For support, the Progressive Web Apps will still need to be built on WebKit, with all that entails.
I wonder if there was some sort of back channeling with the EU to determine that “actually this is fine, we don’t care about rendering engine competition for PWAs, WebKit-only is better than removing them.”
The law ultimately only requires changes to features the EU cares about.
This is the most likely theory.
The notion that Apple was purposefully trying to kill PWAs never made sense in light of their significant investment in supporting PWAs over the last four years, down to recruiting industry rockstars such as Jen Simmons.
Nobody who was screaming bloody murder ever tried to reconcile that incongruence, much less succeeded.
What’s more likely is that Apple’s lawyers went with the most careful interpretation of the DMA, concluded that they’d have to facilitate Home Screen install for other browsers as well, figured it wasn’t worth the engineering effort, especially on short notice, and instead just deactivated it for Safari as well.
Then, after all the bloody murder that was being screamed about, the EU started to inquire[0] both with Apple as well as developers about the consequences for PWAs. Apple was told that their interpretation was too strict (or that they will be given more time to implement it for other browsers, but less likely because such decisions are typically made public) and that they’re fine (for now) with PWAs running in WebKit.
0: https://9to5mac.com/2024/02/26/apple-blocking-web-apps/
Investing in PWAs for four years is only going to get you so far when you’re eight years behind the competition.
Obviously I’m making numbers up here but to my perspective Apple’s recent investments (bringing them to a level still behind competitors) has a lot more to do with staving off legal threats to their 30% cut on native apps (e.g. the Epic lawsuit) than any benevolence towards the web platform.
This makes absolutely no sense. It came out in the Eoic trial that 90% of App Store revenue comes from games and in app purchases.
Those apps are no more going to leave the App Store and go to the web than they are going to leave the Google Pay Store. In app purchases monetize too well and people aren’t going to put their credit cards on every third party website.
That’s not even to mention all of the ways that you can pay via in app purchases that you can’t pay via the web and all of the kids with phones without credit cards attached.
If it’s only Apple, then why aren’t Android developers creating great PWAs to escape the same 30%?
That's a good question: Apple has argued in court that PWAs are a serviceable alternative to the app store.
So why aren't developers using them? Is Apple wrong? Are they not a serviceable alternative to the app store?
Android has better support than iOS, and Android's userbase spends less money on apps and is more often monetized through ads. So it's not the payment platform that causes developers to avoid PWAs, otherwise they'd be used all over the place on Android.
Android also has a semi-thriving community of Open Source applications through F-Droid that are privacy preserving and completely non-monetized. But installing apps through F-Droid is complicated. And F-Droid has zero user reviews. So it's clearly not the ease of delivery or advertisement that's causing those developers to ship native apps that need to be sideloaded through a complicated process that involves going into your phone settings and turning on sideloading instead of just shipping web apps.
So what's left? Well, invasive apps like Facebook/Twitter could ship as PWAs (with the caveat that their notification support would be worse). But they'd be giving up tracking ability by doing so. Web browsers are better secured than phones are. Facebook on iOS has an easier time tracking your behavior than Facebook in Safari does. Facebook on iOS could even at one point (and might still be able to, I can't find a source that this is patched) push custom code into web views of other articles through its iOS native app. So yeah, they're obviously interested in shipping an iOS app because (frankly) the Safari team is better at security than Apple's iOS developers are.
The only reason left that explains that behavior is the fact that PWAs on both Android and iOS are severely lacking in APIs that would enable anything other than shallow internet-connected services. They are not alternatives to the app store in their current state, no matter how much Apple pretends otherwise. Notification support on Android for PWAs is a joke, it's basically only usable for advertisements. And it's even worse on iOS. If you want to make an alarm app as a PWA, it is literally impossible to do that reliably. Want to make an RSS reader? I have no clue how that would be done as a PWA, I don't think it can be done without a web server handling the article fetching.
----
And I'm sure you would say at this point that there are tons of apps that don't need this stuff and that really it's not about capabilities it's about payments and about what the users want and where they look for apps...
And I would just repeat your question back to you -- there are a ton of apps that are not monetizing through app store payments that aren't shipping PWAs. There are a ton of apps that are not looking for mass-market appeal that are not shipping PWAs. And Apple is arguing in court that they could. But they're not. They're not using PWAs on iOS or on Android. They're not shipping PWAs when they rely on advertising. They're not shipping PWAs when they would benefit tremendously from not needing to pay so many commissions to Apple. Even when they're Open Source and don't monetize at all, they're not shipping PWAs.
Why not? What do those developers know that Apple either doesn't know or is pretending not to know? There's no NewPipe for iOS shipping through Safari. Why is that?
Just a quick Google search shows that App Store revenue is 67%/33% split Apple/Google.
https://www.bigabid.com/apple-app-store-vs-google-play-store....
In that case, if PWAs were good enough on Android and they could avoid the 30% cut, why bother making native Android apps at all?
All of the HN commenters blame mean old Apple for holding the web back. But the fact is that every mobile platform at one point announced that “you can make good apps using web technology” - Apple, Google, Microsoft, Palm, and RIM. They’ve all sucked
Even before then, Sun promised that you could make great cross platform GUI apps and they sucked.
Today Electron apps are, battery draining, memory hogging monstrosities.
And the tracking thing is a non starter. You have much better ways to track on the we then through native apps - at least on iOS with a much better permission model.
To the first approximation - no one cares about PWAs - not users, not companies.
I don't want to skirt too close to HN guidelines here, but I'm genuinely curious if you actually read my comment or not.
This is exactly what I asked you. If PWAs are (as Apple claims) good enough alternatives to the app store, why isn't anyone using them?
You can complain about Electron, but developers build Electron apps. They don't build PWAs. Because Electron apps are actually a feasible alternative to more native GUIs, and PWAs are not. The question you and I are asking (why isn't anyone using PWAs) reveals exactly how bullcrap Apple's legal arguments about PWAs are. They are not reasonable alternatives to the app store.
I don't blame Apple exclusively for holding the web back. They're a part of it, but so is Google. I don't think I've ever had much good to say about Google on here, and as the US and EU are actively proving right now, it is possible to pursue regulation for multiple companies at the same time.
This is not true by any metric. Native apps have more access to fingerprinting vectors than web apps do, are capable of requesting deeper levels of user information like contacts. Native Facebook on iOS got called out for injecting custom code into the in-app web view when users clicked on links within Facebook for 3rd-party sites. That's something that's not possible to do in any modern web browser.
Native apps are indisputably easier to use to fingerprint and track users on both iOS and Android.
Even if you're unfamiliar with the technical side of this, you can still think of it this way: if apps like Facebook had an easier time tracking you on the web than on mobile devices, they wouldn't try to get you to install mobile apps. They would force you to use the website. The reason why Facebook ships an iOS app is because it is easier to track you via iOS than through the Facebook website.
I’m very familiar both - exactly how can apps track you - without your permission that the web can’t?
And your example of how Facebook can track you by knowing what links you clicked on off the site from the app, of course Facebook could do that from the web.
There are at least a dozen ways to do fingerprinting o the web
https://fingerprint.com/blog/browser-fingerprinting-techniqu...
And what do you think is going to happen if there are more native APIs exposed in browsers?
Facebook could insert custom code into 3rd-party domains that have no relationship with it?
No, it can't. If Facebook could perform arbitrary XSS on 3rd-party websites it had no relationship with when you clicked on links on the Facebook website, that would be rightly treated as critical zero-day security flaw in any web browser.
I mean, you're saying you're familiar with this stuff, but you're also saying that Facebook can do arbitrary XSS via links, so forgive me for doubting you. Of course fingerprinting is possible on the web. It's easier with native apps. The web at least tries to shut down fingerprinting vectors; native platforms like iOS largely don't. Far from shutting down fingerprinting vectors, both Android and iOS have platform-supported device-specific advertising IDs that don't even require fingerprinting. At least Apple (eventually) started clearing the low, low bar of forcing applications to ask permission to access it, but that's a far cry from the kind of sandboxing and site/app isolation that happens in Safari.
I'm sorry, your defense for privileging native apps over browser apps is "if browsers could do everything native apps could do, it would be a nightmare for privacy"?
What do you think that says about the privacy and security of native apps?
If you click on a link from Facebook on the web - the only reason you would view a page in a web view on the app - you don’t think FB could know that you clicked on the link?
I also see that you ignored the dozen or so well known ways that you can track someone across the web.
Are you really saying you’ve never searched for something on one site and seen ads follow you around on other sites?
I just cited a list of ways that apps can’t track you across the web that you keep ignoring.
