Here’s Why Apple Is Cracking Down on Parental Control Apps

We’ve been seeing reports since late last year that Apple has been turning its eye toward removing third-party apps that offer parental control features like screen time tracking, with several developers quietly noting that their apps have been pulled from the App Store for somewhat cryptic reasons, such as missing iOS features like background location mode.

Although Apple originally backed down on some of these decisions after speaking with the developers in question, according to a report this week in The New York Times, this hasn’t always been the case, and there has in fact been an organized campaign within the App Store review process to cull third-party screen time apps.

Of course, Apple debuted its own Screen Time feature in iOS 12, greatly enhancing the ability for the mobile operating system itself to handle many of these parental requirements without forcing users to resort to third-party apps, but the company’s move has left developers feeling that Apple’s behaviour is anti-competitive and designed to push users toward Apple’s own features and disenfranchise those developers who believe that they can do better than Apple.

The Times cites an analysis it did with app analytics firm Sensor Tower, which discovered that Apple has removed or limited at least 11 of the 17 most downloaded screen-time and parental control apps on the App Store, along with an unspecified number of lesser-known apps. In some cases, Apple simply required developers to remove specific features related to parental control, while in other cases, the apps were removed from the App Store entirely.

Many of these apps have been operating for years without any problems, making Apple’s recent scrutiny of them seem all the more capricious, particularly in light of its own Screen Time featue. However, since Apple doesn’t monetize Screen Time in any way, there’s little reason to call the company’s decision anti-competitive, but it’s understandable how developers have been left feeling blindsided by the sudden changes.

They [Apple] yanked us out of the blue with no warning. They are systematically killing the industry.

Amir Moussavian, CEO of OurPact, parental control app developer

For example, OurPact, the top parental control iPhone app on the App Store boasts more than three million downloads and accounts for 80 percent of the company’s revenue. According to CEO Amir Moussavian, Apple summarily pulled OurPact from the App Store back in February, with no warning at all, “crippling” his business.

While the Screen Time features that Apple introduced iOS 12 are arguably able to provide a more consistent and reliable experience, since they’re baked into the operating system, there are many areas in which third-party apps still do a better job of providing more options for parents. For example, the “Downtime” feature in iOS 12 only allows parents to set a bedtime for kids, and in fact until the recent release of iOS 12.2, it wasn’t even possible to set different bedtimes on different days of the week. By comparison, many third-party parental control apps allow parents to shut down their kids’ access at other times of the day, such as during school hours or when they’re supposed to be doing homework or chores.

For its part, Apple is defending its decision based on enforcing user privacy. Tammy Levine, a spokesperson for Apple, told the Times that the apps in question were removed because “they could gain too much information from users’ devices.” Levine noted that the timing of Apple’s move was not related to its own introduction of similar tools.

With the significant number of privacy abuses that have been discovered within apps over the past year — ranging from invasive data collection by Facebook and Google to health apps sharing intensely personal information — it’s easy to understand where Apple may be coming from. In fact, we’d go so far as to say that it’s not so much that Apple removed the apps because they were competing with its own Screen Time feature (again, it’s hard to see how Apple would care about this, since it gains nothing from people’s use of the feature), but that the company may have introduced its own Screen Time to offer a safe and private alternative to the many parental control apps that were already out there misusing the App Store.

In an email obtained by MacRumors, Apple Senior VP Phil Schiller goes into considerably more detail in explaining Apple’s position to a concerned customer.

I would like to assure you that the App Store team has acted extremely responsibly in this matter, helping to protect our children from technologies that could be used to violate their privacy and security.

Phil Schiller, Apple Senior Vice President of Worldwide Marketing

Schiller offers a remarkably deep explanation of the issues surrounding many of these apps, noting that they were found to be misusing the Mobile Device Management (MDM) technology that’s designed to allow businesses and schools to manage iPhone and iPad devices that are typically owned by the organization and issued to employees. The parental control apps were using MDM profiles as their means to limit and control what kids could do with their devices. While this is understandable from the perspective of allowing parents to have this level of control, the problem is that the app developer itself is the one who actually manages the profile, so parents installing these apps are probably giving up considerably more information and control than they realize.

Mobile Device Management policies are regularly installed on devices used in businesses and schools as a requirement to connect to the organization’s systems such as Microsoft Exchange servers or Google’s G Suite of apps. When the device is owned by the organization, it makes sense that the organization has a right to control and monitor how the device is used. For example, many high-security companies will disable an iPhone camera, or need access to remotely erase a device to prevent confidential information from being compromised if the device is lost or stolen. By extension, there would be nothing wrong with a family “organization” using its own MDM system where they control all of the pieces, but setting this kind of system up is beyond the capabilities of most iPhone users.

No one, except you, should have unrestricted access to manage your child’s device, know their location, track their app use, control their mail accounts, web surfing, camera use, network access, and even remotely erase their devices.

Phil Schiller, Apple Senior Vice President of Worldwide Marketing

As Schiller explains in the e-mail, an MDM profile provides a lot of power to the entity that issues it, including the ability to track app use and know where devices are located. Unfortunately, there’s no way for parents installing these types of parental control apps to be certain that they are the only ones who will use these features, and even in the event that a third-party app developer is completely trustworthy, there’s no guarantee that the developers systems are properly protected from hackers that could take advantage of a collection of developer-managed devices to install malware or worse.

Following the emails to customers, Apple also released a public statement that makes most of the same points that Schiller expressed in his emails.

While it’s clear that the use of MDM certificates for this kind of feature is a very bad idea, the problem is that Apple has provided for no other way for developers to implement parental controls directly on the device, so it’s understandable that third-party app developers have worked around these limitations in the only way that they can. Schiller adds that Apple plans to “work with developers to offer many great apps on the App Store for these uses, using technologies that are safe and private for us and our children,” which hopefully means that Apple is working on an API that will give developers the legitimate ability to add these kinds of controls to family-owned iOS devices without exposing the devices and their data to the developers themselves.