Parental Control App Developers Urge Apple to Make Screen Time APIs Available for Third-Party Apps

Wednesday May 1, 2019 2:45 pm PDT by Joe Rossignol
Last weekend, The New York Times reported that Apple has removed or restricted many of the most popular screen time and parental control apps on the App Store since launching its own Screen Time feature in iOS 12 last year, raising concerns over potentially anticompetitive behavior.


Apple was quick to respond. In both an email to a concerned customer and a press release, Apple indicated that it became aware over the last year that some parental control apps were using a technology called Mobile Device Management or "MDM" that puts users' privacy and security at risk.

MDM technology is intended for enterprise users to manage their company-owned devices, and Apple says the use of MDM by consumer-focused apps carries privacy and security concerns that resulted in Apple addressing the situation in its ‌App Store‌ review guidelines in mid-2017.

"Contrary to what The New York Times reported over the weekend, this isn't a matter of competition," wrote Apple. "It's a matter of security."

Apple added that when it found out about these ‌App Store‌ guideline violations, it communicated with the necessary developers, giving them 30 days to submit an updated app to avoid being removed from the ‌App Store‌.

In the days since, a handful of developers behind parental control apps including Qustodio, Kidslox, OurPact, and Mobicip have responded to Apple's press release with open letters, calling for the company to make the APIs behind its Screen Time feature available to the public for use in third-party apps.

Eduardo Cru, co-founder of Qustodio:
If safety is such a great concern to Apple, why not share the APIs used in Apple's own Screen Time competitive service and instantly make the environment safer and open for everyone?
Viktor Yevpak, co-founder of Kidslox:
Ultimately, making the "Screen Time" API's public is the solution to this issue which would truly prove Apple's commitment to the safety and welfare of children. This would allow 3rd party developers like us to create effective products that give users genuine choices, while also complying with Apple's self-set standards.
OurPact:
If Apple truly believes that parents should have tools to manage their children's device usage, and are committed to providing a competitive, innovative app ecosystem, then they will also provide open API's for developers to utilize. Now, more than ever, the focus should be on building better and more diverse solutions for families to choose from.
Suren Ramasubbu, co-founder of Mobicip:
Knowing that parental controls apps using MDM have been around for years, wouldn't it have been a better option for Apple to support an officially supported API before pulling the plug?
Tony Fadell, a senior executive at Apple in the 2000s, agrees that Apple should create and provide developers with APIs for Screen Time.


The developers also refute parts of Apple's press release, with OurPact claiming that its parental control app for children was removed from the ‌App Store‌ on October 6, 2018 without any prior communication from Apple, just three weeks after iOS 12 was publicly released with Screen Time.

Three out of four of the developers add that Apple was slow to respond and did not provide any resolution for the sudden guideline violations.

While Apple is firm in stating that competition did not play a role in its crackdown on these apps, the timing is certainly curious. Many of the removals occurred shortly after Apple rolled out its Screen Time feature in iOS 12 last September, despite several of these apps having used MDM for a number of years.

At face value, public APIs for Screen Time does appear like a viable solution for both the privacy and security of users and ensuring a competitive landscape on the ‌App Store‌. Whether that happens remains to be seen.

Tag: Screen Time
[ 108 comments ]

Top Rated Comments

(View all)

Avatar
Heineken
10 months ago
As a parent, I don't give smartphones and tablets to my little kids. That's parental control in action.
Rating: 20 Votes
Avatar
cdavis11
10 months ago
As a parent of 2 kids who uses OurPact, I sure hope they get this resolved.

OurPact has been the gold standard for parental control for some time. The interface is Apple simple and intuitive...though the setup process isn't. But to be fair - has anyone taken a look at what it *really* takes to lock down a kids phone using screen time and parental controls from Apple? It's a heck of a slog to get it all set up...and you pretty much have to have the device in hand to make changes.

Nice thing about OurPact is that I can make changes in allowed apps, grant and block use any time from my device...theirs could be a continent away.

My wife and I both use OurPact and have for quite a while now, it gives us a good level of comfort that our kids are safe on the internet (safari is blocked!) and the "just one more thing..." in minecraft has been cut to nothing..when time is up, it's up.

I realize you can do similar/the same things in the Apple controls, but OurPact is popular for a reason...it's easy to use and does what it says.
Rating: 15 Votes
Avatar
realtuner
10 months ago
So, they want Apple to create APIs that give developers unprecedented access to a users device and how they use it?

