daring-rss

Adam Mosseri, on Threads, with the other big news of the day:

Second, threads posted by me and a few members of the Threads team
will be available on other fediverse platforms like Mastodon
starting this week. This test is a small but meaningful step
towards making Threads interoperable with other apps using
ActivityPub — we’re committed to doing this so that people can
find community and engage with the content most relevant to them,
no matter what app they use.

And behold, you can now follow @mosseri@threads.net from any Mastodon instance who administrators haven’t chosen to preemptively block Threads. When Threads launched this summer, with the stated intention of federating via ActivityPub, there were a lot of naysayers who thought it would never happen. But here we are.

Johannes Ernst, on his blog:

I participated in a meeting titled “Meta’s Threads Interoperating
in the Fediverse Data Dialogue” at Meta in San Francisco
yesterday. It brought together a good number of Meta/Threads
people (across engineering, product, policy), some Fediverse
entrepreneurs like myself, some people who have been involved in
ActivityPub standardization, a good number of industry observers /
commentators, at least one journalist, and people from independent
organizations whose objective is to improve the state of the net.
Altogether about 30 people.

It was conducted under the Chatham House rule, so I am only
posting my impressions, and I don’t identify people and what
specific people said. […]

I came away convinced that the team working on Threads indeed
genuinely wants to make federation happen, and have it happen in a
“good” way. I did not get any sense whatsoever that any of the
people I interacted were executing any secret agenda, whether
embrace-and-extend, favoring Threads in some fashion or anything
like that. (Of course, that is a limited data point, but I thought
I convey it anyway.)

 ★ 

Adam Mosseri, on Threads, with the other big news of the day:

Second, threads posted by me and a few members of the Threads team
will be available on other fediverse platforms like Mastodon
starting this week. This test is a small but meaningful step
towards making Threads interoperable with other apps using
ActivityPub — we’re committed to doing this so that people can
find community and engage with the content most relevant to them,
no matter what app they use.

And behold, you can now follow @mosseri@threads.net from any Mastodon instance who administrators haven’t chosen to preemptively block Threads. When Threads launched this summer, with the stated intention of federating via ActivityPub, there were a lot of naysayers who thought it would never happen. But here we are.

Johannes Ernst, on his blog:

I participated in a meeting titled “Meta’s Threads Interoperating
in the Fediverse Data Dialogue” at Meta in San Francisco
yesterday. It brought together a good number of Meta/Threads
people (across engineering, product, policy), some Fediverse
entrepreneurs like myself, some people who have been involved in
ActivityPub standardization, a good number of industry observers /
commentators, at least one journalist, and people from independent
organizations whose objective is to improve the state of the net.
Altogether about 30 people.

It was conducted under the Chatham House rule, so I am only
posting my impressions, and I don’t identify people and what
specific people said. […]

I came away convinced that the team working on Threads indeed
genuinely wants to make federation happen, and have it happen in a
“good” way. I did not get any sense whatsoever that any of the
people I interacted were executing any secret agenda, whether
embrace-and-extend, favoring Threads in some fashion or anything
like that. (Of course, that is a limited data point, but I thought
I convey it anyway.)

Read More 

Looking at the rankings of Threads, Twitter/X, and others in the App Store and Play Store.

On the occasion of Threads opening up to users in the EU, here’s Apple’s year-end list of the App Store’s “2023 Top Free Apps”, in order:

Temu1
CapCut Video Editor
Max
Threads
TikTok
Instagram
Google
YouTube
WhatsApp
Gmail
Google Maps
Facebook
Snapchat
Shein
Telegram
Cash App
Spotify
Messenger (Facebook)
McDonald’s2
Google Chrome

Apple doesn’t reveal the methodology behind this list, so it’s possible that X “deserved” to be on it but was omitted by Apple because of the political stench permeating the X platform. But this doesn’t seem like a list over which Apple exerted any editorial control. It’s not an “Our Favorites” list, it’s a “top” list. Apple is not exactly corporate pals with Meta or Google, but those two companies account for fully half of that list.

