Apple will allow iOS developers located in the European Union to distribute apps from the web, rather than from its App Store.
The option, which it says will be made available to qualifying developers “later this spring,” is being offered in response to the bloc’s Digital Markets Act (DMA), which puts obligations on how Apple can operate the App Store and iOS, which are designated as “core platform services” under the law.
“Web Distribution, available in a software update later this spring, will let authorized developers distribute their iOS apps to EU users directly from a website the developer owns and operates,” it writes. “Apple will provide access to APIs that facilitate the distribution of developers’ apps from the web, integrate with system functionality, back up and restore users’ apps, and more.”
Apps offered through Apple’s Web Distribution APIs will have to meet Notarization requirements it previously set out — which it says is necessary to “protect platform integrity.” They can also only be installed from a website domain the developer has registered with Apple, in App Store Connect.
Users of iOS will also need to approve the developer installing apps from their site via their iPhone settings. They will see a “system sheet” — with info developers must submit to Apple for review, including the app name, developer name, app description, screenshots and system age rating.
Apple’s initial proposal for DMA compliance did not allow web-based distribution for apps. However, it has faced a barrage of outrage from developers decrying a narrow and self-serving interpretation of rules that the bloc’s lawmakers intend to open up digital markets locked down by the market power of a handful of intermediating internet “gatekeepers.”
The European Commission has also signaled it’s closely watching Apple. It’s notable that a few days after terminating the developer account of one of its most trenchant developer critics, Epic Games, Apple backed down and reinstated the account.
Apple made a handful of other changes to its DMA compliance offer last week — reducing certain criteria it had said it would apply to developers seeking to take up DMA entitlements. But today’s announcements look more substantial, with Apple also dropping a restriction on alternative app marketplaces that had meant they had to offer a catalog of other developers’ apps.
Now — effective immediately — Apple says alternative app marketplaces can choose to offer only their own apps.
In another change Apple has announced today — that’s also effective immediately — it’s dropping a requirement for developers that want to direct users to their own websites to purchase digital goods to use its own design templates for linking out to the web for purchases.
It says this template is now optional and developers can choose how to design in-app promotions, discounts and other deals when directing users to complete a transaction on their own website.
In a note to developers about the changes, Apple writes: “We’re providing more flexibility for developers who distribute apps in the European Union (EU), including introducing a new way to distribute apps directly from a developer’s website.”
The changes require developers to accept Apple’s new terms — which means signing up for a revised fee structure that includes a “core technology” fee, charged at €0.50 for each first annual install over 1 million in the past 12 months (regardless of where apps are distributed).
Apple argues this fee reflects the value it provides developers, via “ongoing investments in the tools, technologies, and services that enable them to build and share innovative apps with users around the world,” as it puts it.
Criteria for web distribution for iOS apps
Today’s changes mean qualifying iOS developers will soon be able to offer an alternative app store composed of their own wares and distributed from their own website — something Epic Games has been anticipating — but Apple is still applying some additional criteria, in addition to requiring developers to sign up to its new T&Cs (and pay the core tech fee).
As well as requiring developers to be incorporated, domiciled, and/or registered in the EU (or have a subsidiary legal entity incorporated, domiciled, and or registered in the EU that’s listed in App Store Connect), Apple’s criteria for eligibility for web distribution requires them to have been what it calls “a member of good standing” in its developer program for two continuous years or more and to have an app that had more than 1 million first annual installs on iOS in the EU in the prior calendar year.
It also stipulates developers must agree to a range of behavioral pledges, including committing to being responsive to communications from it, especially regarding “any fraudulent, malicious, or illegal behavior, or anything else that Apple believes impacts the safety, security, or privacy of users”; publishing transparent data collection policies and offering users control over how their data is collected and used; following applicable laws of the jurisdictions where they operate (Apple gives the examples of the EU’s Digital Services Act [DSA], General Data Protection Regulation [GDPR]), and consumer protection laws); and being responsible for handling governmental and other requests to take down listings of apps.
Apple’s explicit requirement that developers follow other EU laws looks particularly interesting in this context. The bloc’s lawmakers can’t exactly complain about that condition — so it offers a route for Apple to police developers’ access to web distribution for iOS apps by applying a privacy and consumer rights lens to third parties’ businesses.
Last year, reports suggested adtech giant Meta was planning to launch its own alternative app store on iOS and distribute apps to users in the EU via Facebook Ads, using the sideloading requirement in the DMA to bypass Apple’s App Store. And while Apple’s initial DMA compliance proposal looked too narrow to enable such a scenario, under the revised conditions Apple has announced today, Meta’s concept of iOS apps distributed via its own ad network looks possible.
However, there’s one — well, several — big potential sticking point: Meta’s compliance with the GDPR, DSA and EU consumer protection law are contested. Indeed, it’s been found to have breached the GDPR multiple times since the law started to apply back in 2018, incurring a series of fines and corrective orders since then. Meanwhile, its current attempt to force EU users to consent to tracking is being challenged via GDPR and consumer protection complaints. The EU is also asking questions about the mechanism’s compliance with the DSA, in addition to other areas of concern (like child safety).
Apple may therefore have plenty of grounds it can point to to deny web distribution to Meta — or, indeed, to any other business model that’s based on consentless surveillance of users and has a long history of run-ins with EU privacy laws.