Skip to content

Open App Markets Act – Does Competition Hurt Security?

June 14, 2022

Have you ever downloaded an app outside of the Apple app store? Probably not, because the current setup of app marketplaces like the Apple app store makes that very difficult. That is about to change. On Feb. 3, 2022, the Senate Judiciary Committee approved the Open App Markets Act with bipartisan support (20-2) to open up app marketplaces – creating something called “sideloading,” installing apps on devices outside of approved app stores.

The Open App Markets Act is a pro-competition law that intends to give app developers the ability to reach consumers without having to go through app stores such as the Apple app store. Currently, app developers either cannot or are disadvantaged to publish their apps unless it is on an operating system’s official app store. To Apple, the control over apps on the Apple store provides better oversight to make sure they are legitimate, secure, and not harmful to consumers.

In theory, the new law would eliminate disadvantages currently faced by developers and spur the creation of new apps. Here are some highlights from the Act to consider:

  • The Act applies to any company that owns or controls an app store that has over 50,000,000 U.S. users.
  • A covered entity cannot require developers to use an in-app payment system by the covered company as a condition of distributing an app on an app store.
  • A covered entity cannot require developers to use equal or more favorable pricing terms for distributing apps on its own app store.
  • A covered entity cannot penalize a developer for using or offering different pricing terms for using another in-app payment system or on another app store.
  • A covered company must allow and provide readily accessible means for users to choose third-party apps, install third-party apps, and hide or delete apps preinstalled by the covered company’s own app store.
  • A covered entity does not violate Section 3 for an action that is necessary to achieve user privacy, security, or digital safety.

Not surprisingly, owners of the app stores have concerns with sideloading. At the most recent IAPP Global Privacy Summit Conference, Apple CEO, Tim Cook warned that the Act would inevitably chip away at the current privacy and security protection that the Apple app store provides to its consumers. Statistics show that the Apple app store-approved and controlled apps had fewer malware infections and less infected devices than unregulated application stores. A Nokia 2020 report found that Android devices account for 26.65% of malware infections, compared to 1.72% for iPhones. Similarly, a 2021 Nokia report found that Android devices make up 50.31% of all infected devices.

Currently, Google already allows users to download apps for Android from sources other than its official Google Play. This concern is also not shared by Microsoft, which is adopting a principled approach to app store operation by announcing a new Open App Store ahead of the Act and allowing developers access to its platform as long as certain reasonable quality and safety standards are met. While the security concern over “sideloading” was shared by CISA and cybersecurity groups, it does not necessarily mean that alternate app stores cannot be safe if they are effectively moderated and users are cautious in their selection. For example, users can reduce the risk of harmful apps by limiting their download sources to official app stores, avoiding downloading from unknown sources, reading reviews, and researching developers before downloading an app.

While such changes are sure to spur development, they may bring with them concerns about app security and privacy. Will these concerns outweigh the potential for new development? Will there be additional changes to address security? Only time will tell.

Subscribe for the latest

Subscribe

Related

Event

Webinar: Special Education Bootcamp - Compliance Foundations Under IDEA

Whether you are new to special education leadership or looking to reinforce your foundational knowledge, this interactive webinar will provide a comprehensive overview of the core compliance requirements under the Individuals with Disabilities Education Act (IDEA). Designed for school leaders who are responsible for ensuring legally sound practices, this session will offer practical tools and strategies to help participants navigate common procedural and substantive pitfalls, support sound decision-making, and build a compliant and student-centered special education program.

Explore more
Event

Telehealth Week Webinar 2025: Navigating Legal Changes and Future Trends for Healthcare Providers

Join Paul Schmeltzer, Carrie Foote, and John Howard for our one-hour annual Telehealth Week webinar, focused on the evolving legal landscape of telehealth. This session will cover key topics, including the upcoming DEA final rule on prescribing controlled substances via telehealth, federal reimbursement concerns for telehealth, and what healthcare providers need to prepare for other upcoming changes.

Explore more
Event

Webinar: The Transatlantic Tightrope: AI, ESG and the Evolving Duty of Care for Multinational Companies

Join Mariah Leffingwell and Sam Saarsteiner for a conversation, moderated by co-chair of Clark Hill’s ESG & Sustainability advisory practice, Maram Salaheldin,  that bridges the Atlantic—and the gap between innovation and accountability—as they explore how today’s duty of care must adapt to tomorrow’s technologies.

Explore more