which does not apply to major streaming services like Netflix, is that if an app can only be used with a paid account, it must offer in-app purchase functionality. Apple keeps 30% of in-app purchase revenue.)
The details of that particular dispute are complex, but it’s representative of how the needs of developers and the users who want to access their apps don’t always align with the incentives of app stores. App stores have provided many benefits to users and developers. Most notably, users are more likely to buy and install software from a trusted source. Many of the platform design decisions that go hand-in-hand with app stores, such as apps getting limited access to sensitive information such as location data or a user’s contacts, or sandboxing policies that prevent apps from reading data from other apps, have also been good for user privacy and security.
In 2002 or so, I would have been very skeptical of these claims. That is when Microsoft first began talking about its Next-Generation Secure Computing Base (NGSCB). This form of “trusted computing” was touted as a way to prevent PCs from running harmful software — but many saw it as a Trojan horse technology that would limit operating system competition, lock up all media behind digital rights management (DRM), and any number of other nefarious things. Those things are possible, of course. But in many ways, Microsoft’s proposal foreshadowed many of the technologies that would feature in iPhones and Android phones in years to come. Not only do Android and iOS, the dominant mobile operating systems, have sandboxing and code-signing requirements that restrict what apps can do and what apps can run on a device, but iPhones, Samsung phones, and Google Pixel phones (and others) also all have “secure” chips that facilitate encrypted messaging, biometric authentication, secure payments, and other things that legitimately benefit users.
It’s not that people were wrong to be skeptical of how platforms could use “trust” technologies to lock down and control users and developers. But in the time since, it has become evident that unsecured computing platforms carry unacceptable privacy, security, and safety issues, and that certain applications are only possible on systems that have a baseline level of security technology.
The challenge is how to balance the very real dangers that come from the high level of gatekeeper control major platforms have over both their operating systems and their app stores, with the benefits that app stores create for both developers and users. And that’s where our new paper comes in.
Platform maintainers like Apple and Google benefit from a thriving community of developers and users, and developers and users benefit from the investments of platform owners. But the incentives can go awry. App stores might squeeze developers for revenue they can’t afford to give up; they might cave to government pressure to censor apps; or platforms might even give preferential treatment to their apps in all sorts of ways.
Some of these problems could be addressed by antitrust law, to be sure. But an antitrust remedy might be narrowly tailored to a single plaintiff, or a single set of harms, and might not enact the systematic, structural changes that may be needed. Additionally, platform gatekeepers can create challenges in other areas — to user freedom, to free expression, and even to the ability of archivists and historians to access old versions of software.
Among other things, the paper recommends that platforms only apply in-app purchase rules to genuine app functionality that could otherwise have been a single up-front purchase; that platforms allow users to “sideload” apps but only from recognized developers (under a code-signing system that recognizes multiple certificate authorities, the way that web encryption works); that platforms follow certain guardrails to ensure the ability of independent app and hardware developers to compete on an even playing field; that platforms allow archiving, emulation, and transfer of apps and digital content; and that developers be given more business model flexibility, such as offering traditional free trials of paid apps, and upgrade pricing.
While the paper does not dwell for too long on the exact means by which platforms could be required to follow its recommendations (though, of course, they are free to enact them voluntarily in the meantime), they can be thought of as what app store-specific requirements from a digital platform regulator could look like. Public Knowledge has argued that such a regulator might be the best way to address the various competition, public interest, and consumer issues that major tech platforms create. Such a regulator would be charged with enacting rules to promote competition, not merely preventing anticompetitive acts, and pursuing goals that have little to do with “competition” at all, such as ensuring that platforms are designed in ways that allow users to bypass the requirements of authoritarian regimes. At the same time, these measures are not aimed at requiring platforms to run app stores as public utilities, or as loss-leaders for hardware sales. Instead, they simply limit the ability of platform maintainers to collect “rent” — that is, to charge others based only on what they own and control — rather than charging fair rates for services they actually perform.
App stores have helped empower users and established a whole generation of independent software developers who have created some amazing experiences. My phone’s home screen has apps like Overcast, Drafts, Broadcasts, OmniOutliner, Instapaper, Carrot Weather, and Reeder. I use each of these apps every day, and they’re all from small development shops or one-person operations. While boutique software shops have created apps for Windows and Mac for decades, I believe that the rise of app stores has been a great benefit to this kind of creativity and entrepreneurship. The goal of this paper is not to somehow put a stop to app stores, but to ensure that they can fulfill their purpose of empowering users and developers, which in turn will make platforms all the more valuable.