Apple Removed OurPact From the App Store. Here’s What You Need to Know.
On Saturday, April 27th, The New York Times exposed Apple’s systematic removal of screen time applications from the App Store.
Other major publications quickly picked up the story, leading Apple to share a public statement claiming these removals are justified on the grounds that parental control apps using MDM “put users’ privacy and security at risk.” An email from Phil Shiller, SVP Worldwide Marketing, also stated Apple’s position that these apps pose a risk to privacy.
Unfortunately, Apple’s statement is misleading and prevents a constructive conversation around the future of parental controls on iOS.
We want to take the opportunity to set the record straight about MDM for our loyal users and the many families looking for solutions to guide healthy digital habits. Our hope is that Apple will work with developers in this space so that families continue to have a wide selection of parental controls to choose from.
Shortly after the release of the iPhone in 2007, a growing body of research confirmed the negative impact of excessive screen time exposure for growing children and teens. In 2012, the OurPact team recognized the lack of solutions available on iOS and set out to develop comprehensive parental controls for families. We don’t just develop OurPact, we use it in our own homes.
From day one, our focus has been what’s best for parents and their children. A core part of that mission is a commitment to data protection and user privacy — we never have and never will sell or provide any user data to any third party.
OurPact’s Use of MDM
Since its initial release, OurPact has employed a public, documented Apple technology known as MDM.
While MDM was initially intended for company-owned or personally-owned BYOD implementations, it has also been used by many parental control applications to give parents more freedom to manage their children’s mobile devices. In recent years, Apple has also extended MDM for use by children and teachers in schools.
OurPact’s core functionality would not be possible without the use of MDM; it is the only API available for the Apple platform that enables the remote management of applications and functions on children’s devices. We have also been transparent about our use of this technology since the outset, and have documented its use in our submissions to the App Store.
Apple’s Statements on MDM
Apple recently stated that its own MDM technology, used by millions, poses risks to user privacy and can be abused by hackers. This stands in contradiction to the fact that MDM technology was initially developed by Apple to ensure security of private data on remotely managed devices. Apple alone issues certificates to third parties to communicate with their MDM servers, and Apple themselves are responsible for sending all MDM commands to user devices.
We present here, point by point, Apple’s recent claims in defense of removing apps that use MDM, to be contrasted with quotes from their own MDM documentation.
Can MDM apps access your private data?
Apple Press Statement: “MDM gives a third party control and access over a device and its most sensitive information including user location, app use, email accounts, camera permissions, and browsing history.”
Phil Schiller: “No one, except you, should have unrestricted access to manage your child’s device, know their location, track their app use, control their mail accounts, web surfing, camera use, network access, and even remotely erase their devices.”
— VS —
Apple’s MDM Documentation:
MDM cannot see personal data such as:
- Personal or work mail, calendars, contacts
- SMS or iMessages
- Safari browser history
- FaceTime or phone call logs
- Personal reminders and notes
- Frequency of app use
- Device location
To clarify this very important point: OurPact does not have access to any of this private information via MDM. It is impossible for us, hackers, or anybody else to obtain it. Apple is the only one who has access to and uses this data.
Is MDM risky or unsafe?
Apple Press Statement: “Businesses will sometimes install MDM on enterprise devices to keep better control over proprietary data and hardware. But it is incredibly risky…”
Apple Press Statement: “Research has shown that MDM profiles could be used by hackers to gain access for malicious purposes.”
Phil Schiller: “Further, security research has shown that there is risk that MDM profiles could be used as a technology for hacker attacks by assisting them in installing apps for malicious purposes on users’ devices”
— VS —
Apple’s MDM Documentation:
“When users enroll in MDM for the first time on an iOS device, they are provided with information about what the MDM server can access on their devices and the features it will configure. This provides transparency to users about what is being managed, and establishes trust between you and the users.”
“Users understand how their devices are being managed and trust that their privacy is protected.”
“With a user-owned deployment, iOS [MDM] offers personalized setup by users and transparency around how devices are configured, along with the assurance that users’ personal data won’t be accessed…”
Is MDM suitable for children?
Apple Press Statement: “Parents shouldn’t have to trade their fears of their children’s device usage for risks to privacy and security, and the App Store should not be a platform to force this choice. No one, except you, should have unrestricted access to manage your child’s device.”