On today’s list of top free apps on the App Store — across all categories aside from games — Threads is #2 and X is (scrolls, scrolls, scrolls…) #63. TikTok and Instagram are in the top 10 and Facebook’s blue app for the elderly remains at #16. Threads’s placement today is surely buoyed significantly by its launch in the EU, but X is downright buried. Keep in mind that popularity charts like this follow power curves — #63 is in the long tail.

Over in Google’s Play Store’s top free apps list today, Threads is #6, behind Temu, TikTok, WhatsApp, Instagram, and Shein. Telegram, Cash App, Snapchat, and Messenger round out the top 10. (Google’s own flagship apps aren’t in that list because they’re all included with Android.) Facebook is #13, Facebook Lite #37, Reddit #39, Discord #43 and Pinterest #48. X is down at #67, right below the renowned “Domino’s Pizza USA” app.3

These app stores rankings suggest strongly that Twitter/X is dying, and I think Threads in particular is helping to kill it. Momentum and traction are hard to gain and easy to lose.

The Others

It brings me no joy to report this, but unless I scrolled past one, there are no Mastodon clients in the top 200 free apps, even looking specifically within the “social networking” category, on either the App Store or Play Store.4 (Twitter/X categorizes itself as “News”, not “Social”, as a sad crutch to place higher in a category with less competition.) Even Bluesky makes these lists (#80 on the App Store; #49 on Play Store). And in what may be an interesting socio-economic demographic data point, Orange Jesus’s Truth Social app is #48 on the Play Store (just ahead of Bluesky), but not in the top 200 on the App Store. (Red hats, green bubbles?)

I enjoy Mastodon, and love Ivory, but Mastodon has seemingly peaked in popularity. It’s a niche for nerds. I think it’s a successful niche for nerds — I still see a stream of interesting content in my feed there, and enjoy thoughtful engagement from readers — but Mastodon has seemingly no mainstream relevance, and I don’t think ever will. Regular people do not want to use social networks without algorithmic feeds, and do not want to use social networks whose basic premise they do not understand.

Read More 

Jon Porter, The Verge:

Meta’s Twitter competitor, Threads, is now available in the
European Union, CEO Mark Zuckerberg has announced. “Today we’re
opening Threads to more countries in Europe,” Zuckerberg wrote in
a post on Threads. The launch follows the service’s debut in
the US and over 100 other countries across the world, including
the UK, in July 2023. But until now, Threads hasn’t been available
to the 448 million people living in the EU, and the company has
even blocked EU-based users from accessing the service via
VPN.

To coincide with today’s launch, Meta is giving users in the
region the ability to browse Threads without needing a
profile. Actually posting or interacting with content will
still require an Instagram account, however.

Threads has continued to thrive, grow, and improve, and that should accelerate significantly now that EU citizens can join. There’s a persistent but false narrative that Threads is struggling, that just isn’t true. E.g. from The Guardian today:

Threads launched in July 2023 and quickly amassed more than
100 million users in its first week. The platform has since
seen a large drop off in active users, but Zuckerberg in
earnings calls has remained steadfast that the platform would
eventually reach its goal of 1 billion users.

Like I wrote back in July: [“Nobody Uses Threads Anymore, It’s Too Crowded”]. While Twitter/X seemingly still has more daily active users, Threads has consistently ranked way way ahead of X in the rankings on both the App Store and Play Store. Those app store rankings don’t measure usage, but they do reflect momentum — Threads is gaining it, and Twitter/X is losing it. And that’s before Threads was available in the EU.

 ★ 

Jon Porter, The Verge:

Meta’s Twitter competitor, Threads, is now available in the
European Union, CEO Mark Zuckerberg has announced. “Today we’re
opening Threads to more countries in Europe,” Zuckerberg wrote in
a post on Threads. The launch follows the service’s debut in
the US and over 100 other countries across the world, including
the UK, in July 2023. But until now, Threads hasn’t been available
to the 448 million people living in the EU, and the company has
even blocked EU-based users from accessing the service via
VPN.

