The company has come under fire for its removal of certain apps that were pitched as tools giving parents more control over their children’s screen-time, but that Apple said relied on technology that was too invasive for private use.
“We recently removed several parental control apps from the App Store, and we did it for a simple reason: they put users’ privacy and security at risk. It’s important to understand why and how this happened,” the company said in a statement.
The heart of the issue is the use of mobile device management (MDM) technologies in the parental control apps that Apple has removed from the App Store, the company said.
These device management tools give control and access over a device’s user location, app use, email accounts, camera permissions and browsing history to a third party.
“We started exploring this use of MDM by non-enterprise developers back in early 2017 and updated our guidelines based on that work in mid-2017,” the company said.
Apple acknowledged that the technology has legitimate uses in the context of businesses looking to monitor and manage corporate devices to control proprietary data and hardware, but, the company said, it is “a clear violation of App Store policies — for a private, consumer-focused app business to install MDM control over a customer’s device.”
The company said it communicated to app developers that they were in violation of App Store guidelines and gave the company 30 days to submit updates to avoid being booted from the App Store.
We first reported that Apple was warning developers about screen-time apps back in December. At the time, we noted that even though Apple had never intended for the enterprise-focused MDM technology to be used in consumer-facing apps, it had greenlit a number of screen-time and parental control apps over the years that were in violation of its own guidelines.
As it then began to refuse to publish these apps’ updates — the kiss of death to any app developer — there was a lot of suspicion around the timing of the crackdown, which came shortly after Apple launched its own screen-time tools.
In the future, Apple could provide developers with a Screen Time API to allow them to build less invasive solutions for customers, but has made no comment on any plans in that area.
“Several developers released updates to bring their apps in line with these policies,” Apple said in the statement about the removals. “Those that didn’t were removed from the App Store,” said.
Going to the media is often a last resort for iOS app developers when facing a challenge to their business, as many are fearful that talking to the press will result in negative action against them.
However, the timing with regard to Screen Time’s launch could be coincidental. Instead, the move to pull MDM-powered screen-time apps may be more closely tied to Apple’s privacy focus. At a time when tech companies are facing increased regulations and fines over their inability to properly protect customer’s data, Apple needed to crack down on this glaring hole, which could have led to privacy violations, and worse, those that would have involved data from children.
Apple’s full statement is below:
Apple has always believed that parents should have tools to manage their children’s device usage. It’s the reason we created, and continue to develop, Screen Time. Other apps in the App Store, including Balance Screen Time by Moment Health and Verizon Smart Family, give parents the power to balance the benefits of technology with other activities that help young minds learn and grow.We recently removed several parental control apps from the App Store, and we did it for a simple reason: they put users’ privacy and security at risk. It’s important to understand why and how this happened.Over the last year, we became aware that several of these parental control apps were using a highly invasive technology called Mobile Device Management, or MDM. MDM gives a third party control and access over a device and its most sensitive information including user location, app use, email accounts, camera permissions, and browsing history. We started exploring this use of MDM by non-enterprise developers back in early 2017 and updated our guidelines based on that work in mid-2017.MDM does have legitimate uses. Businesses will sometimes install MDM on enterprise devices to keep better control over proprietary data and hardware. But it is incredibly risky—and a clear violation of App Store policies—for a private, consumer-focused app business to install MDM control over a customer’s device. Beyond the control that the app itself can exert over the user’s device, research has shown that MDM profiles could be used by hackers to gain access for malicious purposes.Parents shouldn’t have to trade their fears of their children’s device usage for risks to privacy and security, and the App Store should not be a platform to force this choice. No one, except you, should have unrestricted access to manage your child’s device.When we found out about these guideline violations, we communicated these violations to the app developers, giving them 30 days to submit an updated app to avoid availability interruption in the App Store. Several developers released updates to bring their apps in line with these policies. Those that didn’t were removed from the App Store.We created the App Store to provide a secure, vibrant marketplace where developers and entrepreneurs can bring their ideas to users worldwide, and users can have faith that the apps they discover meet Apple’s standards of security and responsibility.Apple has always supported third-party apps on the App Store that help parents manage their kids’ devices. Contrary to what The New York Times reported over the weekend, this isn’t a matter of competition. It’s a matter of security.In this app category, and in every category, we are committed to providing a competitive, innovative app ecosystem. There are many tremendously successful apps that offer functions and services similar to Apple’s in categories like messaging, maps, email, music, web browsers, photos, note-taking apps, contact managers and payment systems, just to name a few. We are committed to offering a place for these apps to thrive as they improve the user experience for everyone.