If you click on a link from Facebook on the web Facebook cannot perform arbitrary 3rd-party XSS on that page. On iOS, they could. You are misunderstanding what the native vulnerability was. I still feel like you do not understand what the vulnerability here is.
Facebook was allowed to insert arbitrary code into the system web view. That is not the same thing as knowing when you click on a link, it is the ability to arbitrarily execute code on 3rd-party domains regardless of whether or not those domains have any relationship with Facebook and regardless of whether they are fetching any Facebook resources/scripts. It is the ability to run custom Facebook code on sites like HN that do not normally insert Facebook pixels or tracking code.
It is not the same thing as a link ID or tracking what link you clicked on.
----
I'm not ignoring any tracking vectors on the web, I'm pointing out (correctly) that every single tracking vector on that list and then some is available for native apps. Which... obviously, of course native apps can do graphics fingerprinting. They have access to the same system libraries.
You've never searched for something in a mobile app and then seen an add for it elsewhere? You don't think that tracking networks exist for mobile apps? They do. I hate to be the one to break this to you, but native apps can also run low-level graphics code to fingerprint you. They can also look at connected media devices. They can also do audio fingerprinting.
None of this is unique to the web.
The big difference is details like the fact that those mobile apps can't be used with adblockers or anti-tracking protections, and of course that the embedded web views for apps like Instagram/Facebook allow for arbitrary 3rd-party XSS, and that the native platforms expose device-specific tracking IDs and additional fingerprinting vectors in addition to all of the fingerprinting APIs that exist on the web.
You're not citing anything that's unique to the web.
And you keep ignoring the fact that native Facebook on iOS could do arbitrary XSS attacks on 3rd-party sites! Something that is not possible on the web and that is a much bigger deal than canvas fingerprinting. I don't understand what part of this is tripping you up. This really is not something that is debatable; fingerprinting is not unique to the web, every tracking vector you're bringing up exists for native apps, and in general native platforms do a worse job at allowing users to block them.
This really genuinely is not a subjective take -- it is an objective fact that mobile platforms expose more fingerprinting and tracking vectors than browsers do. This is not just an opinion, the device capabilities for native apps are higher than the capabilities exposed to websites and all of those capabilities are tracking vectors. In addition, native platforms like iOS allow nested content and inspection of nested content in a way that is not possible on the web, and allow for persistent storage and identifiers that are more difficult to construct on the web. And native platforms do not provide user-controller mechanisms like adblockers to reduce or eliminate trackers within apps. That is true of both iOS and Android.
And native mobile platforms do all that in addition to supporting all of the fingerprinting vectors that the web supports.
----
Generally no, on the web I use an adblocker so I don't see ads at all, let alone ads that follow me around. Notably, adblocking is not possible for native iOS applications to the same degree as it is even in browsers like Safari. That is yet another reason why native apps are worse for privacy and security than webapps are.
Well Apple decimated that ability with ATT. Facebook even admitted for instance they projected losing billions when Apple made cross app tracking opt in.
https://cybernews.com/best-vpn/vpn-for-ad-blocking/
You named one additional way that you can track on an app if a user uses a web view.
There are dozens of ways that websites can track you without your permission that aren’t available in apps.
Really? You can’t do persistent storage on the web that’s available cross site?
In fact they do, I just cited a list of VPNs you can install.
Good thing that every single person or even the majority of people use ad blockers…
No, wrong again, please look this stuff up before you say things with this much confidence. The concerns I'm talking about popped up after ATT (https://www.theguardian.com/technology/2022/aug/11/meta-inje... and https://www.itechpost.com/articles/113985/20220923/meta-sued...).
It is unclear to me that this vulnerability has ever been patched, though of course Facebook denies that they use it for tracking (but of course they do). In the interest of being diplomatic to Apple I am operating under the assumption that they eventually patched it, but I have never been able to find a source verifying that they did.
As far as I know, Facebook is still doing this today in iOS.
It is of course also notable that when Apple discovered that Facebook was essentially performing malware attacks on 3rd-party sites, they didn't remove Facebook from the app store or punish Facebook in any way. So let's also get rid of the idea that moderation is a solution here, because Apple has repeatedly proven that they are not willing to remove apps like Facebook that violate privacy rules. 3rd-party XSS was not a big enough deal to Apple to remove the Facebook app.
----
VPNs are not a suitable alternative to native adblockers for a myriad of reasons that get discussed to death whenever VPNs come up in these conversations. Also, please do not link to a recommendation site that recommends NordVPN as the best VPN for privacy. NordVPN should be avoided.
In general, while I take a much more positive view on VPNs than many other HN commenters and while I do think they can enhance privacy, I still agree with the advice of many security professionals that VPNs can open up users to substantial privacy risks and should not be lightly used without a good reason or without a lot of research into their privacy policies and management.
No, many. Low-level graphics, contacts, device IDs, webview injection, long-term storage, precise location, bluetooth connections, etc, etc... the list goes on and on.
Such as? I can't think of a single one.
----
No, you can't! How is this a surprise to you?
The lack of persistent cross-site storage and the fact that any available cross-site storage is strictly opt-in is one of the biggest things that the web does. It used to be a little bit worse with 3rd-party cookies, but not only was that still subject to cross-origin restrictions and still required opt-in from every participating site, but also every major browser is now restricting 3rd-party cookies (even Chrome).
Even with PWAs on iOS, you can't access cross-site storage. In fact, Apple's entire justification for shutting down PWAs was that they wanted to ensure that cross-site storage restrictions continued to be respected (which is a bullcrap reason since every other browser already does this, but whatever).
Seriously, I'm trying to be diplomatic and respectful about this, but you need to look up how security models on the web work before you spout nonsense like this. 3rd-party site isolation is a big deal on the web, as is easily cleared storage that is treated like a temporary container. Safari goes a step further and auto-clears some of that storage. It was a big deal with PWAs when they announced a single way to get just 1st-party storage to reliably persist long-term.
There is no shared storage pool for the web that every site is subjected to, that is the entire point of cross-origin restrictions.
----
See above.
More than the people using adblockers for iOS. Like seriously, do you think the number of people who pay for a VPN adblocker is higher than the number of people who install for free ublock origin or a similar Safari-compatible adblocker?
This is absurd, you're looking at a tangible way in which native privacy is worse and you're saying, "but nobody uses the better solution." That's not exactly a convincing argument. I use adblockers online. My whole family does. Having at least the ability to protect oneself to some degree is important. You're not denying that for anyone that actually cares about privacy, the web is easier to secure -- you're just arguing that nobody cares about privacy. But some of us do.
And if you're talking about what the average user does, the average user A) doesn't pay for VPNs (even if VPNs were a substitute for adblockers, which they're not), and B) doesn't turn down invasive data requests from native apps, of which there are far more available to make on native platforms than on the web.
Objectively, factually, native app privacy is worse. It just is; you can either accept that or you can keep pretending that reality is something that it's not. But your lack of acceptance doesn't change anything about the reality that native platforms expose more fingerprinting vectors, have fewer ways for users to protect themselves, and are generally capable of much more invasive and malicious behavior.
To my understanding Apple has provided a solution in the form of a new type of webview available to apps that protects privacy. Last I checked (I don’t have the FB app installed for this exact reason so I’m not up to date) FB have not switched to using this new webview. It would be difficult to remove the functionality from the original API (WKWebView) because app developers like myself use it for legitimate reasons with internal web content. There have been some moves to lock advanced features behind an app-defined list of domains but it’s far from comprehensive. Maybe in iOS 18 (he said skeptically).
The answer is simple: Apple just needs to deny FB App Store approval until they switch APIs. Of course they haven’t done that, and they won’t.
There are plenty of APIs exposed to native apps that are not exposed to the web, stuff like your OS version, loaded libraries, boot time, …
The Safari version is exposed and the Safari version is tied to the OS version for iOS.
There is also a battery level API that is not supported by Safari.
https://developer.mozilla.org/en-US/docs/Web/API/Battery_Sta...
User agents can be changed by users in Safari. I wouldn't recommend doing so, but it is possible to tell Safari to stop reporting the version number to websites. I'm unaware of any way to do the same for native apps.
Note that native iOS apps do have access to battery level, which is another fingerprinting vector that can be avoided by using websites through Safari or Firefox.
Yes, I’m sure all of the people who are going to download an extension to change the user agent version in iOS are really going to mess with analytics
And which way are you arguing that Apple should add more OS level APIs for web apps or should have less for native apps?
You can’t have it both ways. Either you want the wonderful world of PWAs where random websites have more access to your hardware and more parity with native apps and less privacy and security or you want it to remain more restrictive.