To coincide with today’s launch, Meta is giving users in the
region the ability to browse Threads without needing a
profile. Actually posting or interacting with content will
still require an Instagram account, however.

Threads has continued to thrive, grow, and improve, and that should accelerate significantly now that EU citizens can join. There’s a persistent but false narrative that Threads is struggling, that just isn’t true. E.g. from The Guardian today:

Threads launched in July 2023 and quickly amassed more than
100 million users in its first week. The platform has since
seen a large drop off in active users, but Zuckerberg in
earnings calls has remained steadfast that the platform would
eventually reach its goal of 1 billion users.

Like I wrote back in July: [“Nobody Uses Threads Anymore, It’s Too Crowded”]. While Twitter/X seemingly still has more daily active users, Threads has consistently ranked way way ahead of X in the rankings on both the App Store and Play Store. Those app store rankings don’t measure usage, but they do reflect momentum — Threads is gaining it, and Twitter/X is losing it. And that’s before Threads was available in the EU.

Read More 

Chris Welch, writing at The Verge:

Apple has begun selling the USB-C charging case for its second-generation AirPods Pro as a standalone purchase. But it doesn’t come cheap. The MagSafe-compatible case, available immediately, is priced at $99.

Glad they’re offering the standalone case, but alas, it seems like you can’t get it engraved like you can when you buy a whole set of AirPods.

 ★ 

Chris Welch, writing at The Verge:

Apple has begun selling the USB-C charging case for its second-generation AirPods Pro as a standalone purchase. But it doesn’t come cheap. The MagSafe-compatible case, available immediately, is priced at $99.

Glad they’re offering the standalone case, but alas, it seems like you can’t get it engraved like you can when you buy a whole set of AirPods.

Read More 

This new feature will add significant protection against a thief who steals your iPhone and knows your device passcode.

Joanna Stern and Nicole Nguyen, reporting for The Wall Street Journal (News+ link):

If you enable the new Stolen Device Protection, your iPhone will
restrict certain settings when you are away from a location
familiar to the iPhone, such as your home or work. Here’s the
rundown:

Apple ID password change:

If you do nothing: A thief can use the passcode to change
your Apple account password and lock you out. This move is the
key to thieves turning off Find My and wiping phones for resale.
Since you, the iPhone’s owner, don’t have the changed Apple ID
password, you can’t immediately locate your iPhone or remotely
wipe its data.

With Stolen Device Protection: If you want to change an Apple
ID password when away from a familiar location, the device will
require your Face ID or Touch ID. It will then implement an
hour-long delay before you can perform the action. After that hour
has passed, you will have to reconfirm with another Face ID or
Touch ID scan. Only then can the password be changed.

This sounds like a very thoughtful solution to a devilishly tricky problem: a combination of biometrics, a time delay, with exceptions for when you’re in a known location like work or home.

Stern and Nguyen reported a series of stories this year detailing how thieves — in some cases, organized crime rings — were taking advantage of the god-like powers of your device passcode, the first in February and the follow-up in April. The gist of it is that your device passcode/passphrase controls the keys to your entire digital kingdom. With the phone and your passcode, you can reset your iCloud account password and access the passwords saved in your keychain. Thieves were scamming people to glean their passcodes, then stealing their phones. This granted thieves access not just to the phones’ contents, but to the victims’ banking accounts. And resetting the victims’ iCloud passwords prevented the victims from remotely wiping, locking, or finding the stolen devices. (One way the scam would run: Chat up the victim in a bar, and offer to use the target’s phone to snap a photo of the victim and their friends. Surreptitiously lock the phone out of Face ID when handing it back to the victim. Then, when next the victim wants to do anything on their phone, they need to enter their passcode. Either the thief or a partner in a team gleans the passcode. Then they steal the phone, knowing the device passcode.)

