I read through the entire DMA rant that apple has here: https://www.apple.com/newsroom/2026/06/due-to-dma-siri-ai-de...

This feels like it could be solved with a list of permissions that the user has to turn on when using 3rd party AI.

Apple already:

    1) requires developers to submit ID to publish an app on the appstore (at least I had to after ~1000 downloads to be able to publish an update)
    2) has strong kernel enforced memory integrity and disallowes arbitrary code execution (unless explicitely approved for games like roblox, jitting not allowed tho has to be interpreted).
    3) reviews every app update.

I feel like this is nothing more than Apple being angry that they have to allow people to actually choose what AI they want on their phone. This is particulary interesting if anthropic and openai decided they want to add siri ai override to their apps allowing them to take advantage of the apple ecosystem without signing some kind of deal like they had to with Google. I assume behind closed doors Google had to make some sacrifices for them to be the model powering siri.

▲ lxgr 3 hours ago | parent | next [-]

> I feel like this is nothing more than Apple being angry that they have to allow people to actually choose what AI they want on their phone.

It's really just Apple being angry about the EU's DMA endangering their golden goose (App Store revenue) and using any meaningful new functionality as a bargaining chip.

They've done staggered geo launches for other features in the past many times, both before and after the DMA was passed, and in this case there's even another great reason to not want to globally launch all at once (AI inference server capacity). If they can at the same time market it as part of their ridiculous turf war against the European Commission, I guess they just have to take the opportunity.

▲

vrganj 2 hours ago | parent [-]

The thing is, Europeans are mostly annoyed with Apple over this, not the EC.

It just reads like arrogant foreigners throwing a tantrum over our laws.

▲

nandomrumber an hour ago | parent | next [-]

I struggle to believe there isn’t a significant fraction of EU citizens who are frustrated with the EU’s laws.

At the very least to the extent that the whole setup limits national sovereignty.

Your comment comes across as though you expect us to believe EU citizens are a homogenous whole, who happen to align with your perspective on this matter.

	▲	perching_aix an hour ago \| parent [-]
		On the contrary, it reads to me like they've simply been around, and this is the general impression they gathered. Which may still not even be true, but it makes a whole lot more sense context wise, and is pretty darn different to the conveniently malicious motivation you're proposing. And with this, now your own "royal we" is similarly rendered deceptive. > At the very least to the extent that the whole setup limits national sovereignty. That's how anything grouplike works indeed. > I struggle to believe there isn’t a significant fraction of EU citizens who are frustrated with the EU’s laws. Sounds like something that'd have polling data coverage?

▲

hbn 24 minutes ago | parent | prev [-]

I would call those people uninformed. It's completely reasonable for Apple to be hesitant to roll out any new integration features within their own ecosystem in the EU.

iPhone mirroring for example. Seems like practically 100% chance that if they put that out in the EU they'd be facing lawsuits for not making it work with every Android and Kindle and digital pregnancy test on the planet. And making it an open API right out of the gate is a much bigger undertaking than just making it work with your own devices through a proprietary API that you're free to break at any point and just update your devices to work accordingly.

▲ pastel8739 3 hours ago | parent | prev | next [-]

> Given the serious risks to users, Apple designed a solution called Trusted System Agent — an intermediary that would allow virtual assistants to safely access the same features and capabilities as Siri AI for devices in the EU. Apple also shared a plan to launch Siri AI in the EU while gradually rolling out this new solution over an 18-month period. The European Commission said no. In fact, the European Commission did not agree to any of Apple’s proposals.

I'm extrapolating (there is less detail in that press release than I expected from your comment), but this sounds to be like it would be the thing that enables such a "list of permissions". I would be curious to know exactly what this agent entailed and why the EU did not approve it.

▲

himata4113 3 hours ago | parent [-]

"Trusted System Agent" imo sounds like an apple approved agent which would only be available to companies that accept apples (likely unreasonable) demands and would completely lock smaller companies out of the ecosystem.

