Phil Schiller Lays Out Apple's Case for Cracking Down on Screen Time Monitoring Apps

[Gutwrench]

Thank you for your detailed reply. I’m slowly making my way through it! Much appreciated.

There is nothing preventing these companies from having a MDM equivalent outside the App Store.

And I think Apple is working toward more sophisticated functions being built into the OS. It's difficult though - there are a lot of different philosophies on how to raise children, and a lot of pushback for coming out and actually saying certain ones are 'wrong'.

For example, some parents would prefer to be notified if their children went to certain sites or used certain apps rather than them being blacklisted - even if they specifically told their kids not to go to those sites. Some parents would like to lock the device completely down when they aren't present.
[doublepost=1556488320][/doublepost]

Not that I know of - there are apps that are used by a MDM product, but management is always via an external service. You don't need an app to install an MDM profile. Only certain kinds of profiles (like enterprise profiles) can install their own apps outside of Apple review, but you don't need an app to set up a VPN (unless its a custom VPN protocol).

In fact, you can do it with static profiles, which aren't even necessarily signed.

The big difference is informed consent and liability. An operational director at a company pushing for EMM is assumed to have a responsibility for understanding the ramifications of their policy, and the risk if say their systems get hacked. The company suffers the ramifications if they are found to abuse laws, etc, so they are apt to also inform the employees of what the profile does. If not, they have the liability.

A parent doesn't have informed consent - they understand the advertised product features, but not the consequences of the implementation (that their children's traffic is being broadcasted to a third party over the internet who can monitor/alter/log/monetize it, and may not have proper security practices).

Not to mention that these products (like eavesdropping products for suspicious spouses) are meant to be installed on someone else's device without necessarily getting their knowledge or consent, and even to be hidden behind a fake app icon or the like.

In some cases, Apple pushes for features to require a demonstration of intelligent consent before letting them be configured - for instance, the dance needed to turn on/off SEP requires rebooting and running console operations. Consenting to run unsigned or badly signed Mac apps is way lower - it requires a right click. Installing a MDM profile requires loading it in one of three ways (Safari browser, Mail, or via the Apple Configurator Mac app), clicking through to indicate you understand the features, and I believe relatively recently they require you to navigate to settings to enable the profile.

Apple is restricted in their ability to move quickly here, but I suspect they will partially fix this through requiring certificate transparency (which is added in the latest OS release but the MDM can turn it off). This should allow them to prevent a profile from making its own certificates to see or compromise TLS-protected traffic.

 

[realtuner]

Oh you mean my opinion that doesn’t blindly defend Apple no matter what day in day out, and questions their actions like this one which screams hypocrisy, like how long have these apps been available? On a store that apparently vets every single app for your safety and security...
But you carry on believing Apple isn’t a giant corp that only wants your dollars and to please the share holders.
And no I won’t leave their platform for someone else.

You also miss my positive posts about Apple, cause you only concentrate and see the opinions and posts that don’t agree with your own and hit out!

And I presume you do not believe any articles written on Mac Rumors? I mean you have ‘attempted’ to dis-credit an article posted on this sites sister site, ergo if you don’t believe the interviews and stories carried out by the staff on Touch Arcade, then you can’t believe the interviews and stories posted on its sister site Mac Rumors.
Perhaps you should learn who Touch Arcade are and actually read the story before looking like a fool trying to discredit it... because to do so is to dis-credit Arn and Mac Rumors.
Your last sentence is literally discrediting the Touch Arcade team and proclaiming they don’t know what they are doing, or Arn who set it up... hmm why are YOU here if you don’t believe anything posted?

Do you want to have a technical discussion about why that article is flawed? I code for iOS (and Android) so my reason for not believing it has to do with my knowledge of how iOS and its various APIs (and restrictions) work.

So what’s it going to be - another novel that basically says nothing or an actual discussion of the technical issues surrounding this articles claims?

 

[KALLT]

Where is the evidence that apple are cracking down on these apps to protect the privacy of users?