After Stern and Nguyen broke this story, a lot of people reasonably wondered why Apple allows you to reset your iCloud account password using only your device passcode. The reason is customer support: every single day, hundreds — maybe thousands? — of people are locked out of their iCloud account because they can’t remember the password. Android phones work the same way: you can reset your Google account password knowing only your device passcode. However many people are falling victim to thieves taking advantage of this, there are orders of magnitude more innocent users who do know their phone passcode, but have forgotten their iCloud/Google account password.

Stolen Device Protection sounds like it solves the problem very well. No existing workaround is a true defense against a thief who knows your device passcode. (Locking your iPhone with Screen Time protections was suggested by many as a mitigation, but you can completely override Screen Time protections with the device passcode — it just adds a few extra steps.)

Stolen Device Protection will be off by default, but users will be prompted about the feature upon restarting after upgrading to 17.3. That’s a reasonable compromise. My only doubts about the feature are the “home” and “work” safe locations, where the hour-long delay is overridden. (You still need to authenticate with Face ID or Touch ID, though.) How are these locations determined? I’ve installed the first 17.3 beta on a spare iPhone, and after enabling Stolen Device Protection, I tried changing my iCloud password, but I still need to wait an hour, even though I’m at home. (And this spare iPhone — my iPhone 13 Pro from last year — hasn’t left my house since September.)

Overall, this new feature is clearly a win for security — and a triumph of Joanna Stern and Nicole Nguyen’s investigative reporting.

Read More 

Lindsey Adler and Richard Rubin, reporting for The Wall Street Journal (News+ link):

Shohei Ohtani joined a new team this weekend. You probably heard
about it. The Japanese superstar on Saturday agreed to a
blockbuster 10-year deal with the Los Angeles Dodgers that will
pay him $700 million in total, making it the largest contract in
U.S. sports history. But Ohtani won’t actually be the highest-paid
athlete in America for a while yet. Next season, in fact, the man
with the richest contract in baseball history will be making less
than some rookies.

Ohtani will take home just $2 million per season over the 10-year
span of his contract, which was made official Monday night. In an
unprecedented structure, Ohtani will defer $68 million per season
until the end of his contract, meaning the Dodgers will pay him
$680 million between 2034 and 2043. By the time Ohtani receives
his final paycheck from the team, he will be 49 years old. […]

The contract will also have implications for the Dodgers’ payroll
under MLB’s luxury tax rules, which calculates its average annual
value based on actual yearly salary ($2 million, in this case) and
the present day value of the deal (roughly $44 million). As a
result, the Dodgers will take a $46 million hit against their
luxury tax payroll each season, a record-setting annual average
value, but a steep decrease from a $70 million per year hit if the
salary were paid out in full during the course of Ohtani’s
contract.

This report from the WSJ is the first I’ve seen that accurately explains the luxury tax implications. All the reporting I read over the weekend, when the news of this unusual structure broke, made it sound like only the $2 million per year they’ll be paying Ohtani while he’s actually playing over the next decade would count toward the team’s payroll, which seemed grossly unjust. $46 million per year seems about right.

Ohtani earns an estimate $45–50 million per year in endorsement contracts, so it’s doubtful he’ll need to move into the YMCA while wearing Dodger blue. If I were him I’d have pulled a Steve Jobs and taken just $1 per year until the deferments kick in.

 ★ 

Lindsey Adler and Richard Rubin, reporting for The Wall Street Journal (News+ link):

Shohei Ohtani joined a new team this weekend. You probably heard
about it. The Japanese superstar on Saturday agreed to a
blockbuster 10-year deal with the Los Angeles Dodgers that will
pay him $700 million in total, making it the largest contract in
U.S. sports history. But Ohtani won’t actually be the highest-paid
athlete in America for a while yet. Next season, in fact, the man
with the richest contract in baseball history will be making less
than some rookies.

