Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
66,405
35,501



Last weekend, The New York Times reported that Apple has removed or restricted many of the most popular screen time and parental control apps on the App Store since launching its own Screen Time feature in iOS 12 last year, raising concerns over potentially anticompetitive behavior.

apple_screen_time_screen_icons-800x657.jpg

Apple was quick to respond. In both an email to a concerned customer and a press release, Apple indicated that it became aware over the last year that some parental control apps were using a technology called Mobile Device Management or "MDM" that puts users' privacy and security at risk.

MDM technology is intended for enterprise users to manage their company-owned devices, and Apple says the use of MDM by consumer-focused apps carries privacy and security concerns that resulted in Apple addressing the situation in its App Store review guidelines in mid-2017.

"Contrary to what The New York Times reported over the weekend, this isn't a matter of competition," wrote Apple. "It's a matter of security."

Apple added that when it found out about these App Store guideline violations, it communicated with the necessary developers, giving them 30 days to submit an updated app to avoid being removed from the App Store.

In the days since, a handful of developers behind parental control apps including Qustodio, Kidslox, OurPact, and Mobicip have responded to Apple's press release with open letters, calling for the company to make the APIs behind its Screen Time feature available to the public for use in third-party apps.

Eduardo Cru, co-founder of Qustodio:
If safety is such a great concern to Apple, why not share the APIs used in Apple's own Screen Time competitive service and instantly make the environment safer and open for everyone?
Viktor Yevpak, co-founder of Kidslox:
Ultimately, making the "Screen Time" API's public is the solution to this issue which would truly prove Apple's commitment to the safety and welfare of children. This would allow 3rd party developers like us to create effective products that give users genuine choices, while also complying with Apple's self-set standards.
OurPact:
If Apple truly believes that parents should have tools to manage their children's device usage, and are committed to providing a competitive, innovative app ecosystem, then they will also provide open API's for developers to utilize. Now, more than ever, the focus should be on building better and more diverse solutions for families to choose from.
Suren Ramasubbu, co-founder of Mobicip:
Knowing that parental controls apps using MDM have been around for years, wouldn't it have been a better option for Apple to support an officially supported API before pulling the plug?
Tony Fadell, a senior executive at Apple in the 2000s, agrees that Apple should create and provide developers with APIs for Screen Time.

2/ Apple's Screen Time still has many holes & deficiencies. Their v1.0 solution was a rush job & it's very non-intuitive to use. Apple should be building true APIs for Screen Time so the "privacy" concerns are taken into account instead of limiting users App Store choices. https://t.co/rGRwB6HT4r - Tony Fadell (@tfadell) April 28, 2019

The developers also refute parts of Apple's press release, with OurPact claiming that its parental control app for children was removed from the App Store on October 6, 2018 without any prior communication from Apple, just three weeks after iOS 12 was publicly released with Screen Time.

Three out of four of the developers add that Apple was slow to respond and did not provide any resolution for the sudden guideline violations.

While Apple is firm in stating that competition did not play a role in its crackdown on these apps, the timing is certainly curious. Many of the removals occurred shortly after Apple rolled out its Screen Time feature in iOS 12 last September, despite several of these apps having used MDM for a number of years.

At face value, public APIs for Screen Time does appear like a viable solution for both the privacy and security of users and ensuring a competitive landscape on the App Store. Whether that happens remains to be seen.

Article Link: Parental Control App Developers Urge Apple to Make Screen Time APIs Available for Third-Party Apps
 
So, they want Apple to create APIs that give developers unprecedented access to a users device and how they use it?

Not gonna happen. Apple doesn’t even give developers access to your phone call log or text messages, and they think Apple will allow this?
 
As a parent of 2 kids who uses OurPact, I sure hope they get this resolved.

OurPact has been the gold standard for parental control for some time. The interface is Apple simple and intuitive...though the setup process isn't. But to be fair - has anyone taken a look at what it *really* takes to lock down a kids phone using screen time and parental controls from Apple? It's a heck of a slog to get it all set up...and you pretty much have to have the device in hand to make changes.

Nice thing about OurPact is that I can make changes in allowed apps, grant and block use any time from my device...theirs could be a continent away.

My wife and I both use OurPact and have for quite a while now, it gives us a good level of comfort that our kids are safe on the internet (safari is blocked!) and the "just one more thing..." in minecraft has been cut to nothing..when time is up, it's up.

I realize you can do similar/the same things in the Apple controls, but OurPact is popular for a reason...it's easy to use and does what it says.
 
So, they want Apple to create APIs that give developers unprecedented access to a users device and how they use it?

Not gonna happen. Apple doesn’t even give developers access to your phone call log or text messages, and they think Apple will allow this?

Providing an API doesn't automatically grant "unprecedented developers access to a users device".
An API gives an app the ability to control certain functions of the device. Apple can write the API to prevent usage data from going to an unauthorized device (Developer).