These and more are all APIs that Apple has refused to implement that HN users are clamoring for. Which side do you fall on?
https://www.zdnet.com/article/apple-declined-to-implement-16...
In, at minimum, any way you agreed to on the permission screen when installing.
Facebook and Twitter webapps are awesome, by the way.
Software created by user-hostile organization is normally best on the environments where they have the least permissions.
I do want to encourage people to use Facebook/Twitter via their mobile browsers instead of through the native apps. I worry a little bit re-reading this that it sounds like I'm saying they're unusable, and no, they're not, and you should use them on the web.
Yes, you'll miss out on features like reliable message notifications, but it's mostly fine. Do not install Facebook on your phone.
...Microsoft did exactly that, though:
https://www.macrumors.com/2021/06/30/hands-on-xbox-cloud-gam...
I don't really understand the rest of your argument. "Of course developers aren't going to use the web instead of apps, it's a way worse experience!" is precisely the point in criticizing Apple letting the web platform languish. They have a vested interest in making sure the in-app experience remains superior to web experience because of their 30% cut.
If it’s just Apple, then why aren’t developers leaving Google Play Services in droves to avoid the same 30% cut?
And Microsoft did that not because they didn’t want to be in the store, but because at the time Apple wouldn’t allow them. Yes I disagree with this.
If PWAs could be made one to one with apps - and today games like Candy Crush could be web apps - game developers who make up 90% of App Store revenue still wouldn’t give up the direct access to users wallets they get from in app purchases.
If PWAs were on par with native feature-wise, why couldn't they have single-click in-app purchases? All you'd need is some large trusted platform to provide a single sign-on experience and process payments.
Why do small merchants sell physical goods on Amazon today when they could sell on their own website with much lower selling costs?
Even back before the App Store and there was just iTunes, Apple had more credit cards on file than anyone in the world except for Amazon.
Read up on “Aggregation theory” by Ben Thompson. Also people have access to in app purchases that don’t have access to credit cards - like kids.
Who is going to be that large trusted platform?
I don’t understand the argument you’re making.
“No one wants to use the web because it lacks the centralized payment processing”
“If PWAs were fully featured a third party could offer that”
“Why do you think people sell on Amazon?”
The last statement has little to do with the two preceding it. We all understand the strength of a centralized payment system. Amazon themselves already offer Amazon Payments. That could absolutely be an alternative to in-app purchases. Except Apple wouldn’t get their cut, so they don’t want that.
The correct answer here is to let the market decide. If I’m willing to trade 15%/30% of my revenue for an easier purchasing flow I can do that. But if I’m willing to tolerate more friction for a lower cut I should be allowed to do that too. But App Store rules expressly forbid that. The web could be an alternative but Apple has a vested interest in under developing it.
Where hard to understand? You don’t have to sell on Amazon and deal with their commissions but people do.
A news website doesn’t have to allow Google to crawl them since they complain that Google takes their ad revenues - yet they do.
And Apple would get no cut if Candy Crush were on the web and even the cut they would get from using Apple Pay (not in app payments) are standard credit card payments.
But kids who probably don’t have access to credit cards still can use in app payments along with people who don’t have credit cards at all who can use Apple gift cards. I gave up a reliable reference from a well known analyst about Aggregation Theory.
Outside of the App Store, parents aren’t going to give their kids unfettered access to their credit cards compared to parental controls that are available within the App Store.
If so many developers are in such a hurry to leave the OS providers App Store, then why don’t the same developers leave the Google Play store where it is allowed?
How did that work for Epic with Android?
The fact is that game developers - who make up 90% of App Store revenue according to data that came out during the Epic trial - complain about the 30% cut. But they want access not only to Apple’s customers but also to in app purchases so they can use every psychological trick to take advantage of the whales.
Neither Google nor Apple care about the Indy developer and the little revenue they make.
Are you fighting for the independent developer or the slimy pay to win game developers?
I think my previous comment was very clear: developers should get to choose. If they want to pay a high commission for easy payments they should be able to. If they want to introduce greater friction for a lower cut they should be allowed to do that too.
Apple expressly forbids this in native apps. If the PWA platform were more viable it would offer this choice but it isn’t, an Apple has a vested interest in things staying that way. At the very same time they defend their restrictions upon native apps in court citing the web as an alternative platform. It’s very convenient.
Okay, developers can choose on Android. Yet to a first approximation, all of them still use the Google Play Store, why is that?
If it’s only mean old Apple stopping developers from using PWAs, then why do Android developers still use Google Play services instead of PWAs, alternate app stores or direct downloads? All of which are available?
Candy Crush - still one of the most profitable games in the App Store is not graphic intensive and could be done on the web today and use Apple Pay (normal credit card charges), why don’t they?
Because Candy Crush relies upon being an impulse purchase. If people had to go through five steps to buy it a ton of people would abandon it.
That isn’t the same for every app. There are plenty of apps folks would be happy to go out of their way to purchase because they provide a ton of value. But the developers are not allowed to.
Again: my argument here is choice. Let developers decide. Your counter is “but one of them is better”. You’re entitled to your opinion but that isn’t a counter argument to letting developers choose what type of payment system they want to use. Apple does not let developers do that and they should. There’s really not much more to the debate than that. If, as you argue, Apple’s ecosystem is better in all aspects then it will win out in a free market. What’s not to like?
If we ever reach a point where compiled code is equally as performant as web apps, I'll eat a shoe.
I don’t think the comment you’re replying to was saying Apple’s PWA support was world-leading.
I think it was saying that if Apple wanted to kill PWA it would have made more sense to just not make those investments over the past four years.
The cynical view would be that apple was only doing that to try staving off anti-trust litigation. The fact that PWAs are seriously crippled on iOS vs Android still seems certainly makes it appear Apple has ulterior motives. If you make PWAs not able to do everything a native app can do then you're incentivizing native apps.
Apple wants everything to go through their store. (1) so they can ban anything they don't like. (2) they can get their 30% (can't get 30% of websites)
I'd say this is not a cynical view at all, rather a quite realistic one.
They only added support for push notifications to iOS in 2023 (7 years after Firefox and 8 years after Chrome on Android), right after the UK regulator started its investigation in mobile ecosystems.
Yeah I’m not sure how that seemed to get lost in some of the revisionist history in the comments here but it at a minimum sure was a hell of a coincidence that they managed to not make any meaningful investments in supporting the web as a viable app platform right up until the moment that regulators started looking into it.
This is an important server, not some small anonymous fringe forum. The idea that various political games are not played and manipulated also here is dangerously naive.
Could be just die hard fans or current employees/investors, but... I've seen and read enough to know how these games are played by all relevant players. Again, this is too important and trivial to infiltrate place to ignore by many many players. Sure mods can remove outright lies but the key is in subtle ways crowds can be manipulated via ie direct attack on negative emotions, or mildly revisioning history one step at a time.
It's really not. Self important maybe
Given the number of comments trying to find the craziest justifications for a giant corporation just attempting to break a law, silently kill thousands of apps used by millions of users, destroy businesses and kill the only open and free app distribution platform competing with their closed and taxed one, there is indeed very little doubt that a lot of people here have a vested interest in Apple.
Of course, Apple $1B legal department thought they had to kill web apps to conform with the DMA whose purpose is to open iOS to competition. Sure ;)
Nowadays, using push notification, users can be exposed from behind VPN.
Perhaps this is why Apple dragged their feet.
Lol, good one. And they just forgot to remove them for native apps, right?
You own Apple stock?
I could probably code a web browser by myself in 4 years, how does a 2 trillion company not have world-leading PWA support listen to yourself.
I'm pretty sure that no single person can code a modern web browser by themselves in 4 years. Even just rendering and layout alone is insanely complex with modern CSS. And then you need a decently fast JS interpreter (which means JIT these days - and web apps do assume that kind of perf), and Wasm, and canvas, and ...
https://ladybird.dev/
wrong, Apple only started implementing the bare minimum because they felt the heat from devs & feared the legal consequences for their anti-competitive behavior.
Apple still has the unquenchable desire to kill PWAs, they will just keep sabotaging them more subtly. Apple will keep up their shenanigans until the bitter end, but I hope that the EU will have none of it.
Yes… and what I was saying in my response is that even if Apple did want to kill PWA there is good legal reason to have made the investments they have in the past few years. In court they can argue that app makers are free to make a PWA if they don’t want to pay the 30% cut. If they removed PWA support they’d not be able to make that argument.
“The competition” is just Google/Chrome.
Unless there’s someone else?
I don’t understand the relevance of that, why would it invalidate the point?