Ohtani will take home just $2 million per season over the 10-year
span of his contract, which was made official Monday night. In an
unprecedented structure, Ohtani will defer $68 million per season
until the end of his contract, meaning the Dodgers will pay him
$680 million between 2034 and 2043. By the time Ohtani receives
his final paycheck from the team, he will be 49 years old. […]

The contract will also have implications for the Dodgers’ payroll
under MLB’s luxury tax rules, which calculates its average annual
value based on actual yearly salary ($2 million, in this case) and
the present day value of the deal (roughly $44 million). As a
result, the Dodgers will take a $46 million hit against their
luxury tax payroll each season, a record-setting annual average
value, but a steep decrease from a $70 million per year hit if the
salary were paid out in full during the course of Ohtani’s
contract.

This report from the WSJ is the first I’ve seen that accurately explains the luxury tax implications. All the reporting I read over the weekend, when the news of this unusual structure broke, made it sound like only the $2 million per year they’ll be paying Ohtani while he’s actually playing over the next decade would count toward the team’s payroll, which seemed grossly unjust. $46 million per year seems about right.

Ohtani earns an estimate $45–50 million per year in endorsement contracts, so it’s doubtful he’ll need to move into the YMCA while wearing Dodger blue. If I were him I’d have pulled a Steve Jobs and taken just $1 per year until the deferments kick in.

Read More 

It’s fun watching this cat-and-mouse game from the sidelines, but if I were Beeper, I wouldn’t want to be playing.

As hinted by their team over the weekend, Beeper is going to play the cat-and-mouse game with Apple. From cofounders Eric Migicovsky and Brad Murray on the Beeper blog:

We’ve created an updated version of Beeper Mini that fixes an
issue that caused messages not to be sent or received.

That’s quite the euphemistic description of the situation.

Phone number registration is not working yet. All users must now
sign in with an Apple ID. Messages will be sent and received via
your email address rather than phone number. We’re currently
working on a fix for this.

In other words, what remains broken is the implicit creation of an iMessage account based on the cellular phone number of your device. I described this process in broad terms in a footnote on my column yesterday. It’s a magically-invisible-to-the-user process that’s been part of iMessage since it first debuted as an iOS-only feature in iOS 5.1 (At the time, “iOS” covered iPhone, iPad, and iPod Touch.)

The “magic” is that you don’t have to sign up for an account, or create a new username or account identifier. You just send a message from your phone number to another phone number, and if both numbers are registered for iMessage, the message goes over iMessage instead of SMS, even if you don’t have an Apple ID. Beeper had that working last week. Now, Beeper users need to have an Apple ID, and sign into that Apple ID within Beeper. (Beeper should actively encourage users to create and use an app-specific Apple ID password for Beeper.)

I can confirm that today’s update to Beeper Mini in the Play Store restores the ability to use iMessage, if you’re signed into an Apple ID.

We’ve made Beeper free to use. Things have been a bit chaotic, and
we’re not comfortable subjecting paying users to this. As soon as
things stabilize (we hope they will), we’ll look at turning on
subscriptions again. If you want to keep supporting us, feel free
to leave the subscription on 🙂.

Good on them. Like I wrote, it was irresponsible to charge a subscription fee for a service they can’t guarantee access to.

Beeper Mini launched on Tuesday and rocketed to top 20 of Play
Store charts. It was an instant hit. From what we can tell, Beeper
Mini was the fastest growing paid Android application launch in
history. In the first 48 hours, it was downloaded by more than
100,000 people.

Making it free (instead of a $2/month subscription with 7-day free trial) should only help its popularity, but I think it’s an open question how much demand there is for this. iMessage users might wish their Android-owning friends installed it, but are typical Android users interested? If Android SMS users were interested in installing a third-party app to enable better cross-platform messaging, wouldn’t they be suggesting to their iPhone-using friends and family that they be the ones who install WhatsApp or Signal or something?

Note: Beeper Cloud’s new Oct 2023 iMessage bridge never used Mac
relay servers and still does not today. It uses a similar
method to Beeper Mini, but runs on a cloud server.