Screentime collects the child's usage data and provide it to an authorized device (parent's device in this case). That is a transfer between authorized/authenticated devices.
[doublepost=1556744901][/doublepost]
It's a heck of a slog to get it all set up...and you pretty much have to have the device in hand to make changes.
You only need the child's device in hand for the initial setup, which really isn't that hard. Took 5 minutes. After that, everything can be done remotely.

Nice thing about OurPact is that I can make changes in allowed apps, grant and block use any time from my device...theirs could be a continent away.
You can do the same thing with Screentime.
 
And people can do whatever they want to respond to Apple's self-selfing business practices, such as buying 30% fewer iPhones vs last year.
Apple never announced a 30% drop in iPhone sales. In fact Apple didn’t announce sales numbers at all.
[doublepost=1556745186][/doublepost]
So, they want Apple to create APIs that give developers unprecedented access to a users device and how they use it?

Not gonna happen. Apple doesn’t even give developers access to your phone call log or text messages, and they think Apple will allow this?
a few people on sites like this will be outraged nobody else will care. I’d be curious to know how many people even use these apps.
 
  • Like
Reactions: t1meless1nf1n1t
And people can do whatever they want to respond to Apple's self-selfing business practices, such as buying 30% fewer iPhones vs last year.
It wasn't 30%...it was 17% (official numbers, not made up speculation from a research company).

And guess what...

iPad up 20%
Services up 16%
Wearables up 30%

Investors already knew the iPhone was a mature product and Apple is shifting to other businesses I mentioned, which is why the stock went up 5% today and was up 7% until the market crapped out.

People are not switching...they are buying wearables and services. Active devices were a record over 1.4B and record highs in all markets.

Those are all facts. Hate on.
 
As a parent of 2 kids who uses OurPact, I sure hope they get this resolved.

OurPact has been the gold standard for parental control for some time. The interface is Apple simple and intuitive...though the setup process isn't. But to be fair - has anyone taken a look at what it *really* takes to lock down a kids phone using screen time and parental controls from Apple? It's a heck of a slog to get it all set up...and you pretty much have to have the device in hand to make changes.

Nice thing about OurPact is that I can make changes in allowed apps, grant and block use any time from my device...theirs could be a continent away.

My wife and I both use OurPact and have for quite a while now, it gives us a good level of comfort that our kids are safe on the internet (safari is blocked!) and the "just one more thing..." in minecraft has been cut to nothing..when time is up, it's up.

I realize you can do similar/the same things in the Apple controls, but OurPact is popular for a reason...it's easy to use and does what it says.

OurPact is amazing.
 
Providing an API doesn't automatically grant "unprecedented developers access to a users device".
An API gives an app the ability to control certain functions of the device. Apple can write the API to prevent usage data from going to an unauthorized device (Developer).

Screentime collects the child's usage data and provide it to an authorized device (parent's device in this case). That is a transfer between authorized/authenticated devices.

I know what an API does.

MDM gives developers "unprecedented access". These developers were using MDM. Do you think they'll be happy with restricted APIs from Apple that offer a very limited subset of what they were used to getting before?

For example, I mentioned the phone log or text messages. Apple doesn't allow developers access to these areas because of the potential for abuse. One of the selling features of Qustodio (one of the companies who filed a complaint with the EU) is the ability to monitor calls and messages. That ability will never exist for developers.
 
Apple should have given APIs for developers instead of doing this. I mean I don't use ScreenTime, but developers have vested time into their products people enjoy using. Sooner or later Apple is going to get a lot of heat for this type of behavior.
 
  • Like
Reactions: iMerik
People are not switching...they are buying wearables and services. Active devices were a record over 1.4B and record highs in all markets.
Absolutely! I believe the market is (correctly, for a change) reacting to the rise in Apple services and add-on devices and the HUGE active user base the iPhone has generated. As you stated, it's a mature market, the money and growth needs to come from elsewhere, and it seems like Apple, more than any other company, has figured out where "elsewhere" is.

Full disclosure: I use a lot of Apple products to make my living and I own Apple stock.
 
Apple can do whatever they want in terms of making screen time available for third parties.

Apple can't do "whatever they want." They can only do things that are technically feasible and comply with local law and its privacy policy.

And even if they could do whatever they want in this case, that does mean they should make the screen time API available to third parties. The screen time API requires detailed data about the user and his or her app usage. The exact sort of information that Google and FaceBook would love to get their hands on.
[doublepost=1556747131][/doublepost]
Apple should have given APIs for developers instead of doing this. I mean I don't use ScreenTime, but developers have vested time into their products people enjoy using. Sooner or later Apple is going to get a lot of heat for this type of behavior.

No. See above.
 
  • Like
Reactions: fairuz and mteep
Tim Apple wants to continue to sell and sell more devices. Apple thinks that children and adults should have equal command of the device, otherwise locking down individual settings would be far more easier. And as a parent, I want to monitor each and every text message to avoid abuse. As the child grows, the restrictions fall away. Just like when I learned to drive the car: as I got better, I could go further for longer.

