Not so nice, we investigated them twice: EU opens double whammy of inquiries into Apple's biz practices

App Store cut and Cupertino's NFC platform in competition crosshairs

Updated In the words of Brenda from Bristol: Another one? Yes, afraid so. The European Commission has opened up a fresh investigation into Apple's business practices, this time focusing on the App Store and Apple Pay.

The first investigation, prompted by complaints from Spotify and Rakuten (which is described solely as "an e-book and audiobook distributor" in the EC release), will determine whether Apple has used its digital marketplaces to stifle competition from rivals in the digital services space.

As with sales of apps, Apple takes a 30 per cent cut of all in-app purchases – say, for example, some coins in a mobile game, or a month's subscription to Spotify. And while it's possible for developers to circumvent this (Spotify, for example, lets you pay via their website or with gift cards), developers aren't allowed to inform users about payment alternatives within the app.

These, the commission notes, are often cheaper. For example, a month's subscription to YouTube Premium paid via the App Store costs £15.99. Go direct to YouTube, and the price drops to £11.99. That's a saving of £48 annually.

Not only is this financially lucrative for Apple, but it also gives it control over the commercial relationship between the third-party app and the customer. Apple has access to potentially commercially significant customer data that the third-party provider simply doesn't.

The commission is worried this could distort the market, giving Apple's own products (like Apple Music) an unfair advantage over the competition. After all, Cupertino's homegrown efforts aren't subject to the same cut as their third-party rivals.

In a statement, Margrethe Vestager, who heads up competition policy at the European Commission, said: "It appears that Apple obtained a 'gatekeeper' role when it comes to the distribution of apps and content to users of Apple's popular devices.

"We need to ensure that Apple's rules do not distort competition in markets where Apple is competing with other app developers, for example with its music streaming service Apple Music or with Apple Books. I have therefore decided to take a close look at Apple's App Store rules and their compliance with EU competition rules."

The European Economic Area is a key market for Apple. More to the point, services are now a huge part of the company's revenue stream, with Cupertino yesterday announcing that the App Store ecosystem had facilitated $519bn in e-commerce activity during 2019. That's $1.5bn more than the estimated GDP of Belgium last year.

If Apple is forced to allow third-party developers to take direct payments for in-app purchases, it could see that number (and its share of the revenue) plunge.

Separately, the commission is waving a beady eye over Apple Pay to see it's not falling foul of any competition rules.

Apple Pay is the sole NFC mobile payments tool available to iPhone users, allowing individuals to make in-store purchases by tapping their phone against a contactless reader. For this, Apple takes a 0.15 per cent cut of each transaction.

In contrast, Android is a broader ecosystem, with Google Pay competing directly with equivalents from Samsung and Huawei.

The commission is concerned that Apple is unlawfully stifling competition and innovation by using its "walled garden" status to prevent rivals from building iOS NFC payment apps.

"It is important that Apple's measures do not deny consumers the benefits of new payment technologies, including better choice, quality, innovation and competitive prices," said Vestager. "I have therefore decided to take a close look at Apple's practices regarding Apple Pay and their impact on competition."

This investigation comes as scrutiny is increasingly applied to Apple Pay, with German lawmakers voting in favour of a measure that would compel Cupertino to allow third-party access to the NFC chip found within the iPhone.

Apple is predictably nonplussed, warning via Reuters that the bill, which has yet to be ratified by Germany's Bundesrat, would harm "user friendliness, data protection and the security of financial information."

This isn't the first time Apple has found itself in the European Commission's crosshairs. In 2016, after an arduous two-year investigation, the commission found that Apple was the recipient of illegal state aid from Ireland, and forced it to repay €13bn in back taxes. Apple has appealed against the ruling.

The Register has asked Apple, Spotify, and Rakuten for comment.

Updated on 16 June 17.44 BST to add:

Apple sent us a statement following publication of the article. “We follow the law in everything we do and we embrace competition at every stage because we believe it pushes us to deliver even better results.

"It's disappointing the European Commission is advancing baseless complaints from a handful of companies who simply want a free ride, and don't want to play by the same rules as everyone else. We don’t think that’s right — we want to maintain a level playing field where anyone with determination and a great idea can succeed.

"At the end of the day, our goal is simple: for our customers to have access to the best app or service of their choice, in a safe and secure environment. We welcome the opportunity to show the European Commission all we’ve done to make that goal a reality.” ®

Other stories you might like

  • Lonestar plans to put datacenters in the Moon's lava tubes
    How? Founder tells The Register 'Robots… lots of robots'

    Imagine a future where racks of computer servers hum quietly in darkness below the surface of the Moon.

    Here is where some of the most important data is stored, to be left untouched for as long as can be. The idea sounds like something from science-fiction, but one startup that recently emerged from stealth is trying to turn it into a reality. Lonestar Data Holdings has a unique mission unlike any other cloud provider: to build datacenters on the Moon backing up the world's data.

    "It's inconceivable to me that we are keeping our most precious assets, our knowledge and our data, on Earth, where we're setting off bombs and burning things," Christopher Stott, founder and CEO of Lonestar, told The Register. "We need to put our assets in place off our planet, where we can keep it safe."

    Continue reading
  • Conti: Russian-backed rulers of Costa Rican hacktocracy?
    Also, Chinese IT admin jailed for deleting database, and the NSA promises no more backdoors

    In brief The notorious Russian-aligned Conti ransomware gang has upped the ante in its attack against Costa Rica, threatening to overthrow the government if it doesn't pay a $20 million ransom. 

    Costa Rican president Rodrigo Chaves said that the country is effectively at war with the gang, who in April infiltrated the government's computer systems, gaining a foothold in 27 agencies at various government levels. The US State Department has offered a $15 million reward leading to the capture of Conti's leaders, who it said have made more than $150 million from 1,000+ victims.

    Conti claimed this week that it has insiders in the Costa Rican government, the AP reported, warning that "We are determined to overthrow the government by means of a cyber attack, we have already shown you all the strength and power, you have introduced an emergency." 

    Continue reading
  • China-linked Twisted Panda caught spying on Russian defense R&D
    Because Beijing isn't above covert ops to accomplish its five-year goals

    Chinese cyberspies targeted two Russian defense institutes and possibly another research facility in Belarus, according to Check Point Research.

    The new campaign, dubbed Twisted Panda, is part of a larger, state-sponsored espionage operation that has been ongoing for several months, if not nearly a year, according to the security shop.

    In a technical analysis, the researchers detail the various malicious stages and payloads of the campaign that used sanctions-related phishing emails to attack Russian entities, which are part of the state-owned defense conglomerate Rostec Corporation.

    Continue reading

Biting the hand that feeds IT © 1998–2022