Beeper Cloud was relying on Mac relay servers prior to October. And I think regardless of whether the relay servers are Macs or Linux boxes, it doesn’t change the fact that it’s a sketchy idea to entrust a relay server with your Apple ID credentials. But I think this recent change to Beeper Cloud means that you can use an app-specific password with that, too, just like with Beeper Mini — you never need to share your actual Apple ID password.

Many people have asked, ‘why don’t people just use Signal or
WhatsApp?’. The answer is that Messages App [sic] is the default chat
app for all iPhone customers. Not only is it the default, iOS
makes it impossible to change the default chat app. In the US,
where the majority of people have iPhones, this means that the
easiest way to chat is by tapping on your friend’s name in your
contact list and hitting the ‘message’ button.

This is disingenuous. It is true that Apple does not allow third-party apps to handle anything related to your cellular account. So cellular phone calls only go through the built-in Phone app, and SMS messages only go through the Messages app. Messages isn’t merely the default handler for SMS, it’s the only handler for SMS. But there is no default for “chat”. iPhone users around the world, in countries where messaging is dominated by apps like WhatsApp or Line, have no problem ignoring Apple’s Messages app. People don’t start new chats by starting in the Contacts app; they just open the messaging app they want to use. That’s the easiest way to chat.

What they’re really arguing here is that Beeper is entitled to piggyback on the work Apple has done to make iMessage texting seamless between iOS and Mac users — and more so, that Beeper is entitled to free use of Apple’s iMessage server and networking infrastructure.

We deeply object to the allegation that Beeper Mini ‘poses
significant risks to user security and privacy’. This is
completely untrue. As we explained above, the opposite is actually
true. Beeper Mini increases the security and privacy of both
Android and iPhone customers. To prove this, we published a
detailed blog post about how the app keeps data secure and
private. Beeper Mini is end-to-end encrypted. The underlying
connection method is open source, for anyone to review.

Apple guarantees the security of both the protocol (iMessage) and the client software (Messages). In fact, because Messages only runs on Apple devices, Apple further guarantees the security of the underlying operating system and hardware that Messages (the app) runs on, and that all iMessage messages are sent between. With Beeper Mini in the mix, Apple can only guarantee the protocol and your client software, if you’re using Messages. Is Beeper Mini storing cached message content and attachments securely on device? Is it transmitting privacy-sensitive metadata back to Beeper with analytics or crash logs? (Beeper Mini has a preference, “Share Diagnostics”, that is on by default but can be disabled.) Beeper can (and does!) vouch for the privacy and security of their client app, but Apple can’t. Beeper is correctly arguing that Beeper Mini does not (and cannot) compromise the security of the iMessage protocol, but that doesn’t mean that its existence doesn’t open security concerns for Apple and its users. And as I wrote yesterday, the existence of an unauthorized client on a supposedly closed platform creates a genuine perception problem for Apple: if Apple can’t control the clients permitted to connect to iMessage, it looks like they’ve lost control of the platform. And to some degree, they have lost control over the iMessage platform.

It’s fun watching this cat-and-mouse game from the sidelines, but if I were Beeper, I wouldn’t want to be playing.

Read More 

Adi Robertson and Sean Hollister, reporting for The Verge three weeks ago:

Music streaming service Spotify struck a seemingly unique and
highly generous deal with Google for Android-based payments,
according to new testimony in the Epic v. Google trial.
On the stand, Google head of global partnerships Don Harrison
confirmed Spotify paid a 0 percent commission when users chose to
buy subscriptions through Spotify’s own system. If the users
picked Google as their payment processor, Spotify handed over 4
percent — dramatically less than Google’s more common 15 percent
fee.

Google fought to keep the Spotify numbers private during
its antitrust fight with Epic, saying they could damage
negotiations with other app developers who might want more
generous rates. […]

But Harrison says Spotify’s “unprecedented” popularity was great
enough to justify a “bespoke” deal. “If we don’t have
Spotify working properly across Play services and core services,
people will not buy Android phones,” Harrison testified. As part
of the deal, both parties also agreed to commit $50 million apiece
to a “success fund.”

