I’m thinking one of 2 options:
- Remove the apps from EU
- Put the European Commission phone and address
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Developers Now Required to Share Phone Number and Address on EU App Store to Meet 'Trader' Requirement
- Thread starter MacRumors
- Start date
- Sort by reaction score
EU should be required to share the phone number and home address of each politician who supports this nonsense. Really just too much regulation and expectations. I'll be looking forwards to the day that Apple, and all others, pull out of the EU market, leaving them on their own to figure out why everyone didn't want to do business with them.
Contact details (email address, phone number and mailing address) for EU members of parliament are publicly available on the parliament‘s website.
Home address isn’t - but neither are developers required to share that.
It’s not reliably prevented by Apple - as evidenced by numerous phishing apps that were available from Apple‘s Store.
And it’s forbidden by their guidelines - but so what?
Traffic violations are forbidden by law - so why include identifying number plates on cars?
Also, Apple is just a middleman here - there may be other „traders“ subject to the law that are not subject to similar middlemen and their policies as Apple‘s. The law wasn‘t designed to target only Apple and third-party developers on their platform.
Last edited:
Well, I do work in this industry actually, and I clearly think very differently. Predominantly as my primary job is in cybersecurity and data protection.
No, I wouldn't, I really wouldn't. Yes, I've returned to the EU region, but I've lived and worked all over. Including North-America, Australasia, Middle-East, and Russia.
Yet, GDPR is copied, with regional variations, and in the USA even with variations per state like the CCPA/CPRA, TDPSA, CPA, CTDPA, DPDPA, FDBR, Indian CDPA, Iowa CDPA, KCDPA, MN CDPA, MT CDPA, MODPA, NHDPL, NJDPA, OCPA, TIPA, UCPA, VCDPA and there are still a few more states to go. Yup great that variations. And then I haven't even begun about PIPEDA, POPIA, FADP in other parts of the world. And these are just in a similar field to the GDPR, there are those on other areas where compliance is required as well.
Regulations are just part of doing business, it isn't optional. And it isn't even just the EU. Globally, it is considered more and more that consumer protections and privacy are a good thing. That businesses (traders) need to be identifiable. That it isn't the wild west any longer where you can just do whatever you want with customers' data.
I am not convinced that has aged well already, considering that it really isn't that unique or unusual what the EU is doing. Very similar things are happening in approximately 80 regions around the world. Other than perhaps actually enforcing it.
Last edited:
I should have written that it's addressed by the guidelines not solved. Nobody can fully prevent these things.
Then the law is ill-advised. One size doesn't fit all.
From a user perspective, since developers were already required to provide support links in their App Store listing, users would find a single link with information to obtain support with an app. Now, users in the EU confusingly find additional non-support information, like the business phone number (most developers don't provide phone support), and a business email address (not the specific support email for that app, but an email for the business which may have several apps).
Of course, Apple already had a vetting process for all businesses on the App Store that was far more extensive than whether the developer has a meaningless "virtual" address and phone number to list on the App Store (as so many are suggesting developers can do), so in the end this seems to accomplish little relative to the confusion it adds for regular users looking for help with their app, or relative to the burden on small developers who now need to invest time and money figuring out services to mask their personal addresses and phone numbers if they don't want them listed on the App Store.
And for legal matters, since Apple already had developer's phone and address information, the EU could have simply required that Apple provide that information upon receiving a justifiable legal request.
The way this is implemented is a net negative for both users and developers on the App Store.
Of course, Apple already had a vetting process for all businesses on the App Store that was far more extensive than whether the developer has a meaningless "virtual" address and phone number to list on the App Store (as so many are suggesting developers can do), so in the end this seems to accomplish little relative to the confusion it adds for regular users looking for help with their app, or relative to the burden on small developers who now need to invest time and money figuring out services to mask their personal addresses and phone numbers if they don't want them listed on the App Store.
And for legal matters, since Apple already had developer's phone and address information, the EU could have simply required that Apple provide that information upon receiving a justifiable legal request.
The way this is implemented is a net negative for both users and developers on the App Store.
-
Can the EU go fork it’s autocratic self?
Yes, indeed it can.
-
Can the EU go fork it’s autocratic self?
Yes, indeed it can.
-
With all the discussion over the DSA, the Cyber Resilience Act, as someone pointed out earlier, may be a bigger challenge. How does a small developer ensure they comply with it and the ESO standards? Even if it is a paperwork exercise it will be one more regulation to run afoul of even if a developer makes a good faith effort to comply.
It’s about leveling up the standards and holdings devs accountable. It can never be an excuse where a developer of an app can have a plausible defense that is based upon “but I am small, I’m just an indie”. Nope, if you process data of your customer you should treat it in accordance with relevant regulations. Too many are too lax about cyber security and privacy. It’s great they can be held not only accountable but also liable.
Let’s keep in mind that developers can choose to not have their app available in Europe.
Traders that sell things and are responsible for their things sold/services provided should be contactable and accountable.
Not every middleman or marketplace has policies like Apple.
And enforcing the law is a whole different matter.
The bottom line is: App developers are responsible for what they're selling and the content and data collection of their apps.
Apple's clever business model of raking in big chips (and commissions) without actually being accountable as a middleman shouldn't undermine consumer rights and protection.
Last edited:
Why on earth is an email address and website not a valid form of contact? Requiring a physical address and a phone number for digital businesses in 2024? EU regulations are constantly keeping Europe stuck in the past.
