On March 19, Kaspersky Lab filed a complaint against Apple Inc. with the Federal Antimonopoly Service. Our claim pertains to Apple’s policy on apps distributed through the App Store. Despite a long history of working successfully with Apple, we believe that this is a necessary step.
Why Kaspersky Lab decided to apply to the FAS
It was the following situation that compelled us to file the complaint.
Last year, we received a notice from Apple saying that our Kaspersky Safe Kids for iOS app does not meet the requirements of paragraph 2.5.1 of the guidelines for apps hosted in the App Store. Apple had never before had any issues with Kaspersky Safe Kids; the app had been hosted in the App Store, meeting all of the guidelines, for nearly three years.
It turned out that, according to Apple, the use of configuration profiles was against App Store policy, and Apple demanded that these be removed, so that the app could pass the review and be published in the store. For us, that would mean removing two key features from Kaspersky Safe Kids: app control and Safari browser blocking.
Both features are essential. The first allows parents to specify which apps kids cannot run based on the App Store’s age restrictions. The second allows the hiding of all browsers on the device, so kids can open Web pages only in Kaspersky Safe Kids’ built-in secure browser, which protects them from unsafe content.
So, by removing these two features from Kaspersky Safe Kids for iOS, we are massively letting down parents, who expect that their kids will be able to safely use iPhones and iPads that have our app installed. We believe it is essential that all of our customers, whether they are young or old, are completely safe and get exactly what they expect.
Why we believe we are right
The change in Apple’s policy toward our app (as well as toward every other developer of parental control software), notably came on the heels of the Cupertino-based company announcing its own Screen Time feature as part of iOS 12. This feature allows users to monitor the amount of time they spend using certain apps or on certain websites, and set time restrictions. It is essentially Apple’s own app for parental control.
From our point of view, Apple appears to be using its position as platform owner and supervisor of the sole channel for delivering apps to users of the platform to dictate terms and prevent other developers from operating on equal terms with it. As a result of the new rules, developers of parental control apps may lose some of their users and experience financial impact. Most important, however, it is the users who will suffer as they miss out on some critical security features. The market for parental control apps will head toward a monopoly and, consequently, stagnation.
One might argue that the App Store is owned by Apple itself, so why should the company not call the shots? The problem is that Apple does not allow the use of any other software marketplaces for iOS, so it effectively controls the only channel for delivering apps from developers to users.
By setting its own rules for that channel, it extends its power in the market over other, adjacent markets: for example, the parental control software market, where it has only just become a player. It is precisely in this extension of its leverage through possession of so-called “key capacity” over other segments, leading to restriction and elimination of competition, that we see the essential elements of antitrust law violation, which consist of erecting barriers and discriminating against our software.
We have repeatedly tried to contact Apple to resolve this situation, but no meaningful negotiations have ensued.
We are not alone
The issue of a ban on the use of configuration profiles has, to varying degrees, affected every developer of parental control apps, not just us. This is, however, not the only issue that developers have with Apple. For example, Spotify recently filed a complaint against Apple with the European Commission, similarly claiming that the Cupertino company has been using its monopoly for advancing its services without giving others a chance to compete on equal terms.
Other developers of parental control solutions, who have lost the ability to restrict access to apps, are also less than thrilled. For example, AdGuard has found itself in a similar situation. And to name another example, the parental control app Kidslox can still be downloaded from the App Store, but updates have not passed Apple review, so they cannot get into the marketplace.
We found ourselves in a similar situation with Microsoft back in the day, but a recourse to the regulator helped us to solve the problem and go on working with the company on terms that were acceptable to both the entire cybersecurity industry and users.
We very much hope that we will also be able to continue our winning relationship with Apple, and that requires us to create an environment where Kaspersky Lab and other companies compete on equal footing. The environment is very different at the moment, which is why we are in the process of applying to the Federal Antimonopoly Service.
Why monopolies are a bad thing
Development and progress are possible only amid healthy competition — that is, where companies that create similar products must come up with something to draw users to their idea. When a dominant entity emerges in the market, it immediately starts to set its own rules, which everyone has to follow. In many cases, these rules put many at a disadvantage, leaving them with no choice. Progress virtually stalls as a result, with the monopolist, facing no competition, not being compelled to evolve its ideas.
It is for the purpose of resolving situations such as this that regulators such as the Federal Antimonopoly Service exist, and issues of this type have traditionally been resolved at the government level. Nations are deeply concerned about the issue of monopolies; countries are interested in the healthy development of as many companies as possible, not just the biggest one.
Recently, for example, United States Senator Elizabeth Warren proposed prohibiting large companies that become monopolies, such as Facebook (which, incidentally, owns Instagram and WhatsApp), Google, Apple, and Amazon, from publishing apps on their own platforms. Warren proposes breaking up the big tech companies and prohibiting them from promoting their products on platforms they own. As things stand, they’re likely to give preference to their own products by default. Indeed, who wouldn’t?
The United States has been through that before, for example, with Standard Oil Co., which produced, transported, refined, and marketed petrochemicals. When a similar situation unfolded one hundred years ago, the U.S. government decided to break up Standard Oil. It split into a number of smaller companies, and the breakup eventually doubled the collective value of Standard Oil stock.
We are therefore confident that we are right and that our initiative will benefit the market at large. We very much hope that Apple will provide competitive terms to third-party developers, so that it can continue its winning relationship with the company and the advancement of progress.
Update: April 29, 2019
Recent New York Times article stated that “two of the most popular parental-control apps, Kidslox and Qustodio, filed a complaint with the European Union’s competition office.” We are glad that not one but two of our competitors decided to step forward. We see this filing as an evidence that current situation is recognised as inappropriate by many of the market participants.
Interestingly, Apple reacted to the New York Times article, first unofficially with an e-mail that was published by MacRumors and was apparently written by Phil Schiller, and then with official statement. In their response Apple blames parental control apps for using the so-called MDM technology. Not getting into technical details, this technology indeed looks very attractive for parental control app developers. However we never used MDM in Safe Kids.
Update: June 10, 2019. Regarding recent changes to the Apple App Store Review Guidelines
The New York Times reported recently that Apple has softened its position on third-party parental control software. We welcome the changes stated in the App Store Review Guidelines. These guidelines have become more responsive to iOS application developers’ needs, and they have attempted to clarify how parental control applications should be developed and then assessed by Apple.
However, the new edition of the “Apple Developer Enterprise Program License Agreement,” dated June 3, 2019, for independent developers, states that the use of Mobile Device Management (MDM) profiles and configuration profiles in applications for home users is possible only with the explicit written consent of Apple.
Given this information, as well as our previous experience of interacting with Apple, we expect to receive official written confirmation of the applicability of the new p.5.5. “App Store Review Guidelines” for Kaspersky Safe Kids for iOS, the company’s application for parental control. We made the appropriate request to Apple, but we have yet to receive a clear answer.
Until that happens, we are not prepared to change anything stated in our application to the Russian Federal Antimonopoly Service (FAS), and we continue to prepare a complaint to the European Commission.