When this was first reported last month, I installed Spotify on my Pixel phone and tried it myself. Not only does Spotify on Android default to using its own in-app purchasing system — giving not a penny to Google in fees, apparently — but I couldn’t even find a way to choose to pay using the Play Store system. Google has granted Spotify a complete exemption to any sort of payment fee, and Spotify simply uses its own in-app payment processing.

On iOS, needless to say, Spotify has no such exemption. I just checked, and all Spotify does on iOS is list the features of each Premium account tier, with a message under each tier that reads “You can’t upgrade to Premium in the app. We know, it’s not ideal.” They don’t even list the prices or tell you where to go to sign up.

So I don’t really buy the argument that Spotify’s “unprecedented” popularity forced Google to offer this secret sweetheart deal. It doesn’t even make sense. Harrison’s argument is that Google had to offer Spotify this complete exemption from the regular Play Store payment processing rules because otherwise … Spotify would have to do the same thing on Android that they do on iOS? It beggars belief that Spotify would pull its app from the Play Store. What makes more sense is that Google wanted to get Spotify — an EU-based company — off their backs as vocal critics of their app store policies, so they offered them this sweetheart deal to shut them up. But it sounds like these sweetheart deals, offered only to large companies like Spotify, are part of what led the jury to rule in Epic’s favor in the Epic v. Google lawsuit.

 ★ 

Adi Robertson and Sean Hollister, reporting for The Verge three weeks ago:

Music streaming service Spotify struck a seemingly unique and
highly generous deal with Google for Android-based payments,
according to new testimony in the Epic v. Google trial.
On the stand, Google head of global partnerships Don Harrison
confirmed Spotify paid a 0 percent commission when users chose to
buy subscriptions through Spotify’s own system. If the users
picked Google as their payment processor, Spotify handed over 4
percent — dramatically less than Google’s more common 15 percent
fee.

Google fought to keep the Spotify numbers private during
its antitrust fight with Epic, saying they could damage
negotiations with other app developers who might want more
generous rates. […]

But Harrison says Spotify’s “unprecedented” popularity was great
enough to justify a “bespoke” deal. “If we don’t have
Spotify working properly across Play services and core services,
people will not buy Android phones,” Harrison testified. As part
of the deal, both parties also agreed to commit $50 million apiece
to a “success fund.”

When this was first reported last month, I installed Spotify on my Pixel phone and tried it myself. Not only does Spotify on Android default to using its own in-app purchasing system — giving not a penny to Google in fees, apparently — but I couldn’t even find a way to choose to pay using the Play Store system. Google has granted Spotify a complete exemption to any sort of payment fee, and Spotify simply uses its own in-app payment processing.

On iOS, needless to say, Spotify has no such exemption. I just checked, and all Spotify does on iOS is list the features of each Premium account tier, with a message under each tier that reads “You can’t upgrade to Premium in the app. We know, it’s not ideal.” They don’t even list the prices or tell you where to go to sign up.

So I don’t really buy the argument that Spotify’s “unprecedented” popularity forced Google to offer this secret sweetheart deal. It doesn’t even make sense. Harrison’s argument is that Google had to offer Spotify this complete exemption from the regular Play Store payment processing rules because otherwise … Spotify would have to do the same thing on Android that they do on iOS? It beggars belief that Spotify would pull its app from the Play Store. What makes more sense is that Google wanted to get Spotify — an EU-based company — off their backs as vocal critics of their app store policies, so they offered them this sweetheart deal to shut them up. But it sounds like these sweetheart deals, offered only to large companies like Spotify, are part of what led the jury to rule in Epic’s favor in the Epic v. Google lawsuit.

Read More 

After Senator Ron Wyden broke the news last week that law enforcement agencies were surveilling people by obtaining their push notification records from Apple and Google, I noted, with disapproval, that Apple required only a subpoena to turn such records over, whereas Google required a subpoena subject to court oversight. Apple has now updated its guidelines, and now requires a search warrant:

The Apple ID associated with a registered APNs token and
associated records may be obtained with an order under 18 U.S.C.
§2703(d) or a search warrant.

