The question is about the level of entitlements alternate app stores have and whether Apple has any oversight of those entitlements. If the EU decides anyone can make an App Store and Apple has no say, then iOS would need to trust the entitlements (and signature chain) from those alternate stores. If the alternate store allows entitlements to suck up user data with no say from Apple, then the mechanisms to prevent access to that data are toothless on the device. ACLs aren't effective without controlling the underlying authentication mechanism.

Things like accessing the address book and photos are behind entitlements. If the app's entitlements (from the App Store) don't even permit usage the API will throw an error. A third party store that Apple has zero input on could just allow all API access with super loose entitlements.

If there's no control of who can start a store and Apple is forced to allow that, then it's trivial for big vendors like Meta but also vendors like Epic to start stores with zero access controls to data on the device.

It gets even worse with web views apps use. A web view has access to the unencrypted data that goes through the view. If Meta launches Meta Browser that backs web views inside apps they can see all the traffic from all third party apps.

If Apple puts additional protections at the OS level to gate access to sensitive data the same complaints will be leveled against them as today. By forcing consumer choices into the system the very likely end result will be less consumer privacy. If a person buys an iPhone that's an affirmative signal they trust Apple. If they then have to make additional choices about browsers and app stores they're not necessarily going to be able to make informed choices.

Access to sensitive data an features is gated behind entitlements and user permission. What any reasonable sandbox needs to do is make it difficult for an sandboxed app to tell whether it actually has a permission it has asked for or not by providing the user an option to provide scoped or fake data. Oh, Facebook won't run without me giving it access to my contacts? Ok, here you go, but gee, it looks like I don't have any contacts outside of the iPhone defaults.

I agree. No company can be trusted with such a great amount of user data. Our phones are with us 24/7 and some companies want to not only listen and track but also change our behavioral patterns to suit them. The store analogy doesn’t work anymore. It’s like a store manager is living in my room and looting my personal belongings for valuable things because I once glanced at their storefront. The amount of power these mega corporations gained over the last two decades must be curbed or else they will shape the fabric of our society in their own image.

Because, as has already been explained ad nauseam, Apple's control measures are partly technological and partly contractual. If Apple catches you tracking users after users opt out of tracking, Apple will de-list you from their store.

If Meta can simply set up a different storefront (or directly side load), they merely have to follow the EU laws (which are less restrictive than Apple's).

It seems broken if the following things are true at once:

1) we agree that it is good for society that Meta (or others) aren’t allowed to violate your privacy

2) those rules are enforced by a megacorp (like Apple) as part of an everything-bagel of rules that they also profit from (some % cut of app revenue)

If (1) is true then privacy rules should be enforced by governments, not by a megacorp everything bagel power grab.

If (2) were true alone but (1) wasn’t true then it would make Apple’s enforcement of those rules even more obviously bad.

Meta has already been forced to offer non-ad access to Facebook. I assume that is tied to a privacy guarantee (or it wouldn't make much sense - ads can be obnoxious but it is the unconsented surveillance that needs to be reigned in).