Over the last month, there’s been some controversy between Apple and iOS developers who make parental control apps that use mobile device management (MDM). Most recently, Apple said it was only going to allow parental control apps that didn’t use MDM, but now “in limited cases” it will let developers use the solution.
At the end of April, Apple’s Phil Schiller made the announcement about the company cutting off developers of parental control apps that use MDM. He wrote in an email (via MacRumors):
Protecting user privacy and security is paramount in the Apple ecosystem and we have important App Store guidelines to not allow apps that could pose a threat to consumers privacy and security. We will continue to provide features, like ScreenTime, designed to help parents manage their children’s access to technology and we will work with developers to offer many great apps on the App Store for these uses, using technologies that are safe and private for us and our children.
A few days later, one of the apps that was removed, OurPact, called Apple’s statement on the matter “misleading.”
Apple recently stated that its own MDM technology, used by millions, poses risks to user privacy and can be abused by hackers. This stands in contradiction to the fact that MDM technology was initially developed by Apple to ensure security of private data on remotely managed devices. Apple alone issues certificates to third parties to communicate with their MDM servers, and Apple themselves are responsible for sending all MDM commands to user devices.
Apple then responded to that and other similar criticism from parental control app developers who felt the move was unfair. It seemed the company wasn’t going to change course as it repeated much of what VP Phil Schiller previously shared.
However, with the latest App Store Developer Guidelines, Apple has indeed opened back up the possibility of using MDM for parental control apps. It does note “in limited cases” though, so it may come down to a case by case basis.
Guideline 5.5. (New) Because MDM provides access to sensitive data, MDM apps must request the mobile device management capability, and may only be offered by commercial enterprises, such as business organizations, educational institutions, or government agencies, and, in limited cases, companies utilizing MDM for parental controls. MDM apps may not sell, use, or disclose to third parties any data for any purpose, and must commit to this in their privacy policy.
The stipulation that MDM apps “may not sell, use, or disclose to third parties any data for any purpose, and must commit to this in their privacy policy” lines up with the new guideline that all kids’ apps may not contain any third-party advertising or analytics software.
FTC: We use income earning auto affiliate links. More.
Comments