	▲	dwaite an hour ago \| parent [-]
		My limited understanding is that it would be a local model that exists only to determine a limited set of local information necessary to answer the user's request. This request and information would then be shared with the third party. Third parties would otherwise not have access into the local semantic model based on user personal data.

▲ dwaite an hour ago | parent | prev | next [-]

> This feels like it could be solved with a list of permissions that the user has to turn on when using 3rd party AI.

The device won't be able to ask for significantly more permissions than Apple asks for their own model for regulatory reasons, nor will it be able to convey the seriousness of granting the permission (e.g. immediately give unrestricted access to the vast majority of personal information/documents stored on the device).

But Apple also architected their system to justify not having constant permission prompts for access to sensitive data. And for regulatory reasons they also can't mandate that competing models have the same architecture.

The regulators and Apple (along with hopefully other AI companies) will need to work together to determine longer-term stable path forward.

	▲	himata4113 an hour ago \| parent [-]
		Apple could have the same kind of permission dialogues with their own models (and they actually should). Each and every (first-time) use of a feature should: `1) ask for permission explaining the scope 2) warn you about the dangers with a confirmation / nevermind option` Putting this in practice: `1) Acme AI requires access to your email provider in order to execute this request. Grant / Deny 2) You're about to let Acme AI read and send emails on your behalf, this might be dangerous due to X and Y. Do you want to continue? / Nevermind.` In this case: `1) Asks for access to a service 2) Asks for a specific use-case of the service` 1 is access to data, you might want to give broad access to some applications and input data 2 is permission to act, but you might want to deny access to some parts such as sending email and scope to summarization

▲ tyre 2 hours ago | parent | prev | next [-]

It’s kind of funny that the EU’s regulation here would force Apple to allow options that are worse for user privacy. Apple is the least incentivized to farm data from its users; in fact, that’s a huge selling point. They mentioned it over and over and over in the WWDC keynote today.

In my opinion, Apple is doing the right thing for users. It’s not like they have a huge revenue stream here. Yes, there will be some features or usage that require iCloud plus or whatever to cover incremental cost, but I genuinely believe that they don’t want services creeping in that break their trust with users or their privacy-first reputation.

Apple’s decision (users will have a less powerful product because we’re not vacuuming up their data and using it for profit) is exactly the kind of thing the EU should want. No country has appropriate data privacy guidelines for AI (yet) so opening up choice can’t provide alternatives.

(To be clear, I’d be fine with Anthropic here, but am fine with this state. Maybe because I’m so used to Siri sucking that I’ve given up hope.)

▲

thewebguyd 2 hours ago | parent | next [-]

> Apple is doing the right thing for users.

The right thing for users would be to allow user choice, and for Apple to compete fairly.

Apple allowing third party access doesn't automatically mean user data gets hoovered up by OpenAI, Anthropic, etc. It just means users now get the choice, if they want to make that choice. Users could stay with Siri/Apple if they care about what Apple is offering, or choose to accept the risks and terms of service with other third parties.

The EU isn't saying "you must preinstall every competitors offering" its "you must offer the ability for others to hook into the same APIs to be able to offer their own assistant on par with the first party option."

The user still remains in control by virtue of their own choice.

▲

onesociety2022 an hour ago | parent | next [-]

I never understood how any regulatory body is going to decide which APIs in iOS must be made available to third-parties to hook into. So what if I'm a third-party maker of TCP/IP stack and I want Apple to offer me the ability to sell my custom TCP/IP stack to my iOS customers as a replacement for the stock TCP/IP stack that ships with iOS. Clearly no regulatory body has cared about that because it's too niche of a space?

So some government official will scour the entire API surface of iOS and decide which ones Apple needs to expose to third-parties? They have already decided App Store and Payments APIs need to be made available. Now it looks like they also expect off-device foundation models need to be made available to third-parties.

What about making Apple Watch specific APIs in iOS be made available to all third-party watch makers so any one can bring any smartwatch and use it just as effectively as the Apple Watch with an iPhone? What about all the AirPods specific APIs that lets Apple offer a better experience with AirPods than a generic bluetooth earbuds? What about Apple Pencil? And so on... If you go down this path, the list is endless.

