Purged screen time monitoring apps misused enterprise tools, Schiller says

Posted:
in General Discussion edited April 2019
A critical New York Times report on Saturday suggested Apple culls screen time monitoring apps that compete similar first-party features built into iOS. In response, SVP of Worldwide Marketing Phil Schiller said the titles in question abuse a device management technology designed for enterprise users.



In its report, The Times highlights an uptick in restrictions or removals of popular screen time and parental control apps over the past year.

Some developers impacted by the new policy intimated to the publication that the tech giant aims to quash competition of Screen Time, an iOS feature and toolset designed to encourage iPhone and iPad owners to spend less time on their devices. Others, like the CEO of Freedom, an app removed from the App Store last year, said they remain dubious of Apple's stated intent to fight so-called mobile device addiction.

Apple spokeswoman Tammy Levine said the apps were removed, or had their features limited, because they were able to access "too much information from users' devices," the report said. Levine added that the app purge is not related to Apple's release of "similar tools," a likely reference to Screen Time.

"We treat all apps the same, including those that compete with our own services," Levine said, echoing a statement Apple issued to AppleInsider on Saturday. "Our incentive is to have a vibrant app ecosystem that provides consumers access to as many quality apps as possible."

The report apparently hit a nerve with Apple executives, as Schiller offered a -- much more detailed -- account of the situation in response to a customer email, reports MacRumors.

Expanding on Levine's comments, Schiller said the apps in question leveraged Mobile Device Management (MDM) technology to monitor, limit and control device usage. Designed for enterprise users managing large device deployments, MDM tools offer wide, and in some cases unfettered, device access to system administrators. As such, the incorporation of MDM technology in public-facing apps poses a material threat to user privacy and security.

Schiller details the issue in his letter. AppleInsider has not seen the correspondence and is therefore unable to vouch for its authenticity.
Thank you for being a fan of Apple and for your email.

I would like to assure you that the App Store team has acted extremely responsibly in this matter, helping to protect our children from technologies that could be used to violate their privacy and security. After you learn of some of the facts I hope that you agree.

Unfortunately the New York Times article you reference did not share our complete statement, nor explain the risks to children had Apple not acted on their behalf. Apple has long supported providing apps on the App Store, that work like our ScreenTime feature, to help parents manage their children's access to technology and we will continue to encourage development of these apps. There are many great apps for parents on the App Store, like "Moment - Balance Screen Time" by Moment Health and "Verizon Smart Family" by Verizon Wireless.

However, over the last year we became aware that some parental management apps were using a technology called Mobile Device Management or "MDM" and installing an MDM Profile as a method to limit and control use of these devices. MDM is a technology that gives one party access to and control over many devices, it was meant to be used by a company on it's [sic] own mobile devices as a management tool, where that company has a right to all of the data and use of the devices. The MDM technology is not intended to enable a developer to have access to and control over consumers' data and devices, but the apps we removed from the store did just that. No one, except you, should have unrestricted access to manage your child's device, know their location, track their app use, control their mail accounts, web surfing, camera use, network access, and even remotely erase their devices. Further, security research has shown that there is risk that MDM profiles could be used as a technology for hacker attacks by assisting them in installing apps for malicious purposes on users' devices.

When the App Store team investigated the use of MDM technology by some developers of apps for managing kids devices and learned the risk they create to user privacy and security, we asked these developers to stop using MDM technology in their apps. Protecting user privacy and security is paramount in the Apple ecosystem and we have important App Store guidelines to not allow apps that could pose a threat to consumers privacy and security. We will continue to provide features, like ScreenTime, designed to help parents manage their children's access to technology and we will work with developers to offer many great apps on the App Store for these uses, using technologies that are safe and private for us and our children.

Thank you,

Phil
Apple's App Store policies have become the target of increased scrutiny as iPhone and iOS gain more marketshare.

The Times in its report notes Kidslox and Qustodio, both parental control apps, recently filed a complaint with the European Commission after Apple forced changes to Kidslox that allegedly impacted the developer's business. In March, Spotify filed an antitrust complaint against Apple with the same European Union office, while Kaspersky Lab did the same in Russia.
«1

Comments

  • Reply 1 of 40
    EsquireCatsEsquireCats Posts: 1,268member
    Unsurprisingly all we heard in the press was how these developers were blindsided by Apple. Meanwhile it looks like Apple reached out to them and asked them to discontinue using the tools improperly. Funny how developers caught red handed will run to the press.
    edited April 2019 supadav03chasmmagman1979chaickarusswhmurchisondewmeStrangeDaysgeorgie01cornchip
  • Reply 2 of 40
    geekmeegeekmee Posts: 629member
    “Apple App Store policies....increased scrutiny....as they gain more market share.”
    So let me get this straight, you will under go more scrutiny if you develop a successful product that people want and grow market share?
    As opposed to telling other people what to do with their products in order to do business with them.
    williamlondon
  • Reply 3 of 40
    chasmchasm Posts: 3,275member
    "blindsided"