I don’t think this speaks to intention, the investments that have been made and are still being made bring with them a cost, both in a monetary sense and in other ways. Regardless of the separate question with regards to them having been able to catch up with the competition.
A generous interpretation, with the presupposed premise that they haven’t been able to catch up, could say that it warrants a more favorable interpretation of their intentions if they were willing to invest after having lagged behind for so long, because the required investment would be greater and the pay off less clear.
Let’s be honest here. When people say something like this, they’re mainly thinking of Chrome/Chromium-based browsers.
Google is known to have no qualms supporting certain things that both Mozilla and Apple are uncomfortable with, while at the same time implementing a bunch of stuff that isn’t standardized.
On the whole, Safari/WebKit has roughly met Mozilla’s level of support for frameworks and APIs and even surpassed Mozilla on certain things (especially desktop). Of course if the benchmark is just Chromium, then none of it will ever be enough, then again, Mozilla doesn’t seem to catch a lot of flack for drawing a line in the sand in terms of support.
Other than that, Safari seems to be doing great on test suites/benchmarks that focus on progress such as the annual Interop. Consistently[0] keeping up[1] over the years[2], and sometimes coming out on top[3].
I tend to stay clear with attributing maleficence or less than generous intentions without something substantial to back it up. Especially when behavior seems to contradict such attributions.
For example, if that where the main motivator then I’d expect a bare minimum approach and Apple dragging their feet, like we see with DMA implementations (e.g., only allowing what must be allowed in the EU instead of globally), instead we not only see improvement of PWA support, in part beyond what Mozilla supports, but also direct contributions of standards that PWAs rely on in the form of improvements..
0: https://wpt.fyi/interop-2021?stable
1: https://wpt.fyi/interop-2023?stable
2: https://wpt.fyi/interop-2024
3: https://wpt.fyi/interop-2022?stable
On the flip side, I think past actions are a better indicator of intent than assuming good intent.
Having a closed ecosystem has been baked into Apple's DNA since day 1. Not just software, but even the hardware was sealed to prevent modifications to the hardware in an age when upgrading and modding PCs was the norm.
Over the past few decades there have been a lot of changes at Apple, but preventing user customization has been intertwined with their design-first philosophy. It seems naive to think they are doing anything but the minimal required action to maintain their hermetically sealed ecosystem.
Which non-Chromium competitors are you speaking to here? What are some examples of standards-track features that they implement that Apple doesn't?
Lack of any obvious method to actually install a PWA is probably the biggest blocker to PWA adoption today. They aren’t yet a web standard but citing standards always feels like a very convenient argument: there are a great many web features implemented by most browsers before they become standards. Multiple implementations are often part of the standardisation process.
When iOS finally implemented Web Push they gated it to only apply to Home Screen installed apps and those who defend Apple lauded the decision. Yet there’s absolutely no mention of that behaviour in web standards. Apple, like every browser creator, takes web standards as advisory and implements the parts they want, in the way they want.
AFAIK Apple still doesn't support PWAs. As one example AFAIK, iOS Webkit doesn't support fullscreen mode and orientation so it's impossible to make a landscape game as a PWA. That is supported on Android Firefox and Chrome for like 10 years? And would likely be supported on an alternate browser on iOS
I'm pretty sure there are many other APIs that PWAs want, that native apps have, that Firefox and Chrome offer on Android, but since 3rd party browsers are not supported on iOS, don't exist there.
That to me says Apple doesn't want PWAs.
I just opened a web app saved to the Home Screen, and it’s both full screen and rotates orientation.
Yes, installed PWAs can run fullscreen. This limitation exists only inside of Safari proper.
The intent here is likely to avoid the messes that could be caused by arbitrary sites being able to fullscreen and confuse or trick the user. Requiring a user interaction to fullscreen doesn’t help here much, it’s easy to attach the function to an innocuous looking link or image that baits users into tapping them.
And yet
(1) Firefox and Chrome has shipped with that ability for 10+ years on Android and the world hasn't ended
(2) PWAs are effectively apps. Native apps can do that those things so there's no difference in terms of risks. You could certainly make it so web pages can't but PWAs can.
Also, no, Safari PWAs do not do allow you to lock the screen orientation
"rotates" is not the same as "forces a rotation". If there's a PWA that forces landscape orientation in iOS, same as a native app, please post a link.
Maybe it is a tactical move to create a precedent were the EU tells Apple "in this case this is ok to require execution by safari"
Business is hard enough operating directly. Triple bank shots that require business and legal to coordinate are too complicated to attempt.
One of the most valuable tech giants in the world is definitely capable of a simple red herring like this. This is amateur stuff. Apple likely has contingencies and plans for almost every scenario and if we learned anything apple email leaks is that they are keen on following up on any sound strategies, even ones that involve "we can't talk about this on email".
They already did that with iMessages though.
The histrionical descriptions of other people's takes are like nails on chalkboard and kinda gross. (bloody murder?)
No one thought removing them in the EU was the first step to removing them everywhere.
Jen Simmons isn't a "rock star."
Hiring someone with a lot of Twitter followers to do something doesn't preclude the company from stopping doing something.
I think everyone over 30 in tech has seen that first hand. Couple right off the top of my head for Apple: Graeme Devine, Max Howell...
In general, it is important for discussions to have nuance. I'm sure you've seen some un-nuanced discussions that I haven't. However, escalating rhetoric to condemn lack of nuance in others rhetoric should be reconsidered.
Just shows the poster read the relevant threads on this very site.
Claiming that Apple is trying to “kill” PWAs is in and of itself histrionic. Especially when behavioral evidence that clearly points to the opposite is completely ignored and the bad faith intents are attributed wholly based on “vibes”. My categorizing that as screaming bloody murder isn’t an escalation in rhetoric[0] in the slightest.
Trying to diminish someone’s accomplishments and relevance within an industry by pretending they “just have a lot of Twitter followers” does nothing to refute my arguments. She’s one of 82 web developers with a Wiki bio and one of 177 programmers, that alone signifies notability.
Point is that that she’s a high profile programmer and web developer and those come at a premium. That, plus the significant efforts made in the last four years to not only support PWAs but also improve standards, runs counter to the notion that Apple has ill will towards PWAs.
While she has spearheaded a lot of the investment in PWAs, for the purposes of this debate I only brought her up to emphasize Apple’s investments in making improvements.
Even with Simmons out of the equation there’s still four years of significant engineering efforts to reconcile.
Nevertheless, it’s clear Apple hasn’t stopped their efforts on PWAs, given that the next Safari update will, again, include a slew of improvements to the benefit of PWAs as can be seen in the Safari Technology Preview release notes[1].
I’m amenable to debate this further, provided you put in some effort into make a credible case with substantiated arguments and you can keep the tone policing to yourself.
0: https://www.merriam-webster.com/dictionary/scream%20bloody%2...
1: https://developer.apple.com/documentation/safari-technology-...
Gene Simmons however is a rock star.
If (as many people have suggested) Apple's intention in suddenly devoting significant resources into PWAs (after completely ignoring them for years) was to avoid app store regulation, it makes perfect sense that when they failed to stave off regulation in the EU Apple would no longer have a motivation for investing into them within the EU.
Additionally, even if Apple is still looking at PWAs as a way of staving off regulation in the EU, it still makes perfect sense that Apple is running a cost-benefit analysis on PWAs being open to other browsers. PWAs on iOS are significantly limited even after Apple's increase in support. Supporting PWAs just well enough to stave off regulation while keeping them locked down so that other browsers can not extend them or push capabilities further is entirely in Apple's interest.
----
My take is that Apple as a company would prefer not to be working on PWAs at all. But that's not really an option, because both the EU and the US are looking at regulating the app store. The next best option is to have PWAs be a serviceable but ultimately inferior option for offline-only and privacy-preserving apps (and in fact many of the APIs Apple supports are entirely unusable for offline-only apps, although to be fair that's probably more Google's fault than Apple's). Apple may very well have thought the option of a semi-supported but ultimately inferior, controlled PWA experience was off the table in the EU; or they thought that with the app store opening up they could get away with killing the platform for EU users entirely. In either case, they now seem to believe they can keep PWAs locked down to only support Safari capabilities. Maybe they're right, I'm sure Apple has more access to regulators to ask these questions than anyone else here does.
And so none of this is incompatible with the notion that Apple wants to kill PWAs. The idea that a company can completely ignore a technology for years and years and years, and then suddenly out of the blue as soon as regulation gets suggested start pouring resources into their browser and openly arguing in court, "see, you don't need to regulate us, we have a browser" -- and we're supposed to believe that this means that Apple is suddenly on board with the technology and that they don't have ulterior motives or that their motives wouldn't shift back if the threat of regulation went away.