▲

jltsiren 25 minutes ago | parent | next [-]

Creating competition where it would not otherwise exist is the essential nature of the EU. Originally it was mostly about forcing protectionist member states to accept competition from other member states. But they extended the approach to breaking perceived natural monopolies a long time ago.

The exact rules ultimately don't matter, because the EU is after outcomes. If the current rules don't lead to the desired outcomes, they will keep changing the rules, until they get what they wanted. (Or until their goals change.)

▲

jaggederest an hour ago | parent | prev | next [-]

> What about making Apple Watch specific APIs in iOS be made available to all third-party watch makers so any one can bring any smartwatch and use it just as effectively as the Apple Watch with an iPhone? What about all the AirPods specific APIs that lets Apple offer a better experience with AirPods than a generic bluetooth earbuds? What about Apple Pencil? And so on...

Don't threaten me with a good time? All of those seem like great policies. The fact that I cannot use an apple watch with an android phone is ridiculous, and vice versa as well.

	▲	brookst 23 minutes ago \| parent \| next [-]
		Should you be able to use a Samsung SoC in an Apple phone? At some point this is just a debate about vertical integration. Apple can deliver better experiences with it, but of course it limits user choice. Many people want fully modular, open systems, which is lowest common denominator. I can see both sides of the argument, but I am so skeptical of regulators deciding what can be integrated or not. If modularity is better for consumers, why don’t they prefer modular systems? At the very least I think there should be a very clear tradeoff; right now the EU seems to think they can regulate their way to all of the benefits of vertical integration while outlawing vertical integration. I don’t see how anyone could look at that with a straight face.
	▲	onesociety2022 31 minutes ago \| parent \| prev [-]
		Yes I'd like some of these too but at the same time I get an uneasy feeling when I think that some potential idiot in a regulatory body in every country is now going to decide which API surface needs to be made available to third parties. If they take it too far, they could end up making nonsensical choices and kill innovation.

▲

OrangeDelonge an hour ago | parent | prev | next [-]

I think if you actually invested time into researching the DMA you will be able to understand why they are making certain decisions.

	▲	brookst 20 minutes ago \| parent [-]
		Oh, me, me! I spent a few years being responsible for a significant bit of DMA review and CYA and responses to regulators. I’ve read all of it, multiple times, and been grilled by EU regulators (vicariously, via corporate lawyers). It still boils down to general guidelines that it’s impossible to know if you’re violating before the fact, and they will not even approve/reject proposals in advance. It’s basically “go read the act yourself, and ship what you think is compliant, and you’ll know whether we interpret the words the same way by whether or not we fine you.” Good times.

▲

manwe150 an hour ago | parent | prev [-]

Replacement TCP/IP stack sounds like a VPN—which iOS allows

	▲	onesociety2022 27 minutes ago \| parent [-]
		VPN is not a replacement TCP/IP stack. I literally meant the TCP/IP stack in the XNU kernel. It might be an esoteric example but it's not that far off. DMA already forced Apple to open up browser engine layer so third-parties can now bring in their own browser engines in the EU and are not restricted to using just WebKit.

▲

dwaite an hour ago | parent | prev | next [-]

> Apple allowing third party access doesn't automatically mean user data gets hoovered up by OpenAI, Anthropic, etc. It just means users now get the choice, if they want to make that choice.

Apple is also restricted in the sort of consent prompts they give the user. That could matter when a non-technical users is prompted by a third party app to effectively allow unfettered access to all user personal data on the device.

Sometimes when you look at the functional requirements for a feature it turns out to be a bad idea. In the EU, functional requirements can come after-the-fact from regulator interpretation of the DMA. Until Apple determines what those requirements actually are going to be, releasing a potentially harmful feature is irresponsible.

▲

elisbce an hour ago | parent | prev [-]

And why is that a good thing? The average user can't even spell Anthropic. Why do you think they can safely pick a third-party model provider that could harvest the hell out of their conversations? The control of ecosystem is part of the privacy and security. My mom's Android phone has like 100 apps that she had no idea how they were downloaded. For real user choices, the vast majority of users just want a phone that they can trust and don't have to be a techie to avoid being exploited. They can choose to buy a phone that can be built from legos, OR they can choose to buy a phone from someone they trust to get the privacy and security taken care of for them. This is the real user choice.

