Apple Faces Scrutiny as Sanctioned Entities Slip Through App Store Controls

[VulchR]

“Enhancing the review process”

Sure Apple, whatever you say.

Instead of making Apple open up its walled garden to outside app stores, various governments should have made them legally liable for the the legality and quality of apps in the app store. Let Apple earn the fees they charge developers that then get passed on to consumers.

 

[macfacts]

Exactly the reason I have not visited the App Store for ten years. Its becoming more Android.

when did Google advertise itself as pro privacy or a walled Garden?

 

[justanotherdave]

It would if the Android ecosystem was a walled garden. It's not.

100% false. Whether or not Android is open has absolutely nothing to do with whether or not they have to follow the same laws as Apple.

 

[I7guy]

That's the problem with the walled garden. It makes Apple a tool of the US administration. In other countries we would call it censorship.

That’s the problem with policing an App Store. With windows it won’t be an issue. /s

 

[justanotherdave]

The findings also call into question Apple's long-standing claim that its App Store provides a "safe and trusted" environment for users.

No it doesn’t. Only if you believe that Apple needs to have an absolute 100% success rate at preventing Apps from sneaking into The App Store.

Next up? Software companies need to create software that’s 100% bug/exploit free. If they don’t then their software is no longer safe/trusted.

 

[I7guy]

when did Google advertise itself as pro privacy or a walled Garden?

Google has been bellowing from the mountain tops how it’s privacy focused with your data. And could it be considered to be a walled garden? Sure.

 

[turbineseaplane]

That’s the problem with policing an App Store. With windows it won’t be an issue. /s

The problem with a fully controlled App Store that a company must "police" is that they become an arm of whatever other entity is forcing them to do that policing.

That can be "fine" or "very bad", depending upon who they are being compelled to act on behalf of and what they are being asked to do.

 

[WilliApple]

Wait so im confused, Apple is getting fined for something that developers are doing?

 

[turbineseaplane]

Wait so im confused, Apple is getting fined for something that developers are doing?

"Apple's App Store has been unlawfully hosting dozens of apps tied to U.S.-sanctioned companies"

If you control the ship, you're accountable for the actions of your sailors.

 

[I7guy]

The problem with a fully controlled App Store that a company must "police" is that they become an arm of whatever other entity is forcing them to do that policing.

The problem with windows which is the polar opposite of iOS, is that there is no control about how it can be used. The “inmates can run the asylum”.

That can be "fine" or "very bad", depending upon who they are being compelled to act on behalf of and what they are being asked to do.

Exactly. But like all of society and life compromises exist everywhere. And should Microsoft be held liable because windows was used in some less than moral manner?

 

[CapitalIdea]

Instead of scrutinizing Apple, the government needs to scrutinize why these shell companies are so easy to establish and do business in the United States in the first place and stop blaming companies for our own regulations being as airtight as a sieve.

 

[WilliApple]

"Apple's App Store has been unlawfully hosting dozens of apps tied to U.S.-sanctioned companies"

If you control the ship, you're accountable for the actions of your sailors.

Thats like fining Apple for something YouTube is doing tbh... Like imagine in 2019 when YouTube violated COPPA, they fined Apple and not Google.

 

[justanotherdave]

The problem with a fully controlled App Store that a company must "police" is that they become an arm of whatever other entity is forcing them to do that policing.

That can be "fine" or "very bad", depending upon who they are being compelled to act on behalf of and what they are being asked to do.

Are you suggesting that third party App stores aren’t required to follow the laws of the country they operate in?

 

[bluespark]

That's the problem with the walled garden. It makes Apple a tool of the US administration. In other countries we would call it censorship.

Relevance? All U.S. companies are required to comply with U.S. sanctions law, so Apple's curation approach is not necessarily an issue at all. Its ability and willingness to detect and respond appropriately to the involvement of sanctioned persons certainly is.

 

[turbineseaplane]

Thats like fining Apple for something YouTube is doing tbh... Like imagine in 2019 when YouTube violated COPPA, they fined Apple and not Google.

It depends what is being done.
This is apparently violating the law to host these still.


Dozens of apps for companies put under sanctions by the U.S. government have remained available in app stores maintained by Apple and Google, a violation of the law according to legal experts.



I thought we have folks in here who were all about not breaking the law (when it comes to ICE stuff)?
What happened? Doesn't apply to Apple?