That is just silly. Apple has had literal years to both clarify with regulators what the browser regulations would mean and to build APIs for PWAs that Microsoft and Google have been perfectly capable of creating. And in light of their last-minute scrambling, the most likely and reasonable interpretation is that Apple thought they could get away with killing off PWAs now that they were no longer useful for avoiding app store regulation, a bunch of people screamed about it, regulators reached out, and suddenly Apple had a (partial) change of heart.
Note, of course, Apple has no timeline or plans or announcements about when (or if) PWA APIs are going to stop being 1st-party privileged and exclusive to Safari, despite the fact that Apple has known that this regulation would be coming for multiple years. Which does seem to conflict a little bit with the narrative that Apple is all-aboard with PWAs as a technology and that they've been investing into them as a long-term strategy or commitment to the web, but what do I know?
---
But I really, genuinely do not see what the past 4 years prove other than that Apple's motivations about the web can change on a dime the moment that regulation enters the picture. And I think that's really revealing, and I think it says something about Apple's commitment to the web that it took the threat of regulation to make them care at all about the web as a platform, and I think it really says something about Apple's motivations that the moment that regulation went through anyway, Apple suddenly reverted back to its previous stance on PWAs and was comfortable throwing all of the PWA investment of the past 4 years out the window.
I very honestly do not understand how people can look at these series of events and say, "this proves that Apple cares about the web." We're looking at the same timeline, but it's like you're reading it in a different language than I am.
The DMA was passed many years ago (January 2022), before the cited investments in PWAs. So if Apple was acting to proactively stave off regulation, you have a big hole in your theory of causality.
The web is more than a Chromium app runtime. We are commenting on the web without any of the random features Chrome builds because they are strategically invested in ChromeOS, and their user data harvesting business model relies on more clients sharing more data with Chrome and Google. Apple’s interest in the web cannot be gauged by how much they support technology funded and evangelized by a bunch of current and ex-Googlers that has little to do with open exchange of information. Conflating it is a strange rhetorical trick.
I'm not sure I do? The DMA was passed in January 2022. In that entire span of time when Apple was actively arguing in court that PWAs were an alternative to the app store, at no point did they ever consider building out a proper security model for PWAs that didn't rely on the assumption that Safari would be the only supported browser.
You're saying that Apple learned about the DMA before they started looking at PWAs seriously, then we got to February 2024 and suddenly Apple was caught flat-footed about browser requirements? That doesn't make sense: either they knew about the DMA and their current lack of PWA security models are an active decision that purposefully complicated compliance with the DMA, or Apple somehow wasn't thinking about the DMA in which case it's kind of silly to say that it disproves anything about their apparent web strategies.
This is a situation where the excuse makes Apple seem more suspicious, not less. Apple knows in 2022 that the DMA is coming. In February 2024 out of the blue they announce that they're shutting down PWA support. If that's not strategic, it's at least wildly incompetent. And I don't think that Apple is wildly incompetent -- I think that announcement was strategic.
I'll also note that this is not a theory, Apple is actively arguing in the US that PWAs mean that it shouldn't be regulated. I don't really understand the contention here, the way I see it Apple is saying that PWAs are a proactive strategy to stave off regulation.
We can disagree about their motivations beyond that regulation, about whether they would consider dropping support in the absence of regulation, but it is just a fact that Apple started investing more heavily in Safari around the same time that regulation arguments started popping up in both Europe and the US, and it is just a fact that Apple has proactively put forward PWAs as an argument in court cases as to why it shouldn't be regulated.
Is it really that weird to connect those dots?
----
Apple's support and advocacy for PWAs is pathetic even ignoring Chrome's support. It's not like Chrome has good PWA support, the entire notifications API is obviously designed by an advertising company with zero real input from any stakeholders other than advertisers.
Ideally, investment from Apple into the PWA ecosystem would mean not leaving the entire PWA specification to be written entirely by an advertising company, it would mean proactively getting involved in the process. It would mean asking questions like, "aside from Google, who on earth does it benefit that notifications have to be triggered by a remote server and can't be scheduled locally?"
The state of PWAs is as much a story about the apathy of every other company besides Google as it is a story about Apple holding back on basic support for extremely needed features like reliable offline storage. I'm not giving Apple credit for sitting back and twiddling its thumbs while Google ruins the spec, and then turning around and saying, "you can't expect us to implement these features, the proposed specs are terrible."
Yeah, of course they're terrible, where were you while Google was ruining them? I'm surrounded by people arguing that Safari is some kind of final bastion against Chrome hegemony, but in practice Apple does nothing with that bastion. They let Google make all the decisions, and then use that as an excuse to offer middling browser support. I'm not giving them credit for that. I'm not talking about exposing web usb support, I'm talking about things like: is it possible build an alarm clock as a PWA?
I'm not asking Apple to bow to Google's every demand, I'm asking them to act like they're a stakeholder in the web and to give even one single damn about whether it's possible to build privacy-respecting offline webapps. Apple's apathy towards influencing or pushing the PWA web standards process in a productive direction is just as much a problem as their apathy towards supporting obviously beneficial capabilities like icon badges. Apple defers power to Google and then uses that as an excuse for further inaction.
Apple stated in their first statement regarding multiple engines support for PWAs, that it can be done, they just decided not to make it. Also, it’s an about 18 months old law. Not that they wouldn’t have time or resources for that matter. So there was clearly a purpose to kill PWAs on iOS, and it was clearly their decision according to them.
Another thing with EU, you can ask them. And normally, first, you ask them when something is questionable. This either didn’t happen, or Apple didn’t wait, or they already know what is the response. This was clearly a PR move.
So it’s totally understandable when people have problems with Apple, how they handled this.
Just like Apple's 3-months free trial for the Apple Music service, keeping the Webkit-only PWAs were going to be seen as anticompetitive by Apple's opponents.
Making the change early is a strategy to exploit Apple's opponents into loudly decrying how important and useful PWAs are - and that removing PWAs is the true, evil, anti-competitive strategy. (With all of their typical exaggeration, in reality we know PWAs are a limited-use feature.)
In short, Apple played the useful idiots into being their cheerleaders and provided Apple exactly what they needed to maintain this feature.
It didn't even take an "open letter" from "Taylor Swift" to "Tim Cook" this time.
tl,dr: Apple exploits anti-apple rhetoric to get their way, again.
Apple's investment into PWA support can charitably be characterised as "begrudging". You don't need to defend this company. They have been behaving badly for a long time.
From the bottom of OP:
Significant investment... For apple or app store profits it's just a rounding error ( to put things in perspective).
What is the end result?
I doubt there was back-channeling - Apple is seeing how liberally they can interpret this act. They tried doing the same thing when they threatened to use MFi on USB-C, up until an EU Comissioner threatened to boot them from the market. Plus, making per-company agreements would kinda render the entire "point" of the Digital Market Act moot.
Apple knows exactly what the DMA wants from them, they're just deathly terrified of handing it over.
I think terrified is the wrong take here.
Apple could fully comply with the letter and spirit of the DMA and remain profitable in the EU, but they would be less profitable. They probably have a very good estimate of how much less profitable, and they're doing their best to minimize the impact.
The fear of low-profitability is what drives that behavior, though. You're right that the DMA/DSA threatens Apple's bottom line, but as long as Apple continues to sell iPhone hardware in Europe then they should be turning a profit on hardware margins alone. Apple wants the control at any cost, and it's going to encourage more countries to draft even stronger legislation.
I'm surprised the EU appears to be letting them get away with charging a fee for apps installed outside the app store.
Most companies e.g. Unreal charge a fee for using their SDKs.
The idea that you would be forced to give it away for nothing would be a pretty extraordinary and unworkable intervention in the market.
The fee kills any real world possibility of an OSS App Store though.
1 million downloads for an app sounds like a lot for a paid app.
But on the desktop, popular OSS software packages do those kind of numbers in well under a year. There's no reason to believe OSS mobile apps on iPhone would be any different.
Non-profit organisations are exempt from the core technology fee.
Cool, that might make it workable then. :)
They can charge licensing fees for their SDKs, but the "core technology fee" is not structured that way. As currently structured, it would apply even to an app written from scratch in ARM assembly language (not that a reasonable person would build an iPhone app that way).
CLI apps are not supported on iOS.
So at some point you have to interact with Apple SDKs.
Making system/library calls to display something on the screen does not necessarily require the use of an SDK either; it might require quite a bit of reverse engineering work. As far as I understand copyright, that doesn't involve copying/distributing the library code and wouldn't be legally encumbered unless there's a patent covering it.
