Just past midnight Pacific time today, Apple filed Proposed Findings of Fact and Conclusions of Law in its legal dispute with Epic Games. The document, a standard pre-trial filing, is designed to serve as a road map for the trial judge, explaining the facts Apple expects will be admitted into evidence at trial, how the law applies to those facts, and the decision Apple believes the court should reach. In other words, it’s a one-sided account of the disputes meant to persuade the judge that Apple’s legal positions are correct. Epic has filed a similar pleading in the case arguing its side of the story.
Tim Sweeney, the CEO of Epic Games, has confirmed Project Liberty in prior interviews and has said that Epic spent months preparing the lawsuit against Apple, though Apple’s court filings provide new insight into the lengths that Epic went to in order to rope Apple and Google into an antitrust lawsuit.
Apple argues that an expansion of antitrust law is unwarranted and that Epic’s product market descriptions are inaccurate because of the other platforms the App Store is competing with. Apple claims that Epic overstates the App Store’s profitability, and that arguments that the review process is ineffective are inaccurate.
The major distinction at play in Epic’s own argument is that iOS is an entire market unto itself and not just one of many competing products in a larger marketplace of video game transactions. If the judge agrees with this classification, Apple may be more likely to be seen as monopolistic.
Another key part of Epic’s argument involves comparing and contrasting iOS with macOS. Apple claims that its strict rules about what apps can and can’t do on the iOS App Store are driven at least in part by concerns about security and privacy for users. Epic points out, however, that Apple claims macOS is secure and private without placing all the same restrictions on the Mac operating system.
Epic asserts that Apple’s controversial App Review process “does little to keep iOS devices secure,” and it alleges that Apple has on multiple occasions screened apps “primarily for non-security issues—including specifically for anti competitive purposes.”
Apple has never increased its baseline 30% commission. Schiller TT. To the contrary, it has lowered the commission in multiple instances, including subscription services and as part of its small business program.
As I’ve noted, the effective commission has actually increased. The recently announced small business program of course has nothing to do with this case.
When those free downloads are considered—as they should be—the effective commission rate for initial game app downloads in 2008 was about 3%
Both categories of evidence—market structure and market outcomes—are inconsistent with Apple possessing monopoly power or charging supracompetitive prices.
Developers need not even leave the App Store to constrain Apple’s ability to raise prices. Hitt TT. If Apple sought to raise its commission, for example, developers could monetize through content or digital currencies sold to consumers through another transaction platform or directly through a web browser (including a web browser on an iOS device).
IAP obviates the need for (and expense of) tracking, audit, and collection of Apple’s commissions on any in-app purchases of digital content. Schmalensee TT. Indeed, without such automatic processes, a developer using an external payment mechanism could seek to evade a commission owed to Apple, and Apple would have no technological ability to collect any commissions on the sale. Schmalensee TT. This would lead to laborious reconciliation efforts and dispute resolution—turning an automated, near-instantaneous process accomplished through IAP into a fraught and drawn-out one.
It’s weird how Apple is simultaneously arguing that developers have other options for payments and that no other options can be allowed because that would make it harder to count up the 30% that’s owed to Apple.
By mislabeling distributor and retailer margins as “commissions,” Apple seeks to distract from structural differences between shrinkwrapped software distribution and today’s app stores.
In the months that followed, Apple executives and software engineers debated the proper distribution method for third-party applications and specifically whether “Apple signed applications” would be posted exclusively to an “online store”, or whether third parties would be permitted to “distribute on their own”. […] Apple’s security experts remained out of this debate, noting that the question of exclusive distribution is one of “policy”, as opposed to security.
During the time between the launch of the App Store in 2008 and the introduction of IAP in 2009, in-app payment processing and app distribution were entirely separate and iOS developers were monetizing their apps with in-app payment solutions that were self-provided.
