Apple Has the Right to Hand Out Consequences to Companies That Break App Store Rules

A question of whether or not Apple is too powerful has cropped up recently, especially as it relates to its own digital storefront.

Apple’s news stream has been a bit busy to start 2019. Just as the company is running afoul of its own security ambitions due to a Group FaceTime bug (that the company is fixing next week), it was reported that Facebook was misusing Enterprise Certificates to dole out apps to general iOS customers to collect device information and customer data. That led to Apple pulling those certificates, which led to a breakdown of Facebook’s other internal and beta apps.

It did not take long before Google was called out for doing the same thing with a separate app. Something it had actually been doing since 2012! Unsurprisingly, Apple also pulled Google’s iOS app certificates which brought an end to Google’s own internal and beta apps, just like it did for Facebook. The end result is that Apple restored the certificates after Facebook and Google both pulled the offending apps from the App Store.

In both cases, both Apple’s handing down of its judgment and restoring those certificates, was the right thing to do.

Despite the punch to the face Apple received with the Group FaceTime bug, Apple is still a company that relies on security and user privacy as a major tentpole for its devices and services. It’s one of the reasons that customers choose Apple over the competition. But the reality is that choices still exist. If you don’t want a company that can exact a response to another giant company breaking its storefront rules, then you can always go over to Android and Google Play. But Apple has never been shy about trying to run a tight ship in every way that it can.

The walled garden is still a thing, even if some of the elements that defined that garden have minimized over the years. But Apple is still a company that relies on its first-party apps and services to bring the best possible experience, and keep user privacy a priority. But it also holds other companies to a similar standard if they want to launch an iOS app. Those devices can get permissions to pull some data from their apps, but the apps that Facebook, Google, and a myriad of others are using via enterprise certificates go against Apple’s stated App Store rules.

Of course they should be punished for that. Apple isn’t displaying an inordinate amount of power here. It’s a shop owner that is responding to people breaking the rules. Now, this would be completely different if Apple decided to outright block, remove, or ban the Facebook app, or the Google Search app, from the App Store altogether. That would be a major overstep, especially if Apple didn’t restore those apps after the companies removed the offending agents from the App Store.

The quick turnaround on Apple’s part to restore those enterprise certificates should show that Apple wasn’t swinging a broad hammer here, but rather a precision tool. Apple removed the company’s certificates as a response to them breaking the App Store guidelines, but once the apps were removed and shut down Apple brought the company’s internal and beta apps back up. Yes, that was probably frustrating for the companies, and especially the company employees that rely on those internal apps, but those actions have consequences.

To be honest, with all the roadblocks that Apple has run into in the beginning of 2019 this isn’t the one that has me questioning anything. Instead, it’s the Group FaceTime audio bug that allows for eavesdropping that’s a much bigger issue in my book. Yes, it’s certainly possible that Apple missed the bug — but Apple has to change the way that it accepts real-world input from its device owners. The fact that someone tried to inform Apple a week before the news broke is outrageous.

It’s great that a fix is coming, and hopefully this is something that doesn’t happen again. But I think the least surprising thing of 2019 is the fact that Apple is enforcing its own rules, and following along with ramifications for those who break those rules.

What about you? Do you think Apple handled the enterprise certificates situation appropriately?