Unreal is a game engine, iOS is an operating system.
In almost every other case application software is not considered to be a derivative work of the operating system it runs on. If this wasn't the case, then Apple could have easily sued Cydia and AltStore for offering the equivalent of iOS fanfiction. Hell, even the Copyright Office was perfectly fine with adding a DMCA 1201 exemption for jailbreaking iPhones to install non-Apple software on them - and they're extremely tightfisted with those.
The reasons why this is different is very simple: you don't distribute Apple's SDK along with your application, but you do distribute Unreal's. The user got access to Apple's code when they bought their iPhone, you have to give them Unreal Engine, so you need a license for that.
They haven't hit the deadline yet, lobby your national and EU representatives if you want rid of this.
The DMA goes into force only tomorrow. We will see if they will get away. I guess they will get bonked, because they apply more favourable conditions for their own App Store. They might get away if they would charge the fee for all Developers, but the Bullshit with "staying inside the old conditions" will surely get them into trouble
Are you sure about that? Seems like a pretty bold statement where you would have to have some kind of inside information.
I don't have anything to substantiate this but I would like to believe that Apple still has the best interest of it's customers and security in mind when fighting these kinds of legislation. I switched from Android to Apple BECAUSE of those restrictions and the improved security the walled garden model provides. The other reason was the middle finger Apple gave to the cell providers about applying firmware updates to their phones. When I was using Android it was maddening to wait months for an update to be 'approved' and able to install. That led me to rooting and installing firmware that was outside of the manufactures control and who knows what might have been in that.
So for me everything that Apple does to keep a walled garden is what actually keeps me as a customer and helps their bottom line.
Certain as I can be, without having seen the cards. Apple is a company about margins; you see it in their hardware profitability, but also in Tim Cook's service initiative. They fought Dutch regulators over this for months preceding the regulation, and it's not a stretch to say the DMA and DSA is a direct legislative response to Apple's wanton behavior.
Apple can move literal mountains, when it aligns with their incentive of increasing profit margins. Anything that falls outside that purview ends up sidelined or worse-yet, lobbied against.
That's great, and Apple has every right to provide you a differentiated experience. I've been a historical Apple customer, and I still keep a Magic Trackpad around because it's mostly quite good.
But you and I aren't entitled to a sustained monopoly because it benefits us. Happy IE users or Bell Telephone customers aren't an argument against antitrust action, and it's ultimately entirely tangential to how legal they are.
Consider how Apple behaves in hardware, sponsoring dubious Chinese labor to make shareholders happy. They set industry-leading profit margins by sparing no expense in their exploitation of labor and parts manufacturing. Is it legal? They say so. But of course Apple would, and they have no incentive to ever stop the squeeze if shareholders cheer them on. They will behave just as insidiously with software, and if you do not treat their every action with that scrutiny then you'll pave the road to hell with good intentions.
I want businesses to be good people. I want God to run a killer froyo stand. But men are fickle, and Apple has been a swindling bastard of a company ever since Jobs cheated Woz out of $4,500 over an Atari contract.
Does 20.1 percent market share constitute a monopoly?(2023 Forbes) Seems like people have plenty of choices of what kind of cell phone to purchase.
Is that not what the free market does? When companies make poor choices customers punish them. (Budweiser 2023)
The issue isn't the size of Apple's market share, it's the tying between their hardware, the OS software, and app store, such that if you choose to buy their phone, you also are locked into their app store.
Apple is not subject to market forces because Apple is not a capitalist entity, it is a feudalist one. It is not a merchant buying metal and glass to turn into phones, it is a feudal lord that has put a gate on the river that anyone passing buy has to pay 30% in order to open.
Other than desktop computing, this describes nearly everything sold to consumers. For people in the Hacker News audience, desktop computing would feel like a gargantuan exception, but for most other people it isn't. Android is a partial exception, but one gets the sense from Google's recent behaviour that openness is an unwelcome vestige of its open source beginnings.
It's not an exception. Binary distribution is the norm - Apple founded their business on that norm, found success in it, fostered it and continues to support it on MacOS. The App Store style of distribution is not a replacement for it, especially when the escape hatches for developers cost an annual fee and still has limitations. If it takes legislation to change that, so be it. This is not the future for computing that anyone wanted.
If there's a good reason iOS can't run third-party software, now's the time to fix it. Otherwise, Apple might have to find a new economic zone to invest in.
Depends how it's used. Wabash v. Illinois set the precedent that a far-minority can be a monopoly if they block a government-designated common carrier. Europe's DMA doesn't even mention monopolies at all, and instead sets a new compliance bar for large tech-related companies. Japan's legislation is headed in the same direction.
Seems entirely feasible to me that the App Store or Safari policies could be seen as obstruction of a common service. Apple's de-facto tax hasn't been explicitly blocked in the US yet, but it also has never been explicitly sanctioned. Without guidelines like the DMA in place, Apple is flying blind against US regulators. Microsoft got trapped deep in that hall of mirrors, and nearly paid the ultimate price.
The free market is supplanted by a government that ensures that only a non-lethal portion of rat feces is processed into your container of SPAM or McDonalds meal. They prevent you from exposure to what businesses call, "profit maximization".
If you have a good government, they treat you a little better. They punish the companies that violate consumer rights and scrutinize anticompetitive behavior when it shows up. The free market chooses between regulated competitors; if you think that's unfair, you can move to a country without the rat-feces regulators and see how your breakfast tastes over there. Then we can all be happy.
Your evidence is proof to the contrary of your claim. Budweiser wasn't "punished" for making an anticompetitive move, they were boycott because insecure Budweiser customers had a slow news cycle. If Apple had customers protesting for the same reasons, they'd never even know.
"Poor choices" notwithstanding, Apple customers couldn't be assed if they were angry. Suicide nets go up at Foxconn and the harshest words HN or MacRumors can muster is 'poor choice of manufacturing partner'. Conscientious startups and their Macbooks, nary separated any easier than protesting trailer parks and Budweiser.
Yeah, who knows what's inside of OpenSource Firmware like LineageOS. It's a huge mystery
Also I never needed to wait for a carrier to approve an Update for my Android Phone. Neither for my Pixel, Nexus or Samsung Galaxy ones.
And beside the "strict" controls, malicious Apps got in the App Store, and the iPhones themselves also pwned.
Are there other Apple Fanboy Horror Stories about Android that you've missed?
It does not seem to me that anything about the DMA will make it difficult for people who prefer to stay inside Apple's walled garden to do so. Most Android users only install apps from the Play Store and use Chrome as their browser.
Except this never happened.
And it doesn't even make any sense because MFi is when there is proprietary Apple technology involved which isn't the case for USB-C nor 3.5mm, Bluetooth etc.
You need MFI to use Bluetooth unless it’s audio through the system UI or BTLE
Bluetooth is not part of MFI for any of the standard profiles.
https://mfi.apple.com/en/faqs
There is no evidence that Apple ever planned to introduce a MFi system with USB-C. What likely happened is that leakers misinterpreted the USB-C E-Marker as a MFi chip.
Or that Apple was considering a "made for iPhone" certification program to allow manufacturers of USB-C devices to certify that they'll work with iOS devices -- which would be a perfectly reasonable thing for them to have! -- and misinterpreted that as meaning that Apple intended to implement a restrictive device authorization scheme like they had for Lightning devices.
(Just because newer iOS devices have a USB-C port doesn't mean that all USB-C devices will work with them! Devices still require drivers; if iOS doesn't know how to handle a device, it won't work.)
No, DMA wording made it very clear that it's about web browser engine.
And they cannot make self-preferencing on their products.
And Safari has been explicitly designated as a separate core platform service. There's no room for this kind of interpretation in the view of enforcement entity. Apple is just trying to buy time by pretending ignorance.
It’s more subtle than that. If Apple uses WebKit within one of their built-in apps or OS components, let’s say in their Weather app or some Apple Pay dialog, there surely is no requirement that this has to be replaceable by Chromium or Gecko. Similarly, the PWA runtime environment may not necessarily count as a “web browser engine”, since they aren’t used to browse the web. It remains to be seen how this will be judged by the EU institutions.
It's because those apps are not core platform service. Safari and iOS both are core platform services, which are explicitly designated as a target of this regulation. Go read the actual wording and have some understanding before making this kind of assumption.
When you open a PWA, Safari does not appear. The argument can be made that this is not Safari, but a PWA runtime environment that happens to use WebKit internally. Basically, the PWA is it’s own separate app (i.e. not Safari) that is being run by iOS with the help of WebKit, similar to how other OS features also use WebKit internally. It is not clear at all that this would fall under the category “web browser engine” of the DMA, since using a PWA does not constitute browsing the web.
