New app store code of practice aims to strengthen ecosystem cyber security

"If implemented thoroughly, the code should result in cleaner app stores, with greater visibility for apps that are transparent about their functionality, comply with baseline security requirements, and are regularly updated. That should prove advantageous to developers who embrace those principles. However, along with Apple’s efforts to increase user control over privacy, the code is also another step towards restricting background tracking of users, which (as we’ve seen with Meta) can have a significant impact on revenue for apps that primarily generate revenue through advertising."

"This highlights the inherent tension in certain parts of the app market. In principle, governments and regulators want to champion principles that protect users’ privacy, but users are also not used to having to pay for apps like Facebook, Instagram and TikTok, and so policy developments that can materially impact revenue generation have to be implemented carefully."

"Ultimately, how effective the code is depends entirely on the extent to which it is applied by Apple, Google and other app store operators. DCMS say there will be a 9 month period for adherence, and that they will initially focus on assessing adherence by app store operators, but this is still clearly described as a voluntary code, and so it remains very unclear what, if anything, DCMS can really do if app store operators choose not to adhere to the code."

Stuart's comments were published in IT Pro, 9 December 2022, and can be found here.