 

[needsomecoffee]

52 apps out of nearly 2 million. Likely just very, very lazy developers. It is not "whack-a-mole". It is removing 52 drops of tainted water from a swimming pool. Never, NEVER assume Apple is going to be able to find/remove/prohibit a motivated black-hat developer. They simply cannot do it. Sadly Tim & Co. want you to think otherwise. That is Apple's real crime imho.

 

[justanotherdave]

Instead of scrutinizing Apple, the government needs to scrutinize why these shell companies are so easy to establish and do business in the United States in the first place and stop blaming companies for our own regulations being as airtight as a sieve.

This is a fantastic point.

Apple has several requirements before you can publish an App. One of them is getting a DUNS number for your business.

So why isn’t the government going after Dun & Bradstreet? Shouldn’t they be checking to see if the entity requesting a number is sanctioned?

I’m betting that once a company has a valid DUNS number then Apple goes on to the usual vetting process (like Apps not abiding by App Store rules) and spends less time checking if a company is sanctioned.

Apple needs to double-check companies, but I think D&B bears primarily responsibility for issuing a DUNS to a sanctioned company.

 

[Octavius8]

Apple can’t and won’t care to develop a way to control it.
The famous security of the App Store is just marketing to keep the monopoly of a store in IOS devices.

 

[WarmWinterHat]

100% false. Whether or not Android is open has absolutely nothing to do with whether or not they have to follow the same laws as Apple.

The point is that it doesn't matter. If the Play store doesn't have it, or can't carry it, I can download it anywhere else.

 

[WarmWinterHat]

Thats like fining Apple for something YouTube is doing tbh... Like imagine in 2019 when YouTube violated COPPA, they fined Apple and not Google.

Retailers can be liable for a product they sell, even if they had no part in it's production. What makes Apple so special?

 

[I7guy]

[…[


I thought we have folks in here who were all about not breaking the law (when it comes to ICE stuff)?
What happened? Doesn't apply to Apple?

I think what happened is that people recognize a difference between, let’s say, a jaywalking ticket and a fatality caused by a drunk driver. It’s not just both are against the law as the lowest common denominator.

 

[I7guy]

Retailers can be liable for a product they sell, even if they had no part in it's production. What makes Apple so special?

True. In the US one can sue the retailer that sold the product, the manufacturer that made it, the truckers that transported it, and the suppliers that provided the raw material. And hold all of them criminally liable.

 

[justanotherdave]

The point is that it doesn't matter. If the Play store doesn't have it, or can't carry it, I can download it anywhere else.

That has nothing to do with what this particular thread is about (the person you originally replied to). It was about following rules va a walled garden.

It’s irrelevant if you're a walled garden or a third party store. Laws still apply to you. Third party stores aren’t allowed to host Apps by sanctioned companies either. It’s just that they never make the news because they’re not Apple or Google.

That said, if you really believe “if the Play Store doesn’t have it I can get it somewhere else” then you have to admit that there’s risks in third party stores (being able to get whatever you want). This is contrary to the claims by Apple and security researchers that third party stores pose risks to all users.

You can’t have it both ways.

 

[justanotherdave]

So after doing a little digging Dun & Bradstreet do in fact screen for sanctioned companies when issuing DUNS numbers.

Apple & Google both require a DUNS number for developer accounts to host your Apps. Seems like the failure is more on D&B for issuing a DUNS than Apple & Google for accepting a DUNS number to verify your business entity.

Next up? The IRS issues a tax number to a sanctioned company, Apple does business with that company, and it’s somehow Apple’s fault for accepting a tax number the IRS issued themselves.

 

[bluespark]

This is a fantastic point.

Apple has several requirements before you can publish an App. One of them is getting a DUNS number for your business.

So why isn’t the government going after Dun & Bradstreet? Shouldn’t they be checking to see if the entity requesting a number is sanctioned?

I’m betting that once a company has a valid DUNS number then Apple goes on to the usual vetting process (like Apps not abiding by App Store rules) and spends less time checking if a company is sanctioned.

Apple needs to double-check companies, but I think D&B bears primarily responsibility for issuing a DUNS to a sanctioned company.

Because the legal obligation is not to engage in commerce with a sanctioned person.

Also, D&B may be at risk to Apple and other companies if they were the sanctions search vendor and failed in their vetting. This is as it should be: Best results are achieved if companies are responsible for their own sanctions compliance and then can assert secondary contract actions against vendors that fail to perform.