Web apps have limited functionality compared to native apps. Native apps are “faster”, “use less memory” and “can take advantage of native graphics libraries in a way that is either not available or would have to be shoehorned in a web app or a different kind of application”. (Forstall Dep. […])
Apple publicly touts the security of macOS, promising Mac users that they can enjoy “Security. Built right in.” and can “[d]ownload apps safelty from the Mac App Store. And the internet.”
Apple prepared a number of internal white papers [that] explicitly contemplate the possibility of distribution outside the App Store, and assume that “the technical infrastructure [they were] building w[ould] allow for other distribution mechanisms” beyond the App Store. […] This security layer is independent of the app distribution channel.
In 2013, another app from the same developer was “remov[ed]” “immediately” because Mr. Schiller and Mr. Cue were “adamant” about its removal, despite Mr. Shoemaker’s “protest[s]” that there was no clear justification for doing so under the app review guidelines.
The FEAR team further believed that […] the process amounts to “a wetware [i.e., a human-led] rate limiting service and nothing more”, and that Apple had not invested sufficient resources to detect and prevent abuse.
Epic: “In June 2018, Apple sought to force Uber and Lyft to adopt IAP for their newly-introduced subscription services.” The remainder of that paragraph is redacted. Was it previously known that Apple tried to require Uber and Lyft to use Apple’s payment system for subscriptions?
Eric Friedman, head of Apple’s FEAR unit — Fraud Engineering Algorithms and Risk — said in a recent deposition that his team believed the App Review team was inadequate to the risks posed by malicious actors, saying they were “bringing a plastic butter knife to a gun fight.”
However in late 2017 Apple’s FEAR team still called the App Review process inadequate. Friedman said it “was more like the pretty lady who greets you with a lei at the Hawaiian airport than the drug sniffing dog.”
FEAR likened App Review to TSA employees, “under pressure to move people through” and “not able to deflect sophisticated attackers”.
There shouldn’t be anything particularly surprising to knowledgeable App Store developers. But this is public confirmation that the worst case scenarios, our most “cynical” speculations, are actually true.
I can’t believe how long Apple has had to address these problems and how little they’ve done.
Apple’s App Store was never designed to work. At least not in the way the company purports that it does. Apple presents the App Store as a highly curated, secure mall of apps which have been thoroughly vetted, and that you can safely install without any due diligence. But it’s not and you shouldn’t.
As part of Epic’s lawsuit against Apple, we’ve come to learn that app reviewers typically review 50-100 apps per day. Some times spending less than a minute reviewing an individual app. We’ve also learned that these reviewers are hired without any technical background, let alone any particular expertise with the iOS or macOS platforms.
There’s a term for a practice like this: security theater.
Customers convinced us but so did the fact that Google LOVED that we started with a web apps strategy. Eric Schmidt was a huge supporter & it’s easy to understand why. When SJ saw he could lose control of the iPhone platform, there was a whole hearted shift away from web apps!
Update (2021-04-14): Ben Lovejoy:
Internal documents released as part of the Epic Games lawsuit reveal an Apple anti-fraud engineer suggesting that App Store checks were grossly inadequate.
Apple: “The @AppStore is a place you can trust.”
Also Apple: “Our lawyers told us to remove the ‘Report a Problem’ button to avoid paper trails & liability.”
You think the
@AppStore is “a place you can trust”?
How to spot a $5M/year scam, in 5 minutes flat:👇
Here’s another example. Total scam copy app of the Roku Remote app (the official one is FREE!) that charges people $4.99 PER WEEK?? Stacked with fake reviews. Write-up on Forbes platform. Still chugging along.
Someone just sent me an app that’s a silly little game, but if I set my VPN to Turkey it becomes an online casino that doesn’t even use Apple’s IAP.
Nobody is happy with this app. Most are accusing it of being a scam. Some of the ratings are probably fake too, “boosting” it to 2.4 stars.
Why does any of this matter?
The app is currently the #441 top grossing app across the entire App Store 🤯