There is no evidence of this. It is, however, a fact that MDM is a security and privacy risk to users, especially if they are not informed about the consequences. Even if Apple only intended to harm these developers, the policy change has a benefit for those users.

It is more believable that the crack down was to promote screen time.

To what end? There is no obvious monetary incentive for Apple, in fact, the opposite is probably true. These developers brought revenue to the App Store and to the developer and enterprise programs. Screen Time had a development cost and Apple is not charging for this. Ultimately, Apple should not even care if users use Screen Time; Apple does not benefit if people use their devices less because of it. The negative publicity also puts Apple into an unpopular position.

Only cynics would believe that the promotion of Screen Time or the intent to harm developers is the reason, especially if there are more obvious reasons for doing it (Occam’s razor and all).

 

[Ahyeee]

Actually yes, those apps should've never been allowed on the app store, they were probably able to hide how they worked in order to get by. I sincerely hope that's how they got on and that they just weren't allowed by Apple even knowing they were misusing MDM. The only way I can see this being the case is that Apple made the choice to allow an app offering features which users were demanding but that they were unable to produce at the time, even though it went against their rules because there was enough of demand and they would face public ire for not allowing it. It's the damned if you do, damned if you don't argument.
The developers of the apps weren't ignorant of the fact that the apps they made went against the app store guidelines, they just hoped they could squeak by and remain untouched. Claiming innocence after the fact to a writer, and paper, who is generalizing every bit of his article to incite dimwitted mob mentality against his target is pathetic. It's laughable that this Jack Nicas is considered a tech writer.

All good, but my question centered on developer claims that Apple never told them that the problem was MDM. NYT reviewed those emails and confirmed the contents. If the issue was MDM, why did Apple never say so?

 

[mariusignorello]

And so, obviously, does yours. Heh.

Well, my job isn’t journalism. I’m not being paid to inform the public.

 

[jase1125]

Typical Apple anticompetitive behavior. I hope the companies that filed suit in the EU sucks billions about of them. Lame excuse from Phil Schiller. They were only concerned when they launched their solution. They are far more anticompetitive than Microsoft ever was. DoJ needs to go after them next.

 

[apolloa]

Do you want to have a technical discussion about why that article is flawed? I code for iOS (and Android) so my reason for not believing it has to do with my knowledge of how iOS and its various APIs (and restrictions) work.

So what’s it going to be - another novel that basically says nothing or an actual discussion of the technical issues surrounding this articles claims?

So your now claiming to be a developer then? And you don’t believe a very credible report by Mac Rumors sister site, you just be a lone developer then or in a very small company.
I’ll believe my opinions and the interview from a reputable site over your word, thanks all the same though.

 

[Tech198]

Anytime you hear about any anti-competitive, the default "it must be due to security or privacy". I think Apple is just using this wording now regardless..

You may as well remove all flashlight apps now too and QR code scanners, because the camera in our iPhones can do all that

There is nothing wrong with a little competition I don't think Apple has understood that yet.

Although your buying into Apple's eco-system, users were not the ones who decided to allow these apps... Apple did. So, Apple is to blame for locking them out after they introduce it in iOS..

If Apple didn't want them, they shouldn't have allowed them the first place... Then the result changes.

 

[gnasher729]

That said, my children are my responsibility and do not have a right to privacy from my wife and I. Their data is our data and we (my wife and I) should be allowed to investigate any part of it.

Having been young a few years ago, I find that attitude despicable. The good thing is they can pay you back when you need a care home.

 

[realtuner]

So your now claiming to be a developer then? And you don’t believe a very credible report by Mac Rumors sister site, you just be a lone developer then or in a very small company.
I’ll believe my opinions and the interview from a reputable site over your word, thanks all the same though.

So, you don’t want to discuss the technical side and just believe anything you’re told? How can you accept something as true without a basic understanding of how things work so you can determine if they’re actually telling the truth? Especially about Apple?