    But anyway ... TOLD YA.
    edited April 2019 hmurchisoncornchipn2itivguy
  • Reply 4 of 40
    magman1979magman1979 Posts: 1,292member
    Just watch the loser troll army run to this like a fat kid to a cupcake to vilify Apple anyway and twist this narrative to prop up NYT and their bullshit...
    chaickaStrangeDayscornchipericthehalfbeewatto_cobra
  • Reply 5 of 40
    talexytalexy Posts: 80member
    geekmee said:
    “Apple App Store policies....increased scrutiny....as they gain more market share.”
    So let me get this straight, you will under go more scrutiny if you develop a successful product that people want and grow market share?
    As opposed to telling other people what to do with their products in order to do business with them.
    Is your post intended to be ironic?
    chasmwilliamlondonStrangeDayscornchipn2itivguy
  • Reply 6 of 40
    I wonder if New York Times buried the MDM misuse information. 
    watto_cobra
  • Reply 7 of 40
    Sounds like the EU/European Commission should go after Spotify, Kidslox and others for not respecting EU laws on data collection. Wonder if the vendors disclosed what they were doing in the software agreement? These apps. could pose a security exposure risk for phones/tablets that may have corporate development data or military-related data (some non-kids may have installed the apps.). Same concern where similar apps. are available for desktops/laptops. Hopefully, corporations would detect the potential exposure, but smaller firms likely would not.
    edited April 2019 bonobobwatto_cobra
  • Reply 8 of 40
    apple ][apple ][ Posts: 9,233member
    I remember reading the earlier article about this on this site and I also remember some of the ignorant comments.

    Many people who are easily manipulated and naive fell for the fake news from the NYT. 


    StrangeDaysradarthekatwatto_cobra
  • Reply 9 of 40
    So by using MDM technology, the DEVELOPER can have complete access to your iPhone and its contents and can install apps without your knowledge. 

    Obviously, that is a privacy violation - particularly if this gives the DEVELOPER access to your child's iPhone. 

    Next thing you know, Child Molesters and Hackers will create apps using MDM technology to take snapshots of your children or yourself in compromising situations. 

    Apple is RIGHT to BAN these apps and BAN these Developers for misusing Apple Technology. 
    cornchipbonobobwatto_cobra
  • Reply 10 of 40
    apple ][ said:
    I remember reading the earlier article about this on this site and I also remember some of the ignorant comments.

    Many people who are easily manipulated and naive fell for the fake news from the NYT. 


    It was AppleInsider that said, in the prior article: “In speaking with Apple on Saturday morning, AppleInsider was told that the feature removal requests and app withdrawals fall under section 5.2.5 of the App Store app review guidelines, specifically saying "don't create an App that appears confusing similar to an existing Apple Product, interface, app, or advertising theme." 

    Fake news too?
    edited April 2019 bonobobtokyojimu
  • Reply 11 of 40
    macxpressmacxpress Posts: 5,801member
    I wonder if New York Times buried the MDM misuse information. 
    Its the NY Times, of course they did. They've always had a bug up their ass for Apple. If there's a negative article they can write about Apple, they're all over it. 
    regurgitatedcoproliteStrangeDayscornchipwatto_cobra
  • Reply 12 of 40
    dhagan4755dhagan4755 Posts: 2,152member
    I manage Apple products with a MDM (Filewave). I'm not a big fan of MDM profiles. Considering the way Google manages Chromebooks, Apple should bite the bullet & go all in on managing its own devices instead of giving the hooks for 3rd parties to do it.
    cornchipmcdavewatto_cobra
  • Reply 13 of 40
    matrix077matrix077 Posts: 868member
    apple ][ said:
    I remember reading the earlier article about this on this site and I also remember some of the ignorant comments.

    Many people who are easily manipulated and naive fell for the fake news from the NYT. 


    It was AppleInsider that said, in the prior article: “In speaking with Apple on Saturday morning, AppleInsider was told that the feature removal requests and app withdrawals fall under section 5.2.5 of the App Store app review guidelines, specifically saying "don't create an App that appears confusing similar to an existing Apple Product, interface, app, or advertising theme." 

    Fake news too?
    Maybe the one AppleInsider talking to is not high level enough?
    StrangeDayscornchipwatto_cobra
  • Reply 14 of 40
    emig647emig647 Posts: 2,455member
    First off, I completely agree with  here. Utilizing MDM certificates to obtain their goals is extremely irresponsible and they should know better. 

    With that hat being said  may not be so innocent. I have worked for a company in the past where they suddenly kicked an app of ours out of the store after it being there 7 years with monthly updates. The reasoning was quite vague. We had phone calls, escalated it up the chain but they just kept repeating the rule instead of telling us how it even applied to us. The crazy thing was we had other apps that did the same thing but they were hung up on this one. In the end we changed categories and the name of the app and then it was perfectly acceptable. But the entire lack of specifics is where the frustration stemmed from. We would have been more than happy to change the app if they could tell us what to do or what specifically was wrong.

    If these companies got the same runaround I can easily see how they could draw parallels to  sherlocking the industry. There seems to be a communication breakdown somewhere. 
    cornchipn2itivguybonobobmuthuk_vanalingamtokyojimuwatto_cobra
  • Reply 15 of 40
    boboliciousbobolicious Posts: 1,139member
    ...should this remind of f.lux's attempt to offer an iOS app: justgetflux.com/ios.html ?

