The front runners for doing this would probably be Google and Meta. Large companies that publish several ad-supported apps. Side stepping the App Store would let them revert Apple’s privacy protections for tracking
However, I believe another statute of Apple’s implementation is that developers must pick. App Store or Self Distribution— an app cannot be both
If you really have to pay a fee per install, ad-supported apps are probably the worst candidates to go standalone in my opinion. Those don't get much money per user.
The fee is ~50 cents per user.
It’s per install including updates. All apps from Meta and Google update almost weekly. That’s 100s of millions of dollars a year in CTF that they won’t have to pay if they stay in the store.
I don't see how they would. Aren't many of the anti tracking features implemented at the OS level?
Trivially easy. Create an app that generates a random number and store it in the apps local storage. Send that with any interaction to whatever service you're providing. Hiding this feat in plain sight isn't that hard.
Currently there are two things preventing a developer from doing this:
1. you're supposed to be honest and not do that.
2. you could be caught during review by a bot or a human.
Nothing at the OS level to prevent this.
But all that does is let one app track your usage in that app. To do tracking outside of that, you'd need other apps to get access to another apps' local storage. Which you need the OS to give you permission to do.
We have toggles for preventing cell data usage, they could trivially do the same for wifi usage, or accessing other app's local storage.
I think computing devices need to have some kind of zero trust sandbox available for installation (kinda like a VM) where any API and system calls that an app use is spoofed. iOS have done this for files and photos (recently), but some is still all or nothing, like contacts. At least camera and microphone access show an indicator when they're in use.
Sure you can create a sandbox that can cater for some app and keep it completely isolated. And yes, whereas previously any app could basically see and do anything, now there are limits at the OS level.
But an app that shows the latest cat video needs connectivity and the server serving that car video now tracks when you were watching it.
And no one, not even Apple, complains about that kind of tracking nor attempt to stop it.
This is a ridiculous example
Yes, but there’s no way to stop that kind of tracking since those app require you to sign in.
The current App Store already has this kind of tracking.
> Nothing at the OS level to prevent this
This is incredibly common practice and AFAIK not even discouraged by Apple.
The app sandbox constrains the local storage data to the app which created the unique identifier. There is no third-party tracking opportunity here.
Are there any apps from Google/Meta where you _don't_ need to authetnticate?
The only Google application (besides Play store and all the stuff that's more or less part of the system) I use is Google maps and it doesn't require being logged.
The Youtube app works without logging in (on Android).