What is sideloading? Everything to know about tech’s latest flash point

“Sideloading” may seem like an arcane term. But it has become a buzzword in tech circles, going to the heart of debates on security and privacy, and whether Apple and Google wield excessive power over the apps used by billions of mobile phone users.

What is sideloading?

Sideloading means downloading and installing apps from sources other than official app stores like Apple’s App Store on the iPhone or Google Play on phones using Google’s Android mobile operating system.

Apple does its best to stop you from sideloading on the iPhone. It says that downloading apps from other sources risks undermining Apple’s privacy and security safeguards, putting you and your sensitive personal data in the path of scammers and cybercriminals. Android phones let you sideload apps with a few taps in settings. Some makers of Android phones, such as Samsung, also preinstall their own app stores on their phones.

Why does the sideloading debate matter?

It’s central to some of the battles Apple and Google are engaged in with software developers as well as government officials who are looking to rein in Big Tech’s power. Apple and Google collect billions of dollars from their app stores, a revenue stream that could be hit if consumers download apps from elsewhere.

Tim Cook’s warning

Apple CEO Tim Cook warned last month that a proposed European Union law aimed at increasing competition online would require Apple to let iPhone users install apps through sideloading, which he said would invite trouble. “That would destroy the security of the iPhone, and a lot of the privacy initiatives that we’ve built into the App Store,” he said, speaking at France’s VivaTech conference

Threat to privacy and security?

Apple followed up Cook’s warning by releasing a report filled with dire warnings about the risks of sideloading.

The iPhone maker said it reviewed every app in the App Store to check that each met its standards.

“This process…is designed to protect our users by keeping malware, cybercriminals, and scammers out of the App Store. Apps designed for children must follow strict guidelines around data collection and security designed to keep children safe,” Apple said.

Touting its privacy credentials, Apple said it only collects personal data when it’s necessary to deliver a product or service. Sideloading, it said, would “expose users to scammers who will exploit apps to mislead users, attack iPhone security features, and violate user privacy.”

Apple cited a study that found that devices running on Android had 15 times as many infections from malicious software as the iPhone, partly because Android apps “can be downloaded from just about anywhere.”

Dramatizing the perils of sideloading apps from outside Apple’s ecosphere, the report described a nightmarish day for the fictional John and his 7-year-old daughter, Emma. A game downloaded from a third-party app store sells Emma’s data to data brokers while charging John’s credit card without his consent. Meanwhile, John unwittingly downloads a copycat version of a selfie filter app that threatens to delete all his photos unless he pays a ransom; he goes on to download a pirated fitness app and is unaware he is paying his monthly subscription to scammers.

Is sideloading possible now?

On Android phones, it’s easy to change the settings to allow sideloading. On iPhones, part of what is often called Apple’s “walled garden,” doing so requires more technical know-how. In extreme cases, some users resort to “jailbreaking,” which is like breaking open the iPhone to enable apps to be installed from outside the App Store.

What’s at stake?

The App Store and Google Play have become important money-spinners for Apple and Google parent Alphabet because they both charge fees on apps sold in their stores and on in-app purchases by their users. The App Store will generate $41.5 billion in consumer spending globally from in-app purchases, subscriptions, and premium apps in the first half of this year, compared with $23.4 billion for Google Play, according to app market intelligence firm Sensor Tower.

Legal and regulatory challenges

Dozens of states sued Google last week, alleging that the company abused its power over developers that distribute apps through the Google Play store.

Google’s senior director of public policy, Wilson White, disputed the allegations in a blog, saying: “If you don’t find the app you’re looking for in Google Play, you can choose to download the app from a rival app store or directly from a developer’s website.

The majority staff report on last year’s congressional investigation of competition in digital markets said the App Store and Google Play were dominant distribution channels, and this, coupled with Apple’s and Google’s development of their own apps, could distort competition, hurt developers, and lead to the app store operators giving preference to their own apps.

Apple and Google disagreed with the report.

Last month, the House Judiciary Committee passed legislation to curb tech giants’ dominance, including allowing sideloading on iPhones. The bill is now awaiting debate in the full House.

Apple and Google are also locked in a dispute with Fortnite creator Epic Games revolving around payments from apps. Last August, Apple and Google removed the wildly popular Fortnite game from their app stores after Epic let mobile app users pay it directly for in-game purchases. Epic responded by suing Apple and Google, accusing them of abusing their power by forcing developers to use their in-app payment systems.

In its lawsuit against Apple, Epic Games described the iPhone maker’s argument that blocking third-party app stores was necessary to maintain privacy and security safeguards as “a pretext” to prevent competition. U.S. District Judge Yvonne Gonzalez Rogers’s ruling, expected in coming months, will have a big impact on the debate over sideloading and the App Store’s power.

Subscribe to Fortune Daily to get essential business stories straight to your inbox each morning.

Read More

Artificial IntelligenceCryptocurrencyMetaverseCybersecurityTech Forward