— VS —
Apple’s Support of MDM For Children in Practice:
Apple allows 3rd party developers to create MDM applications for schools through their Apple Classroom program — they do not publish data on its usage, but likely hundreds of thousands (or more) children use devices with Apple MDM installed every day. These apps are not being pulled because of risk to privacy, in fact, Apple offers its MDM security as a major selling point to schools.
What Data Does OurPact Collect?
OurPact collects only the data absolutely necessary to provide our service and we retain it for as short a period as possible. We comply with all global data protection laws, including GDPR.
The most sensitive data OurPact collects is:
1. Child Name, Age & Gender
Parents provide their child’s name (or alternatively a nickname) to easily switch between their children’s profiles within OurPact.
Optionally, parents can specify their child’s age and gender. Our team was actively developing an update to provide recommended daily screen time allowances and app recommendations for children, based on age.
2. Installed Applications
OurPact Premium displays a list of apps installed on child devices so that parents can manage access to each app individually. This list of applications is only visible to parents within their OurPact account.
3. Location Data
OurPact Premium uses iOS location data to help parents monitor their children’s device location in real time.
OurPact’s location usage is in no way tied to MDM functionality. It operates in the same manner as all other family location apps on iOS. This data is only available if location permissions are explicitly enabled by the parent in both the parent application and within system settings on the child’s device.
Timeline of Events
To date, OurPact has been approved by Apple for release to the App Store 37 times, with documented use of MDM.
In Apple’s public statement, they claimed that they gave developers 30 days to modify their apps in line with their guidelines, even though their guidelines make no mention of MDM. We did not receive any notice before OurPact’s child app was removed by Apple.
More importantly, there is no way for any company offering a parental control app to remove MDM functionality and still have a viable product. If Apple offered alternate APIs to achieve the robust parental controls that OurPact provides we would happily use them. Unfortunately, no such API exists. All attempts to open a dialogue with Apple to create those APIs have also been refused.
- February 4, 2015: Apple approves the initial release of OurPact for distribution on the App Store.
- April 13, 2015: Apple approves OurPact v1.2
- December 19, 2015: Apple approves OurPact v1.4
- March 9, 2016: Apple approves OurPact v1.5
- May 27, 2016: Apple approves OurPact v2.0
- June 10, 2016: Apple approves OurPact v2.1
- August 9, 2016: Apple approves OurPact v2.2
- November 23, 2016: Apple approves OurPact v2.5
- December 2, 2016: Apple approves OurPact v2.6
- December 9, 2016: Apple approves OurPact 2.7
- March 16, 2017: Apple approves OurPact v4.0
- April 6, 2017: Apple approves initial release of OurPact Jr. child app v4.0 for distribution on the App Store.
- April 19, 2017: Apple approves OurPact Jr. v4.1
- May 1, 2017: Apple approves OurPact v4.1
- May 22, 2017: Apple approves OurPact Jr. v4.2
- May 25, 2017: Apple approves OurPact Jr. v4.3
- June 1, 2017: Apple approves OurPact v4.2
- June 6, 2017: Apple approves OurPact v4.3
- June 27, 2017: Apple approves OurPact Jr. v4.4
- July 3, 2017: Apple approves OurPact v4.4
- August 10, 2017: Apple approves OurPact Jr. v4.5
- October 4, 2017: Apple approves OurPact v4.5
- October 19, 2017: Apple approves OurPact v4.6
- December 4, 2017: Apple approves OurPact v4.7
- December 4, 2017: Apple approves OurPact Jr. v4.7
- December 8, 2017: Apple approves OurPact v4.8
- December 8, 2017: Apple approves OurPact Jr. v4.8
- February 8, 2018: Apple approves OurPact v4.9
- February 8, 2018: Apple approves OurPact Jr. v4.9
- April 19, 2018: Apple approves OurPact v5.0
- April 19, 2018: Apple approves OurPact Jr. v5.0
- April 25, 2018: Apple approves OurPact Jr. v5.1
- May 31, 2018: Apple approves OurPact Jr. v5.2
- July 2, 2018: Apple approves OurPact v5.1
- July 3, 2018: Apple approves OurPact v5.2
- July 19, 2018: Apple approves OurPact v5.3
- September 6, 2018: Apple approves OurPact v5.4
- September 17, 2018: Apple releases Screen Time as part of iOS 12.
- October 6, 2018: Apple removes the OurPact child app from the App Store without any prior communication.
- October 6, 2018: Apple sends letter stating OurPact child app was removed from the App Store for using MDM. This letter made no mention of user privacy.