The NYT is supposed to be credible. But as this very thread proves, they twisted things around to make a sensational hit piece. This is very common with Apple, so EVERY report about Apple needs to be scrutinized to separate fact from sensationalism.

Further, do you even consider “time” in your assessments (which I mentioned in my first reply)? As in, are you not aware of all the things that have changed in iOS over the years that make what that article claimed highly unlikely? Or do you want to live in the past?

 

[LoadStar]

This seems like an convenient excuse by Apple to limit competition. So let me understand this; apple believes MDM is appropriate for corporations to control phones they own but provides too much access and control for parents over their children's phone. Nonsense! Parents should have unfettered access to control their children's phones however they like, including taking them away altogether if they deem it appropriate. This is just a BS excuse by Apple.

If parents want to implement MDM, there's nothing stopping them from doing so. Jamf Now is a cloud-based MDM that offers to manage three devices for free, and there are other choices out there.

The problem is that parents aren't implementing MDM. They're allowing a random company to implement MDM, often without being completely revealing without what they're doing, and then exposing just a very small subset of that functionality to the parents who are possibly unaware that the company has far, far more access to the device than the parents would want or need them to have.

 

[jase1125]

If parents want to implement MDM, there's nothing stopping them from doing so. Jamf Now is a cloud-based MDM that offers to manage three devices for free, and there are other choices out there.

The problem is that parents aren't implementing MDM. They're allowing a random company to implement MDM, often without being completely revealing without what they're doing, and then exposing just a very small subset of that functionality to the parents who are possibly unaware that the company has far, far more access to the device than the parents would want or need them to have.

That company is no more random than Apple. Apple isn’t some moral company looking after their users. This is the same company that throttled phones under the excuse of helping their users. Yeah poor batteries may have been causing reboots, but they decided not to share because it would hurt their financials because people would buy batteries instead of phones. Apples own earnings release subsequently proved it. I don’t need cook or Schiller looking out for my wellbeing. I hope at some point the EU or the DoJ forces them to open their App Store and cease anticompetitive behavior.

 

[spinedoc77]

Definitely applaud Apple for their privacy stance. But you have to admit the tools available on iOS are pretty terrible. In particular monitoring and limiting your child's usage. Amazon seems to have the best system, but I'm sure they are harvesting data like crazy. The best I can do with my kids is put their ipad in guided mode and limit them to one app, but that's a piss poor solution.

 

[Garsun]

Having been young a few years ago, I find that attitude despicable. The good thing is they can pay you back when you need a care home.

I completely agree with you.
After having children I discovered I was willing to be despicable an order to protect them from the despicable.
The internet has facilitated quite a bit of evil and monitoring our children’s internet usage was a distasteful but necessary activity.
Like you, we were young once. We were only concerned with dangerous and illegal activity.
As a parent, I would have never forgiven myself if I had not caught the danger to my daughter in time.
Fortunately now that they’re growing to be responsible it is no longer necessary.
I will defend the right of a parent to invade their child’s privacy until they show the capacity to be responsible for themselves.
If that made me despicable, so be it.

 

[realtuner]

That company is no more random than Apple. Apple isn’t some moral company looking after their users. This is the same company that throttled phones under the excuse of helping their users. Yeah poor batteries may have been causing reboots, but they decided not to share because it would hurt their financials because people would buy batteries instead of phones. Apples own earnings release subsequently proved it. I don’t need cook or Schiller looking out for my wellbeing. I hope at some point the EU or the DoJ forces them to open their App Store and cease anticompetitive behavior.

Won’t happen because they’re not being anti-competitive.

Hurt their financials because people would buy iPhones instead of batteries? Complete BS. If Apple was trying to force people to buy new iPhones then why would they:

• Introduce a battery program to let you replace a battery for a dirt-cheap $29, regardless of whether your iPhone battery reported as faulty/under capacity.
• Give you a $50 credit if you previously paid for a battery replacement before the program started.
• Optimize iOS 12 to make it perform better on older devices, breathing new life into existing devices to make them usable for even longer.

The idea of planned obsolescence just doesn’t pass the smell test.