As for your argument about core platform services, the app store is a core platform service and (I’m pretty sure) uses WebKit internally, at least for some of its pages in login and payment flows, and similar for various iCloud-related functions accessible from Settings.
I’ve read the DMA, you don’t have to be condescending.
This is a silly and thin technicality, and not at all the same as what people are mad about. Nobody cares that WebKit is used to render certain windows on iOS and MacOS - it's Apple's choice to implement first-party programs that way. They can defend their usage of it internally, the problem is the limitations they impose on competitors.
You're certainly taking some elements in liberty. It remains unclear how defining WebKit as a "PWA runtime environment" exempts it from the terms of the DMA or DSA.
Sorry, but at this point it’s you who have to provide a compelling explanation of how the way iOS runs PWAs constitutes a use of Safari, or of web browsing.
Just to be clear, I’m absolutely in favor of having a free choice of PWA engines, I just don’t see this being implied by the DMA and the present gatekeeper designations. The question really is how a PWA runtime environment differs in principle from the regular iOS app runtime environment, which the DMA also doesn’t mandate to be replaceable.
Oh, this is easy.
First-party software is distributed by Apple. They choose how that software is presented because they are the operator of the software.
PWAs and websites are distributed by third-parties. They are websites, not curated by Apple, that load in your browser. It's only after you use your browser's "PWA" function (something everyone should have) that we change into this "WebView" scenario. It's arbitary, and not at all the same as Apple rendering Apple Music or Settings using WebKit.
A PWA is packaged by the user. If Apple's "solution" is forcing all apps to display PWAs in a Safari WebView, then yes, the DMA will target it as a core service. I don't see why the EU would roll over when they made specific carveouts for browser control in the DMA.
I'm not sure if you've only read some digests but not the full text including other supporting materials (it matters since this defines how the laws will be applied) since all you mentioned are already addressed in the designation decision doc. To be specific, in DMA.100027, EU clearly stated that it doesn't matter whether it's embedded in other apps or standalone:
If you've seriously worked on hashing out all the details of CPS and clearing up the ambiguities, you cannot be unaware of this decision since this will impact everything on your daily works. Yeah I did that because the precise definition of CPS was critical for my work in the last year.EU is not that dumb, to my understanding they've been pretty serious in respecting the spirit of this specific legislation. You cannot say that some part of it can be simply opted out by adjusting the definition of your product. What they care about is how business is done and make the market control out of it.
This is in fact how PWAs work on iOS. They do not run in Safari at all, but in a special runtime called Web.app, which is coded to use WebKit. Safari doesn’t have the ability to do the things the PWA runtime can do. Letting other browsers “run PWAs” would not be a matter of exposing an existing private API, it would require creating a a brand new plugin API for Web.app that would allow inserting other browser engines into it.
Surely the distinction is about the existence of a market. There is a market for competing browsers from different vendors which do compatible/interchangeable things that might be selected by different consumers for different reasons. The technical definition isn't the important bit, the regulation exists to preserve that interplay between consumer choice and market innovation.
There is no such consumer-driven market for in-app UI libraries, be they WebKit-based or not. The "consumers" in such a market would be the app vendors, and in fact this is an area well-served by existing products from competing vendors. That's clearly not what the DMA is trying to regulate.
You’re misreading pretty much everything you’ve quoted from the DMA.
You follow this up by quoting a clause that manages core platform services.
What it says is:
A good example where this is applicable is the App Store, which is designated as a core platform service. PWAs aren’t designated as core platform service and there’s also an argument to be made that web developers aren’t considered “third party devs” (or as the DMA calls them “business users” due to a lack of agreement between Apple and them.
Same here. This one is even narrower because it’s only limited to preferential treatment in the sense of “ranking and related indexing and crawling”
This applies to ranking apps in the App Store. It has no bearing whatsoever on PWAs unless somehow Apple starts ranking PWAs in a list and then chooses to rank their own PWAs higher.
The other one is also much narrower than you’re reading it.
This mainly pertains to setting default apps and switching default apps. This tangentially relates to PWAs, but installed PWAs are technically not run in Safari and instead in their own app that uses WebKit under the hood, so it’s not so clear if this would apply to PWAs.
I can’t distill a lifetime worth of legal experience into a tangible piece of evidence nor are there readily available authoritative sources on compliance with government regulation narrow and simple enough that I can just present them without much worry of you understanding them, especially since you’re already struggling with, what is considered in European legal standards, rather straightforward legal text.
So all I have is a trust me bro, and perhaps an appeal to common sense: Apple’s lawyers didn’t just wake up today and said to themselves “You know what, we were too cautious with interpreting the DMA a couple of weeks ago, I’m sure it’ll be fine if we keep PWA installs without implementing a way for other browsers to install them as well”, much less a variation in which they are trying to buy time by feigning ignorance.
We already know that the EU reached out to Apple about disabling PWA installs. So with that in mind, do you think the lawyers woke up one day and said “fuck it” or do you think it’s more likely the lawyers gave the go ahead after the EU told them that PWA installs as implemented in iOS are beyond the scope of the DMA?
The core platform service in this case would be iOS itself.
Also, nowhere in the DMA does it say that there must be a contractual relationship between an entity and the gatekeeper in order for the former to be considered a business user. Windows is a designated CPS under the DMA and no contract with MS is required in order for you to make, distribute, and have your users run your software on their Windows PCs.
They were basically negotiating in public. I think the EC probably realized that the DMA as currently written is flawed and producing outcomes they don't want, and this episode basically highlighted it to them. They probably told Apple there won't be any enforcement against only Safari having it, because the alternative is worse. A basic principle is that you are very unlikely to compel Apple to engineer anything unless they choose to, and you would most likely lose in the EU courts if you tried to. Any regulation that doesn't factor that in is going to be doomed to fail.
That sounds a bit like "Apple is beyond the law/regulations, regulators better accept that and move on" – is that what you mean?
It worked just fine for USB-C, fwiw.
There's a big difference between those cases. In the USB-C case there was no room for argument. It was either include the new port, or stop selling the iPhone.
In this case, they could just remove entire features and have the public do their lobbying for them.
It shouldn't be too hard to make the case for that being malicious compliance, though. It seems to have worked in this particular case, for example: People called Apple's bluff.
Malicious compliance and "spirit of the law" aren't real things when it comes to the legal system. You either comply with the law or you don't. And courts will ultimately decide if Apple's interpretation of the DMA complies or not.
They are, in Europe. We don't really like companies not following the spirit of the law. Companies usually learn via fines. Luckily for us, Apple is a slow learner.
Why is that lucky for us? We want them to comply to the DMA. The fines are a drop in the bucket.
It’s lucky because to a lot of android fans it isn’t really about consumer outcomes, it’s about finally legislating a solution to the android-iOS war.
If you can’t win in the marketplace of ideas, just ban walled gardens entirely. Flip the table and ban your competitors’ business model, bioshock style.
Now of course, since obviously most android fans aren’t actually owners of a major company… they aren’t really “your competitor” unless you’re parasocially attached… this is a rather obvious commentary on the degree of parasocial attachment that so many people seem to have towards android and against apple… but here we are.
https://paulgraham.com/fh.html
In short: Freudian slip. They said the quiet part out loud. Hurting apple is the goal here.
Spirit of the law is literally a thing and EU courts interpret in line with it. Each and every EU directive has first lines state the spirit.
Malicious compliance is totally a thing in this specific case and is expected to happen. The act itself is written in a very pointed way so to say.
To make matters worse, the executive is given powers to tell Apple what exactly they need do to comply if they start funny business.
Companies are compelled to develop features all the time. Mostly so far in the EU these features have been around accessibility, safety, and crime prevention, but there’s an awful lot of precedent for companies being required to develop something specific in order to be able to sell their product in the EU.
Companies comply with those regulations because, on balance, the incentives still make it logical to. That doesn't mean an unbalanced regulation that misunderstands the target's incentives would result in the outcome the regulator wants.
The law requires Apple to open up iOS to 3rd-party browser engines and that Apple can't self-preference their own browser. This would mean that Apple has to open up anything that Safari can do (like run PWAs).
I don't believe for a minute that the EU is OK with the WebKit restriction here, they simply haven't responded: https://news.ycombinator.com/item?id=39565553
Are PWAs browsers?
They're pretty much just shortcuts/bookmarks to a browser window yes. If I "install" a PWA from Firefox I expect it to open in Firefox. I would be very surprised if I ended up in Safari instead.