- October 6, 2018: We submitted an updated version of the OurPact child app to App Store for review.
- October 8, 2018: Apple rejects OurPact child app, stating it is using MDM. Again, there was no mention of user privacy.
- October 8, 2018: We responded to clarify that the child app does not use MDM and only uses location services and push notification APIs.
- October 15, 2018: We wrote to Apple seeking a follow-up to our letter from October 8th.
- October 16, 2018: We wrote to Apple seeking a follow-up to our letter from October 8th.
- October 17, 2018: We wrote to Apple seeking a follow-up to our letter from October 8th.
- October 17, 2018: Apple replied with a canned statement that our request was escalated internally.
- October 24, 2018: We wrote to Apple again seeking a follow-up to the letter we sent on October 8th and requested to have a phone call with someone from Apple.
- October 25, 2018: Apple responded saying they can’t get on a call with us, but that they’ll get back to us in writing.
- October 26, 2018: We responded with a thank you.
- November 15, 2018: We submitted a ‘Get the status of my app’ request to Apple and requests a phone call again.
- November 20, 2018: Apple replied with a canned statement that our request was escalated internally.
- November 26, 2018: We submitted a ‘Get the status of my app’ request to Apple and request a phone call again.
- November 27, 2018: Apple responded saying they can’t get on a call with us, but that they’ll get back to us in writing.
- November 27, 2018: Apple finally responded through the developer portal saying they need more time and will get back to us.
- November 27, 2018: Apple responded through the developer console saying someone will call within 3–5 business days to discuss the app.
- November 28, 2018: We provided a phone number as requested.
- December 3, 2018: Apple called us to discuss the application. The main thing we learned when we pressed the Apple representative for details about the use of MDM and/or VPN was that they would not allow us to use either technology for blocking apps. We asked Apple, hypothetically, if we were able to find another technology already approved by Apple for use in the App Store if we could use this technology to block or restrict third party apps for the purposes of parental control. We were told that we could not block or restrict the use of third party apps no matter the technology. The takeaway from the call was that the technology in use was not the issue, but the act of blocking or restricting the use of third party apps was. Once again, user privacy was never raised by Apple as a concern.
- December 3, 2018: After the call with Apple, the OurPact child app submission to the App Store was rejected.
- January 18, 2019: Apple sent a 30-day notice to OurPact to remove the use of MDM from the OurPact parent app.
- January 23, 2019: OurPact requested a 60-day extension to explore options with Apple for a viable long-term solution.
- January 25, 2019: OurPact had a phone call with the same Apple representative as before. OurPact requested a 60-day extension on this call and the Apple representative stated they need to check with their supervisor and that they would get back to us with an answer to our request.
- February 11, 2019: After not hearing back from the Apple representative, OurPact submitted a further request through the developer portal for an answer to our earlier request for an extension.
- February 19, 2019: Apple removed the OurPact parent app from the App Store.
- February 23, 2019: OurPact missed the call from Apple and couldn’t get Apple back on the phone that day.
- February 27, 2019: Apple representative called OurPact to discuss removal of the OurPact parent app. OurPact asked why we did not receive a response to our request for an extension. Apple representative apologized for not getting back to us but stated they would not reinstate the app and would not give us more time to make changes. Once more, privacy was not mentioned at this time.
Apple is a company that we have great respect for, and their stance on privacy for their users is one we wholeheartedly agree with. It is why the majority of the OurPact team are iPhone users and many of us have been Apple users since the Apple II. So, by choice, we would never be in the unfortunate position of telling one of the most beloved companies in the world that they have made a mistake, but sometimes the truth has to be spoken to power.
Given that there are no privacy issues with properly vetted MDM apps like OurPact being on the App Store, we humbly request that we are reinstated and allowed to continue providing our million users with the service they love and depend on.
If Apple truly believes that parents should have tools to manage their children’s device usage, and are committed to providing a competitive, innovative app ecosystem, then they will also provide open APIs for developers to utilize. Now, more than ever, the focus should be on building better and more diverse solutions for families to choose from.
We remain committed to solving this problem, and we implore Apple to recognize they have a responsibility to support and encourage the growth of this industry.
This issue will only be resolved if you voice your concern over the future of parental controls.
If you care about this issue, let your voice be heard with these hashtags: #ThereUsedToBeAnAppForThat #SaveOurPact #GiveParentsControl