Had this been done when the App Store came out in 2008 they absolutely would have required a fax number 🤣
Don’t forget this law isn’t just about Apple and the App Store. When you register a business with your local chamber du commerce just an email address and website isn’t sufficient either. No country in the world that I know of accepts that as a legal registration. And with free email services and free cloud flare as employed by many scammers around the world it’s way too easy to portray one being elsewhere. There are good reasons to have proper details for a company and its persons with significant control and/or ultimate beneficiaries.
I understand that. But again, there is no reason to publish that information to EVERYONE IN THE EUROPEAN UNION. Every single developer in the App Store has to provide contact information, that is shared with customers, and, in order to be paid out by Apple, additional information that isn't. Again, give me a valid reason that the physical address info needs to be shared. You can't, because there isn't one.
Does Apple have a valid reason to have the physical address? Sure. Does the EU/Member Countries themselves have a valid reason to get physical addresses? Yep. Is there a valid reason that it should be shared with every EU citizen who wants it? Nope.
Sure, but not in this hamfisted way. You don't trust Apple, fine. Have a third party like the EU itself register developers and then let people contact developers through them.
Similar to how license plates work.
That's the problem because usually it's the one in the back.
How else can you get a list of developers to spam?
Seriously, I can see why a small developer may chose to leave the EU if the revenue isn't enough to cover costs and put private information out for everyone to see. I suspect "rent an office addresss" may be one way to comply and still keep personal data private.
You haven't missed the part where the EU requires that, have you?
Of course it's a valid form of contact.
It's just not the only one required.
And I've said it before on this thread: legal paperwork will not be delivered or officially served to an email address.
It will be delivered - if necessary with proof of delivery - to a physical mailing address.
Every iPhone user can become a paying customer of that company at the touch of a virtual button.
And when you become a paying customer, you have a right to know who your contracting party is and how to contact them.
When somebody offers products or services as a business online*, you have a right to know who that is and how to contact them. In a way that you can legally rely on.
* PS: ...and may be storing / handling your data.
There is a valid reason if you're a customer or data subject they're dealing.
And there are valid reasons when they (possibly a competitor) are violating your rights as a consumer - or a competing developer.
Last edited:
It’s on every letterheaded paper, just like the bank details, tax details, also should be included on the website privacy policy and terms, and naturally is already available to look up at the relevant company registration datatabases 🤷♂️ It’s public information, and legally required to be shared just like every other business.
Exactly. And the EU is not alone in this. I’ve provided a pretty comprehensive list earlier of other jurisdictions with very similar requirements.
Yet somehow some on here seem to exclaim but I’m an indie developer like the rules don’t apply. To me it just highlights a lack of understanding as to what obligations there are when running a business.
Why would you include the EU as a middleman?
And can you imagine the amount of bureaucracy of them acting as a gatekeeper between you and the trader?
Can't help but think that opponents of this obligation to disclose seem to be (in the majority) based in the U.S. or North America. And there (yet again) seems a bit of cultural divide at play here:
- Businesses making it as easy as possible to take consumers' money and/or data (and "digital" businesses in the U.S. are ahead of their European counterparts on that).
- Yet at the same time allowing them to make contacting them as hard as possible, hiding behind unpublished mailing addresses, contact forms (that may work ...or not) etc...
When you have a business in Europe, consumers - and competitors whose rights you may be infringing - have a right to know how to contact you. In a way that they can legally rely on. That's a matter of transparency, fairness - and being on (somewhat) equal footing.
Side note: And that's not even starting to go into the topic of "outsourcing" legal disputes and consumer protection to for-profit "platform" operators (think: Apple, eBa, your credit card company charging back). Let alone forced arbitration "alternative dispute resolution" (your spouse died from anaphylactic shock? Too bad, when you made a trial streaming account and paid parking tickets).
No wonder so many (supposedly) U.S.-based users were - when it came to "sideloading" and the Digital Markets Act - touting Apple's app refund policy so much, and injecting so much "concern" about the risks and dangers of purchasing a software license or subscription directly from a developer.
When you support such shady fly-by-night business antics as "It's totally OK for my business to take your money and/or data - but god beware if I have to disclose who I am or how to contact my business".
What’s different is that if you’re not making a significant amount of money in the US, you’re not a business, it’s a hobby, and the rules are different. But based on everything I’ve read, if you offer an app for sale you’re a trader, no ands ifs or buts.
I have no problem with Facebook, or Marco Arment (Overcast developer), or David Smith (Widgetsmith, et al) being forced to share a business address (although again, it’s a stupid requirement for a digital product in 2024).
I do have a problem with making a high school kid who’s just trying to break even on the Apple Developer Fee or make something for their friends reveal their address and risk being doxxed or worse because the EU thinks it’s 1992 and they’re the same as someone operating an Imbiss in München.
That kid can link to his website for donations.
Also, how does that high school kid have a developer account anyway, when you have to be 18 years or older for that?
Last edited:
So if they ask for donations in app, they have to share their home address and phone number, but if they ask for donations on their website they don’t?
That makes less sense than treating a platform with 27% market share as a monopolist, or declaring a law applies to a something “because the government says so” despite not meeting the quantitative metrics the same government wrote into the law 😉
You can be 18 and still be in high school, or if under 18, have your parents create an account on your behalf. My parents bought me stuff all the time that I then had to reimburse them for.
Look at the end of the day this doesn’t impact me, so I’m going to stop engaging on this. But this is a net loser for everyone involved:
- Developers: extra regulatory costs, risk of doxxing/harassment, or pulling app out of EU store
- Consumers: higher prices to recoup costs or loss of apps out of store
- Apple: fewer apps in store, more regulatory compliance work, reduced commissions
- EU countries: less tax revenue on missing app sales