Not gonna happen. Apple doesn’t even give developers access to your phone call log or text messages, and they think Apple will allow this?
Rating: 14 Votes
Avatar
Baymowe335
10 months ago
Apple can do whatever they want in terms of making screen time available for third parties.
Rating: 9 Votes
Avatar
realtuner
10 months ago

Providing an API doesn't automatically grant "unprecedented developers access to a users device".
An API gives an app the ability to control certain functions of the device. Apple can write the API to prevent usage data from going to an unauthorized device (Developer).

Screentime collects the child's usage data and provide it to an authorized device (parent's device in this case). That is a transfer between authorized/authenticated devices.


I know what an API does.

MDM gives developers "unprecedented access". These developers were using MDM. Do you think they'll be happy with restricted APIs from Apple that offer a very limited subset of what they were used to getting before?

For example, I mentioned the phone log or text messages. Apple doesn't allow developers access to these areas because of the potential for abuse. One of the selling features of Qustodio (one of the companies who filed a complaint with the EU) is the ability to monitor calls and messages. That ability will never exist for developers.
Rating: 9 Votes
Avatar
BootsWalking
10 months ago

Apple can do whatever they want in terms of making screen time available for third parties.


And people can do whatever they want to respond to Apple's self-selfing business practices, such as buying 30% fewer iPhones vs last year.
Rating: 8 Votes
Avatar
az431
10 months ago

And people can do whatever they want to respond to Apple's self-selfing business practices, such as buying 30% fewer iPhones vs last year.


There's that garbage 30% number again, made up by some research company with zero access to any actual data, and plainly wrong given that Apple announced a 17% drop in iPhone revenue.

Not to mention that you conveniently overlook increases in just about every other product and service, to justify your ridiculous position that people are not buying iPhones because they don't like policies like removing screen time apps.

The more likely reason is that China's economy is in the toilet, the exchange rate is less favorable compare to last year, and Huwaei offers a compelling alternative at a time when people there are under financial pressure.

But feel free to ignore reality to perpetuate your fantasy that people are exacting revenge on Apple by buying 30% less iPhones than last year.
Rating: 5 Votes
Avatar
paulcons
10 months ago
Does nobody see the hypocrisy here? Cupertino CREATES that MDM API in the first place... why, to allow companies to keep uber tight control over their employees phones. Suppose because the company actually buys those phones. So they are saying that human beings have NO RIGHT TO PRIVACY when they use a company supplied phone. So some devs realize that using this stuff CAN give parents good access to restricting what their kids are doing at the same time they are buying said kids these kinds of mobile devices. So then they close these guys down, shouting about privacy concerns?? Excuse me, we are talking about parents of little Johnny & Janet, 8 and 11 years old. So it's OK to violate grown folks privacy, but not children's? I am not buying any of this crap, it's all about the only app doing this belongs to them in the first place.
Rating: 5 Votes
Avatar
realtuner
10 months ago

Apple finds it very hard to give up control. It is both a strength and a weakness.


I just find Apple very methodical (and slow). It's not so much giving up control as it is granting access while maintaining security/privacy. Apple often adds a new feature with limited support at the beginning and then opens up to add additional features later on (look at NFC, which only worked with Apple Pay at the beginning).
Rating: 4 Votes
Avatar
jonblatho
10 months ago
It's not rocket science to see that Apple will never do this.

Back in iOS 9.0, Apple made an important (and breaking) change to UIApplication.canOpenURL(...) ('https://developer.apple.com/documentation/uikit/uiapplication/1622952-canopenurl'), which an app can use to tell whether it can open a URL (namely apps' custom URI schemes such as twitter://). Now, apps must include when they submit to the App Store a list of schemes they intend to query using that method, and Apple can accept or reject based on that.

It was a difficult change but one that Apple viewed as necessary because apps were abusing this functionality to identify other apps installed on the device. If an app can open URLs beginning with twitter://, then the device has the Twitter app installed. Rinse and repeat for dozens or even hundreds of apps. This data was a goldmine for advertisers. Instead, Apple pushed developers to deep linking, which are regular HTTP(S) URLs which can be opened directly inside apps. Other apps cannot query them to see if the relevant app is installed.

If that previous example didn't make it obvious, app usage data is highly desirable to developers and, even when the data is collected with pure intent, can reveal deeply private information. There came a point where Apple found it more important to introduce that breaking change to canOpenURL in order to protect privacy than to keep it for the (vast majority of) developers who were using it as intended.

So, these developers want Apple to open up data not just on what apps are installed, but when people are using them and how long people are spending in them, requisite for any Screen Time-esque functionality outside Screen Time. This information is far more sensitive than the mere list of apps developers were surreptitiously gleaning before iOS 9! No chance Apple makes it freely available.
Rating: 4 Votes

[ Read All Comments ]