The European Union’s Digital Markets Act (DMA), which targets so-called “gatekeepers,” aims to make it easier for consumers to switch among such platform-specific features as browsers, media players, messaging apps, and app stores. Despite being squarely targeted by the legislation, Apple responded to it before it took effect, making changes to iOS, Safari, and the App Store to comply.
It marked the second major capitulation the company has made to EU legislation. Last year, after arguing against rules that would have it ditch its Lightning connector for USB-C, Apple finally made the switch in the iPhone 15. While it may have done so reluctantly, it did so globally and in ways that benefited its overall platform portfolio. These included standardizing connectors across its major computing platforms, gaining access to a broader range of peripherals, and enabling faster data transfer speeds. With Lightning originally debuting over a decade ago on the iPhone 5, the legislation likely did little more than slightly speed up what Apple was planning to do anyway.
Apple's losing containment
But while Apple may have viewed the USB-C switch as a mixed bag, its recent press release leaves no doubt that it was not happy about the changes it made to comply with the DMA. Chief among these is its stated concerns about privacy and security, one of Apple’s tentpole messaging points versus Android. Apple’s press release cites “risks” in the context of privacy and security 11 times, addressing what the company has done to mitigate them and can’t do to eliminate them.
Yes, more parties involved in offering alternate browsers or alternate app stores could result in more risks. In complying with the DMA, Apple loses some control over containing risks. Other parties’ tolerance may not match the level of Apple, the ultimate steward of the iPhone experience. The key questions are about the degree of risk increment and what benefits may be gained from it. In addition to Apple’s mitigations, app stores are likely to be offered by companies such as Microsoft and Epic Games, companies to which millions of customers already trust their data.
What happens next?
Perhaps one day, the U.S. will implement a comparable law to the DMA and Apple will need to extend the kinds of changes it has implemented stateside. In confining its changes to Europe, though, Apple has set up a global experiment in which the U.S. and other countries act as a control against which to test its objections about the dangers of the DMA.
The coming years will determine whether Apple’s warnings about risk prophetically align with an increased incidence or severity of security and privacy breaches on its platforms. But, particularly given that Google will likely have to further open Android in response to similar legislation (or litigation), iOS is bound to stay ahead when it comes to such compromises. Apple might consider any such weakening a loss for its customers, but it would still retain a competitive advantage.
