Europe’s new Digital Markets Act will change app stores as we know them … and maybe platform privacy rules too

• Europe just passed two huge pieces of legislation
• They will almost certainly change Google Play and the App Store as we currently know them
• They might even render privacy rules in Apple’s SKAdNetwork and Google’s Privacy Sandbox for Android irrelevant

The legislation is the Digital Markets Act and the Digital Services Act, both ratified by the European Parliament on July 5th, and both massively impacting how tech giants must act in the unified European market of 450 million consumers.

The laws are significant and wide-ranging, with what Thierry Breton, the European commission for internal markets says are implications for:

• Controlling illegal content
• Protecting privacy rights
• Protecting children online
• Limiting monopolies and/or large tech companies acting as “gatekeepers”
• Regulating digital advertising
• Shining light into black box algorithms

With these laws the EU, which has already fined (mostly American) tech companies literally billions of dollars, has given itself extraordinary powers:

• DSA violations can cost companies up to 6% of their global income
• DMA violations can cost companies up to 10% of global income
• Companies can be forced to divest themselves of divisions or products
• Companies can be banned from operating in the EU

What does this mean for Apple and Google?

What does the Digital Markets Act mean for companies like Apple and Google, which make the world’s most popular operating systems that run the most personal computers that have ever existed? Google and Apple are most definitely on the target list for exactly this kind of legislation, and will most certainly be defined under the DMA as “gatekeepers” that govern access, to greater or lesser degrees, to their massive mobile platforms.

Gatekeepers will be forced to:

• Allow third-party interoperability with their services
• Allow business users to access data generated in their use of a platform
• Provide tools for independent verification of ads hosted on their platforms
• Allow businesses to promote their services and make sales outside the gatekeeper’s platform

And gatekeepers won’t be allowed to:

• Privilege their own products or services over third-party apps
• Prevent consumers from connecting with businesses outside their platforms
• Prevent people from uninstalling any pre-installed apps or software
• Track people outside of their core platforms services for targeted ads without consent

Specifically in the context of mobile apps, that probably means something like this:

• People can delete pre-installed apps
• People will able to side-load apps, or install them just like you might install an app from the internet on a desktop computer
• Businesses can create independent app stores
• Apps can use third-party payment processing
• Apps can interoperate with core services around messaging
• Apps can use hardware features that platforms might have reserved for themselves
• People can switch AI assistants

The Digital Markets Act will break the App Store model

First off, don’t get too excited too fast.

Just because something is possible does not mean it will happen. And both Google and Apple will do all they can to retain as much power and capability as the EU will legally allow them to.

Plus honestly, if I have the choice between installing an app from Google Play or the iOS App Store versus ABC Apps4Less App Store … it’s not a hard decision. I’m going to go with the brand I know because I have a level of confidence that the apps I install from that source go through a degree of vetting and verification, and will be relatively safe for me, my data, and my money.

But make no mistake.

If third-party app stores are possible, they will exist. And while it may take years to establish trust and brand awareness, eventually they will constitute a viable alternative to the platform defaults. 

Or, as Eric Seufert suggests, platforms like Meta and Amazon and Twitter and TikTok might add apps to their services and speed up the process, thanks to their existing relationships with billions of people and existing brands with existing trust. (And existing antipathy to Apple and Google for owning the portal via which they distribute their core access points to consumers.)

Once they exist, some will start to gain traction. Once that happens, there will likely be a tipping point after which publishing your app on alternative app stores will be completely viable … perhaps even with or without publishing in the actual approved platform owner’s store.

And that calls into question App Tracking Transparency, Privacy Sandbox for Android, and the privacy strategies Apple and Google have been deploying

Partly in response to global legislation, partly out of branding, partly out of altruism, partly out of competition, and partly out of business strategy vis-a-vis other big tech giants, Apple and Google have been pursuing what would once have been considered a radical privacy transformation.

From wild wild west landscapes for mobile marketing with free-for-all device identifiers, Apple first and Google second have been architecting privacy regulations and restrictions on how advertisers and adtech platforms operate, what data they have access to, and where data can be shared. While many in the industry would probably not be happy with those restrictions — just 9% of mobile marketers in a recent Singular webinar said their progress with Apple’s SKAdNetwork framework for mobile attribution was “good” — most would also acknowledge the need for change from the previous free-for-all data-sharing-gone-wild ecosystem.

But now with the Digital Markets Act, Apple’s privacy controls and Google’s privacy plans are both at risk.

While there’s much a platform can do to drive compliance by software running on it, both Apple’s and Google’s primary carrot and stick over app publishers lie in their control over the App Store and Google Play, respectively. 

The implied and actual contract is: abide by the rules, or your access to billions of people will get cut off.

Toe the line, or face digital execution.

With third-party app stores on both Android and iOS in the European Union that becomes much more challenging to enforce. The stick is a lot smaller and weaker. And it gets worse: when consumers and legislators in North America, South America, the middle east, Africa, and everywhere else see what the EU has done … maybe they’ll start advocating for it as well. 

Or just legislating and demanding it.

As that occurs — and it’s very much the secular trend, as economists would say, across the whole planet — delivering your app to the world becomes a very different proposition. Just as importantly, marketing and advertising that app becomes a very different proposition.

Now you can theoretically buy ads anywhere to direct people to your app anywhere to get them to install it on their Android or Apple smartphone, and Google/Apple will have much less control over how you do that and what you do to make that work. And they’ll have less control over data used, data collected, and data shared in the process.

Take a deep breath: this will all take time to clarify and play out

None of this will happen overnight, and all of this kind of change will likely happen as demanded by legislators and investigators and courts.

It’s probable European legislators will look favorably on Apple’s and Google’s efforts to increase privacy and decrease data collection and sharing. But it’s also probable that they won’t look favorably on the tech giants’ assumption that they alone can create and enforce the standards necessary to achieve that.

When the dust settles on the Digital Markets Act, however, we might just find that Epic’s Fortnite battle against platform rules for app distribution and payments might have presaged the future of mobile. And that it might look a little bit more like the old world of desktop software than the walled garden it has become.