This is good.

 ★ 

After Senator Ron Wyden broke the news last week that law enforcement agencies were surveilling people by obtaining their push notification records from Apple and Google, I noted, with disapproval, that Apple required only a subpoena to turn such records over, whereas Google required a subpoena subject to court oversight. Apple has now updated its guidelines, and now requires a search warrant:

The Apple ID associated with a registered APNs token and
associated records may be obtained with an order under 18 U.S.C.
§2703(d) or a search warrant.

This is good.

Read More 

Sean Hollister, reporting for The Verge:

Three years after Fortnite-maker Epic Games sued Apple and Google
for allegedly running illegal app store monopolies, Epic has a
win. The jury in Epic v. Google has just delivered its verdict  — and it found that Google turned its Google Play app store and
Google Play Billing service into an illegal monopoly.

The jury unanimously answered yes to every question put before
them — that Google has monopoly power in the Android app
distribution markets and in-app billing services markets, that
Google did anticompetitive things in those markets, and that Epic
was injured by that behavior. They decided Google has an illegal
tie between its Google Play app store and its Google Play Billing
payment services, too, and that its distribution agreement,
Project Hug deals with game developers and deals with OEMs were
all anticompetitive. […]

Mind you, we don’t know what Epic has actually won quite yet — that’s up to Judge James Donato, who’ll decide what the
appropriate remedies might be. Epic never sued for monetary
damages; it wants the court to tell Google that every app
developer has total freedom to introduce its own app stores and
its own billing systems on Android, and we don’t yet know how or
even whether the judge might grant those wishes.

It’s certainly big news that Epic won, but as Hollister makes clear, we have no idea what this will actually mean in practice. I’m still not quite sure what Epic even wants. Android already supports third-party app stores, and Epic already runs one. I think one thing Epic wants is to force Google to allow third-party app stores to be installed without any sort of warnings or friction, which would be a disaster for device security. I’ve installed the Epic Games app on Android, and the installation and permission-granting process seems perfectly reasonable to me. It just isn’t popular.

The other thing Epic wants is to be able to use its own payment processing for apps distributed through the Play Store and Apple’s App Store. Implementing such a payment circumvention scheme was what got them kicked out of both stores back in 2021.

 ★ 

Sean Hollister, reporting for The Verge:

Three years after Fortnite-maker Epic Games sued Apple and Google
for allegedly running illegal app store monopolies, Epic has a
win. The jury in Epic v. Google has just delivered its verdict  — and it found that Google turned its Google Play app store and
Google Play Billing service into an illegal monopoly.

The jury unanimously answered yes to every question put before
them — that Google has monopoly power in the Android app
distribution markets and in-app billing services markets, that
Google did anticompetitive things in those markets, and that Epic
was injured by that behavior. They decided Google has an illegal
tie between its Google Play app store and its Google Play Billing
payment services, too, and that its distribution agreement,
Project Hug deals with game developers and deals with OEMs were
all anticompetitive. […]

Mind you, we don’t know what Epic has actually won quite yet — that’s up to Judge James Donato, who’ll decide what the
appropriate remedies might be. Epic never sued for monetary
damages; it wants the court to tell Google that every app
developer has total freedom to introduce its own app stores and
its own billing systems on Android, and we don’t yet know how or
even whether the judge might grant those wishes.

It’s certainly big news that Epic won, but as Hollister makes clear, we have no idea what this will actually mean in practice. I’m still not quite sure what Epic even wants. Android already supports third-party app stores, and Epic already runs one. I think one thing Epic wants is to force Google to allow third-party app stores to be installed without any sort of warnings or friction, which would be a disaster for device security. I’ve installed the Epic Games app on Android, and the installation and permission-granting process seems perfectly reasonable to me. It just isn’t popular.

The other thing Epic wants is to be able to use its own payment processing for apps distributed through the Play Store and Apple’s App Store. Implementing such a payment circumvention scheme was what got them kicked out of both stores back in 2021.

Read More