France’s antitrust watchdog announced on March 31 that it was fining Apple 150 million euros (about $162 million) over a privacy feature protecting users from apps spying on them because its implementation resulted in competition law violations.
The French Competition Authority (FCA) said that the aim of Apple’s App Tracking Transparency (ATT)—requiring iPhone and iPad apps to ask users for permission before tracking them—was not itself the issue.
However, it ruled that the “way in which it was implemented was neither necessary nor proportionate to Apple’s stated objective of protecting personal data.”
Apple began rolling out the ATT feature in April 2021 as part of an update to the operating system that iPhones and iPads run on.
The feature forces apps to get permission before collecting data to target users with personalized advertisements.
While the feature was designed to shore up privacy, it was criticized by Apple’s rivals in the tech world, who argued that it would make it difficult for smaller apps to survive without charging consumers.
The fine, punishing the Cupertino, California-based giant for abusing its position of dominance in mobile app distribution, covers the period stretching from April 2021 to July 2023.
France’s regulator says the feature’s rollout resulted in users facing a bombardment of pop-ups from third-party apps requesting consent and that the frequency of these windows made it “excessively complex” for users to navigate Apple’s iOS operating system.
In a statement announcing its ruling, the FCA said, “The rules governing the interaction between the different windows thus displayed undermine the neutrality of the device, causing definite economic harm to application publishers and advertising service providers.
“In this regard, the authority noted that the ATT, as implemented by Apple, particularly penalized smaller publishers since, unlike the main vertically integrated platforms, these operators depend largely on the collection of third-party data to finance their activity.”
Apple said in a statement that ATT gives users more privacy control “through a required, clear, and easy-to-understand prompt about one thing: tracking.”
“That prompt is consistent for all developers, including Apple, and we have received strong support for this feature from consumers, privacy advocates, and data protection authorities around the world,” Apple stated.
“While we are disappointed with today’s decision, the French Competition Authority (FCA) has not required any specific changes to ATT.”
The Advanced Data Protection (ADP) feature provides end-to-end encryption for iCloud storage, preventing non-account holders—including governments and hackers—from accessing data such as photos, documents, and notes.
Without ADP, certain types of iCloud data will no longer be fully encrypted, making it potentially accessible to third parties with the proper legal authority.
Apple’s decision follows multiple reports, including from The Washington Post and the BBC—stating that the UK’s interior ministry issued a “technical capability notice” to Apple.
This legally binding order reportedly compels the company to provide access to encrypted user data under the Investigatory Powers Act of 2016—also known as the “snoopers’ charter.”
The UK’s interior ministry declined to confirm or deny the notice at the time, stating, “We do not comment on operational matters, including for example confirming or denying the existence of any such notices.”
Apple also did not confirm the existence of such a notice.