 

[Arran]

The big difference is informed consent and liability.

This guy gets it.

I'd add that with personally-owned devices in a corporate environment some sort of quid pro quo is expected. And it doesn't have to be monetary.

Otherwise, why consent?

Apple isn’t some moral company looking after their users.

Indeed, but it does have a lot more to lose by doing the wrong thing. Reputation being the least and revenue being the most significant.

 

[GtrDude]

Typical NYT bs.
There isn't an article I've read by them that isn't full of either all out lies or distortions or half truths.
I used to subscribe to them for well over a decade then I had enough.
Definition of fake news.

 

[Rogifan]

Apple released an official statement.
https://www.apple.com/newsroom/2019/04/the-facts-about-parental-control-apps/

If The NY Times and/or the developers think Apple is lying they’re free to publish correspondence with/from Apple that proves it.

 

[realtuner]

Haven’t seen if this was mentioned yet, but the two companies filing a complaint with the European Commission (Kidslox and Qustodio) had the ability to install Apps and retrieve data from iPhones.

The EU should be investigating these two companies for abusing MDM and using it to effectively spy on devices. Considering the EU cracking down on privacy issues, I find it very odd these companies would file a complaint. It’s like a criminal calling the police to complain armed robbers stole his drug stash.

 

[0947347]

I agree, and when facewd with such requirements either go elsewhere or make stuff up.

That is why is sent both of my Amazon devices packing.

 

[alllexx]

This seems like an convenient excuse by Apple to limit competition. So let me understand this; apple believes MDM is appropriate for corporations to control phones they own but provides too much access and control for parents over their children's phone. Nonsense! Parents should have unfettered access to control their children's phones however they like, including taking them away altogether if they deem it appropriate. This is just a BS excuse by Apple.

You misunderstand.. this isn't about the parent having control over the child's phone, its about the third party developer having all of that control over the child's phone (and the data on it).

 

[DeepIn2U]

Good job, Apple. I knew the article was poorly written and slanted to paint an inaccurate picture of, and actions from Apple.

This is EXACTLY why the Apple store needs to remain and not be forced to succumb to the previous and asinine model of web distributed apps.

Like nobody recalls S60 Ngage games getting heavily pirated to work on 6620/6630/N95 and other devices.

No y recalls so many apps reverse engineered have spyware and other such security issues many of which never discovered even to this day as many platforms fell.

And developers want around the App Store to get into loopholes and bypass security yet stating they don’t want to pay for 30% to apple. Sheesh.
[doublepost=1556506615][/doublepost]

It's amazing how many here are applauding Apple and overlooking this very important point.

Lies in their submission.

 

[ipponrg]

Haven’t seen if this was mentioned yet, but the two companies filing a complaint with the European Commission (Kidslox and Qustodio) had the ability to install Apps and retrieve data from iPhones.

The EU should be investigating these two companies for abusing MDM and using it to effectively spy on devices. Considering the EU cracking down on privacy issues, I find it very odd these companies would file a complaint. It’s like a criminal calling the police to complain armed robbers stole his drug stash.

Playing devil’s advocate here, but what if those 2 companies actually were not trying to be malicious?

 

[germinator]

1. The whole idea that apps need to be approved by Apple is preposterous and should be rejected in the first place

2. Phil Schiller's "explanation" really isn't. It doesn't explain who got access to the MDM data. It then becomes a disclosure issue. I, as a parent, maybe Ok with the developer or some other third-party entity getting the MDM data for my children--or not. Let me make that decision.

3. So these apps have been in the App Store for *years*. Apple had approved them then. Now, just when Apple releases Screen Time, they aren't Ok any longer. Sorry, but to claim that the two facts are unrelated is not believable. Especially since Apple has a history of doing exactly that.

4. When somebody claims to be doing it "for the children" (usually that's politicians with nefarious intents) an alarm bell goes off in my head.

 

[SSDGUY]

The truth is left-leaning.[/QUOTE]

That's hilarious.