It is true that I could simply take the phone away. My generation used to have a pay phone to call home and get a ride after sports or clubs. Good luck finding a working pay phone today. The rules have changed in favor of individual devices. I looked at simple "dumb phones" and they cost a couple bucks less with my carrier.

A long time ago, perhaps around iOS 9, Apple should have made iOS multi-user. The current iOS setup of locking this and locking that and jumping screens around is sloppy.

Ideally, I would create an AppleID for my kid. Have an AppleID for me the parent. Setup the phone with parent AppleID, enable Managed Mode, specify authorized kid AppleIDs, and logout.

Phone would operate as a telephone and nothing smart -- no maps, no texting, nothing -- unless I present a username and password combination on the phone. That's how a landline works! Then, just like managed devices, be subject to the access controls of the account. A nice option would be to have a configurable "log out" time, so that no texting hours could be enforced.

Everything on the kid's phone would be managed by my account on the web. Apps. Facetime. Texting. Bandwidth allowed. Music. All of these configurations would be stored in a "profile" that would reside in the cloud, and brought down when the account is created on the phone. Check for updates when in WiFi mode, or upon each phone restart.
 
  • Like
Reactions: jweinraub
Providing an API doesn't automatically grant "unprecedented developers access to a users device".
An API gives an app the ability to control certain functions of the device. Apple can write the API to prevent usage data from going to an unauthorized device (Developer).

Screentime collects the child's usage data and provide it to an authorized device (parent's device in this case). That is a transfer between authorized/authenticated devices.
[doublepost=1556744901][/doublepost]
You only need the child's device in hand for the initial setup, which really isn't that hard. Took 5 minutes. After that, everything can be done remotely.


You can do the same thing with Screentime.

Seems like it's you who doesn't understand what an API does. An API exposes methods to access data. There is no way of preventing the app from using the API to get data, yet prevent the developer from also seeing that data. That is why developers are limited in how they can use Touch ID, for example. Touch ID can authorize a log in, but the developer has no access to the fingerprint or user's data associated with the fingerprint.

That would be infeasible with screen time since the third-party app needs the data to do its job.
 
I know what an API does.

MDM gives developers "unprecedented access". These developers were using MDM. Do you think they'll be happy with restricted APIs from Apple that offer a very limited subset of what they were used to getting before?

For example, I mentioned the phone log or text messages. Apple doesn't allow developers access to these areas because of the potential for abuse. One of the selling features of Qustodio (one of the companies who filed a complaint with the EU) is the ability to monitor calls and messages. That ability will never exist for developers.
Fair enough... guess I misunderstood your comment.
 
Apple finds it very hard to give up control. It is both a strength and a weakness.

I just find Apple very methodical (and slow). It's not so much giving up control as it is granting access while maintaining security/privacy. Apple often adds a new feature with limited support at the beginning and then opens up to add additional features later on (look at NFC, which only worked with Apple Pay at the beginning).
 
Tim Apple wants to continue to sell and sell more devices. Apple thinks that children and adults should have equal command of the device, otherwise locking down individual settings would be far more easier. And as a parent, I want to monitor each and every text message to avoid abuse. As the child grows, the restrictions fall away. Just like when I learned to drive the car: as I got better, I could go further for longer.

It is true that I could simply take the phone away. My generation used to have a pay phone to call home and get a ride after sports or clubs. Good luck finding a working pay phone today. The rules have changed in favor of individual devices. I looked at simple "dumb phones" and they cost a couple bucks less with my carrier.

A long time ago, perhaps around iOS 9, Apple should have made iOS multi-user. The current iOS setup of locking this and locking that and jumping screens around is sloppy.

Ideally, I would create an AppleID for my kid. Have an AppleID for me the parent. Setup the phone with parent AppleID, enable Managed Mode, specify authorized kid AppleIDs, and logout.

Phone would operate as a telephone and nothing smart -- no maps, no texting, nothing -- unless I present a username and password combination on the phone. That's how a landline works! Then, just like managed devices, be subject to the access controls of the account. A nice option would be to have a configurable "log out" time, so that no texting hours could be enforced.

Everything on the kid's phone would be managed by my account on the web. Apps. Facetime. Texting. Bandwidth allowed. Music. All of these configurations would be stored in a "profile" that would reside in the cloud, and brought down when the account is created on the phone. Check for updates when in WiFi mode, or upon each phone restart.

The problem with what you describe is that there is no way to distinguish between parents/kids and criminals who would use the above mechanism for nefarious purposes, which is precisely why it doesn't exist, yet.
 
That’s a reasonable compromise I think.
[doublepost=1556747633][/doublepost]
So, they want Apple to create APIs that give developers unprecedented access to a users device and how they use it?

Not gonna happen. Apple doesn’t even give developers access to your phone call log or text messages, and they think Apple will allow this?
It can be similar to location services where you’re prompted that an app wants access, and you need to approve.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.