    "there is risk that MDM profiles could be used as a technology for hacker attacks by assisting them in installing apps for malicious purposes on users' devices"
    Does this risk still exist (perhaps to a lesser extent) with Screen Time ?

    Should the push of screen time raise a privacy red flag too...?
    ...and does Apple in the end have any possible access to such data, especially if synced over iCloud...?

    Is the data Apple increasingly layers into each iOS upgrade with such things as screen time of concern ?

    To name a few:
    Find my iPhone (location tracking)
    Contacts (with 'Profile Pictures' + 'Note', potentially sent to iCloud by others unknown), 
    Photos (auto tagging),
    Safari (bookmarks), 
    Keychain, 
    Mail, 
    Maps, 
    News, 
    Music, 
    Home, 
    Health, 
    ApplePay, 
    Watch,
    HomePod,
    etc, etc...  

    Is this remarkable...?

    Is this potential data all the more valuable as verifiable with Touch ID and/or Facial Recognition, etc.?

    Even with the best of intent (to balance user benefits with privacy) might this put an incredible amount of user data at risk of 'unintended consequences'...?
    edited April 2019
  • Reply 16 of 40
    kruegdudekruegdude Posts: 340member
    emig647 said:
    First off, I completely agree with  here. Utilizing MDM certificates to obtain their goals is extremely irresponsible and they should know better. 

    With that hat being said  may not be so innocent. I have worked for a company in the past where they suddenly kicked an app of ours out of the store after it being there 7 years with monthly updates. The reasoning was quite vague. We had phone calls, escalated it up the chain but they just kept repeating the rule instead of telling us how it even applied to us. The crazy thing was we had other apps that did the same thing but they were hung up on this one. In the end we changed categories and the name of the app and then it was perfectly acceptable. But the entire lack of specifics is where the frustration stemmed from. We would have been more than happy to change the app if they could tell us what to do or what specifically was wrong.

    If these companies got the same runaround I can easily see how they could draw parallels to  sherlocking the industry. There seems to be a communication breakdown somewhere. 
    So you wrote an app that broke the rules, they called you on it and you’re still complaining after all this time. Glad you’re completely agreeing with Apple :-)
    watto_cobra
  • Reply 17 of 40
    emig647emig647 Posts: 2,455member
    We didn’t break any rules. They claimed we were changing code after review which we were not. The app couldn’t have been more native. It was nothing more than them not understanding what was happening. 

    Edit: I believe you’re missing the point I was making about their communication. 
    edited April 2019 cornchipbeowulfschmidtlarryjwmuthuk_vanalingam
  • Reply 18 of 40
    rogifan_newrogifan_new Posts: 4,297member
    So by using MDM technology, the DEVELOPER can have complete access to your iPhone and its contents and can install apps without your knowledge. 

    Obviously, that is a privacy violation - particularly if this gives the DEVELOPER access to your child's iPhone. 

    Next thing you know, Child Molesters and Hackers will create apps using MDM technology to take snapshots of your children or yourself in compromising situations. 

    Apple is RIGHT to BAN these apps and BAN these Developers for misusing Apple Technology. 
    How did they get approved to be on the App Store in the first place?
  • Reply 19 of 40
    The apps only "misused enterprise tools" because Apple refused to provide an official SDK that let the app developers do what the users wanted. Make no mistake this is fully intentional on Apple's part. Apple is very interested in limiting what users can do with their devices. This is why there is no real WiFi SDK, why the Bluetooth SDK is crippled, why apps are extremely restricted when they run in the background or with the screen off, why there are no third part Apple Watch faces, why you can't modify the user interface to suit your needs, why you can't side load apps, why there is no third party app store, why there is no professional mode, why their are no real code compilers on the iPad, why there are no virtual machines, why you can't mine cryptocurrency, why Home Kit sucks ...
    cornchip
  • Reply 20 of 40
    looplessloopless Posts: 325member
    The apps only "misused enterprise tools" because Apple refused to provide an official SDK that let the app developers do what the users wanted. Make no mistake this is fully intentional on Apple's part. Apple is very interested in limiting what users can do with their devices. This is why there is no real WiFi SDK, why the Bluetooth SDK is crippled, why apps are extremely restricted when they run in the background or with the screen off, why there are no third part Apple Watch faces, why you can't modify the user interface to suit your needs, why you can't side load apps, why there is no third party app store, why there is no professional mode, why their are no real code compilers on the iPad, why there are no virtual machines, why you can't mine cryptocurrency, why Home Kit sucks ...
    If Apple gave unfettered access to all features of a device, we end up with Windows. And we know how that ends up. Apple very carefully opens up the device via SDKs only after careful consideration and research into unintended side-effects. As they say 'the road to hell is paved with good intentions'. For example, NFC. Apple has been very careful to only support a very limited set of NFC protocols. Now that the NFC market has matured and all the security and user issues are mostly sorted, they are apparently opening up to other NFC protocols and presumably SDK access in the next iOS release.
    cornchipn2itivguywatto_cobra
Sign In or Register to comment.