What happens to those PWAs when you uninstall Firefox?
yeah, it should just open up in the default browser setting within the OS. having to create a shortcut based on which browser would be ridiculous. must like the post you were replying to was a ridiculously proposed comment.
Depends how you look at it, Chromecast is only available from Chrome. If I want a specific page to open in Chrome because I use it mainly to cast videos should I have to switch my main browser to Chrome?
Probably not how it works today and my initial comment didn't imply always open in Firefox even if not default browser, but thinking about it maybe that's how it should work, or the option to choose should be available?
We just don't know that at this point.
For all we know, the EU might be considering PWAs a thing completely orthogonal to DMA compliance, since they neither provide feature parity with native apps, nor are they widely used (at least according to Apple's measurements).
I think it would be just as valid a viewpoint to consider them an OS feature (as opposed to a browser feature). The question then is whether that OS feature would be considered protected under the DMA.
For example, it's also impossible to provide your own kernel extensions (e.g. to facilitate hardware device drivers) for iOS – but that's completely fine (as far as I understand) under the DMA, since it's not one of the covered areas like app stores, NFC payments etc.
I'm not very certain of the last point, FWIW – maybe the DMA does actually require Apple to provide, on demand, access to hardware interfaces available to their own product offerings! For example, wireless (Qi) outbound charging is supported by recent iPhones, but only works with Apple's own Magsafe power bank, and other power banks can only do inbound wireless charging and need to be charged via USB – maybe that's actually noncompliant too? That would likely kill, or at least strongly impact, Apple's MFI program in the EU – or maybe just expand it to cover all first-party hardware interfaces too?
DMA wording made it very clear that it's about browser engine, not the browser product. And Safari is designated as a core platform service.
Yes, but nowhere does it say explicitly that that third-party browser engine has to also be capable of hosting PWAs. It's definitely a possible read of the DMA, but not the only plausible one, in my view.
It does:
Clause 7 Article 6 of the DMA states:
Hopefully they'll respond with huge fines.
No back channeling is required. It's literally written in the law that you can go ahead and ask if you're unsure: https://ia.net/topics/unraveling-the-digital-markets-act Scroll to Law: Ask us if you find issues
That's not true. The section the blog post is quoting is saying that the EC can ask another regulatory body to make a decision specifically on whether the technical implementation of interoperability requirements is sufficient.
So it's only about a very thin slice of the DMA to start with, and a slice that's not the part that Apple was intending to violate when removing PWAs, but it's also not a process that Apple could trigger or even be a party of.
As far as I know, nothing in the regulation suggests that gatekeepers can get their compliance plans pre-approved or pre-rejected.
That's the beauty of reading: you can read more than just the quote, and read the paragraph immediately after. Or the referenced section in the law: https://news.ycombinator.com/item?id=39565987
65 allows asking the EC for clarifications. But that process would (very explicitly) need to be public and allow input from third parties, there's no process for private feedback. In addition to that, the EC might choose to ignore the clarification requests entirely, and whatever decisions they do give are not binding.
It's certain that Apple does not have any kind of back channel approval for keeping PWAs Safari-only. That is not a possibility within the regulatory framework.
Apple didn't have to ask though, they fully knew they were breaking the law here. They are only backing down because of the pressure from the web community and from the DMA team starting an investigation.
They knew they were breaking the law in their lack if browser choice.
The PWA issue is a completely different one.
Although what I assume is they floated removing PWAs to see if that would get users / communities on their side.
It might have worked if PWA support was first class rather than half abandoned.
The DMA plainly states that they have to give other browser vendors access to all features present on device, and that they cannot degrade the quality of their services.
Removing PWA support goes against both these obligations.
Nope, that’s not what iA says, and it would be a gross misrepresentation of the DMA to be honest.
The section they’re referring to is clause 64 in the lead of the DMA[0] and it is not only limited to cases of interoperability, unlike what iA implies it doesn’t follow with a suggestion that gatekeepers can just ask if they’re unsure. Instead it states:
That’s why one of the main criticisms of the DMA is that gatekeepers generally can’t present proposals for approval and have to wait until after implementing to see if it is to the EC’s liking.
That said, the EU has inquired about the PWA stuff[1] and it seems that the outcome of that has been that Home Screen install doesn’t need to be provided for other browsers. Allowing Apple to back down from their careful interpretation.
0: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELE...
1: https://9to5mac.com/2024/02/26/apple-blocking-web-apps/
64: says that gatekeepers should provide a reference of what they are intending to implement, and commission will say if it's in compliance
65: For anything more complex we can have an extended dialog
There’s always back channel that’s how these things always work. One team of lawyers hashing it out with another.
Does this mean that users will only be able to add the pwa from Safari or that when adding it from any browser it will always run with WebKit?
Great question. Orion is built on WebKit and works with firefox extensions (uBlock)
That works (I suspect) because they run them as JavaScript in a different browsing context and have implemented some of the WebExtension APIs themselves on the backend, e.g. HTTP request filtering (which is one of uBlock's primary functions).
That's a nifty workaround but not ideal, since it's not possible to actually provide all WebExtension APIs that way.
Presumably that you can only add the PWA from Safari, because there does not exist any API to add a PWA from a third-party app.
Yes there does, other browsers already use it.
Other browsers can already add PWAs. Presumably they'd just continue using WebKit to matter what engine the browser in question uses.
The final authority lies with the courts. If any of the third-party browser providers sue for being disadvantaged by PWAs being restricted to WebKit, no previous “back-channeling” with the Commission will have any bearing on the judgment. And the Commission knows this, so is unlikely to engage in that manner.
What you said is true but not to the extent that you might think if you are used to the legal systems of countries like the USA or UK.
Since Brexit, almost all EU member countries follow the civil law system (the only member country following common law that I can think of is Ireland, not sure if there are others). https://en.wikipedia.org/wiki/List_of_national_legal_systems
Additionally, there is no official doctrine of precedent in EU Law per se https://academic.oup.com/book/32630/chapter-abstract/2705268...
TL;DR - the authority of the courts in Europe is not the same as in USA or in the Commonwealth countries.
The authority of the courts is the same, it's precedent which has less relevance in civil law systems
Setting the agenda matters. This drama probably made more people and businesses aware of the DMA and may influence the focus of some participants. For example, there's an "Apple DMA compliance workshop" in two weeks, to which interested stakeholders can register: https://digital-markets-act.ec.europa.eu/events-poolpage/app...
On android PWA home shortcut create by one browser, will use that browser, regardless of default browser. I don't see why Apple couldn't do the same.
Apple provided theirs reasoning on this (security issues due to how iOS is currently written...) when they initially stated they would be removing them and said the work was'nt worth the tiny base of users who use it.
Only technical reasons. When PWA’s were introduced in iOS 11, they were built with the assumption of WebKit as a privileged process. A re-arch is definitely doable, just a big expense for little return. And probably not feasible in just a year, can’t imagine it would be a top priority against all of the other work.
Who else even does PWAs? Firefox removed them which leaves chrome, edge, and now maybe safari.
Firefox still supports them on Android, and macOS just introduced them (last year IIRC). In other words, every major OS has at least one implementation!
I think nobody in the EU can make such assurances. It's a law, and courts will decide if apple is following them.
The European Commission announced a few days ago that they will look into the decision of apple to remove PWAs, so they more or less announced they are trying to fine them because of it.
Which means that completely removing PWAs could be the more risky choice instead of keeping them Safari-only. Completely removing PWAs already started an investigation. Keeping them Safari-only might not start an investigation at all, so it might be the lower risk.
After all I think Android also has a Chrome-only implementation for PWAs, exactly like Windows, that runs PWAs on Edge. Also back in the days when Microsoft had to give users a choice to use another browser than Internet Explorer it was also not possible to exchange Internet Explorer as the engine for many system services that used the system web view component. I think it's still the case with the current Windiws WebView2 based on Edge.
This is not true for Android. I am using PWA's with Brave (the PWA does get a tiny brave-icon badge overlaid on the corner of the app icon).
I hope that the UK CMA enforcement action will smack Apple over the head for this one.
...to what end? Removal of the feature from iOS in the UK?
Devil's advocate: having a stable (maybe too stable) runtime for all iOS PWAs might actually be a benefit. Native apps, for instance, don't have to worry about rendering issues in various "viewers." This actually brings PWAs closer to the world of native apps, which I believe is what users would prefer.
That said, I literally did a jump for joy when the DMA news broke. (Then of course, I did scream bloody murder reading the details on PWAs.)
There's no such thing as an iOS-only PWA. You need to test with other browser engines regardless because other kinds of devices still exist.