▲

miohtama 2 hours ago | parent | prev | next [-]

Apple ad revenue is ~10% of rev, with Google deal, and growing. New management is going to turn it less privacy focused company, because Apple needs to pursue growth.

	▲	maximus_01 an hour ago \| parent [-]
		Yep and more like 25%+ of profits (given the google revenue, and most ad revenue, is close to 100% margin).

▲

hashmap an hour ago | parent | prev | next [-]

if for a second you believe that what apple says the regulators told them is the same thing as what the regulators told them, i have a cow farm under the titanic to sell you

▲

AgentOrange1234 28 minutes ago | parent [-]

This comment casts aspersions while making zero specific claims of wrongdoing. If you have something specific to say that goes beyond the vibes of "everything and everyone is corrupt and evil," that would at least be worth hearing.

	▲	hashmap 18 minutes ago \| parent [-]
		oh, it is worth hearing. said another way: "show me"

▲

rzwitserloot an hour ago | parent | prev [-]

Your premise is incorrect; if apple truly wants to do the 'right thing for its users', it would allow choice. The fact that the current crop of likely alternate choices include quite a few companies and offerings that seem far more user hostile than apple's offering doesn't change that fact (it merely raises separate concerns that there need to be more laws such as the EU's DMA, not fewer).

However, even if your premise is correct, it does not matter.

In the end, trying to manage such products (require massive investment, have network effects, offer significant gatekeeping and rentseeking opportunities) is extremely problematic.

On one hand, the market cannot do it properly: There are tons of externalities, and, like e.g. building out rail, the absolutely gigantic barriers to entering the market means the existing players merge into a monopoly or oligopoly.

On the other, the product is too complex and too dependent on continuous evolution to officially turn it into a state-controlled / state-run monopoly (the solution many countries have deployed to solve e.g. how rail, or medical insurance, or road networks, end up in a terrible state if left up to the market).

So what is one to do?

The current crop of mostly US led large companies seem to have gone with a 'just trust me, bro!' argument, with some 'AI is so important you cannot put up any roadblocks at all!' sprinkled in.

And yet these companies time and again prove that they can't be trusted. Which is obvious and logical: Companies must conform to the law, but are otherwise amoral. Or rather, their 'moral' compass has nothing to do with human moral compasses: They must earn money for their shareholders, in whatever legal way they can find that is most efficient, paying as much attention to future company growth and health as its shareholders desire. That isn't just 'what they are incentivized to do' - that is what they are legally *required* to do.

And yet you've gone with a motif of 'but apple is the one company that is doing it right so lets just trust them.. bro'.

There *is* a solution:

Use the fact that the state has powers of persuasion that companies simply do not have. The threat of law, and the monopoly on violence.

Essentially, a state can simply tell a company: The populace have spoken and they value X (say, privacy). They value it a lot. You will deliver. At low cost. This is not a request, it is a demand. If you don't want to or can't, then we shall write laws to regulate you and then *everybody loses*.

Conceptually this works, in a weird game of chicken / madman theory: If the corporation in question believes that society will regulate them into oblivion unless they comply with society's demands even if this means society incurs a great cost, then the corporation *will comply*.

This has happened before. There is no actual law in the US that a movie gets a rating, and the movie industry pays for and manages the ratings of its movies entirely as an internal affair. And yet, in general, movie ratings are stellarly well run compared to what a government run institution would have done.

The reason *is* that threat. The movie industry decided to police itself because it was quite clear that if they did not, the government would have, at great cost to the movie making industry (and at significant cost to society as well, in the form primarily of much worse films).

For some reason that isn't entirely clear to me, CEOs of large corporations that deem themselves 'IT companies' do not understand this part. They will fight tooth and nail to fight every law, and especially in the US, perhaps due to extremely dire and long-term distrust by its populace in its own government, many of its citizens incorrectly side with its corporations on this idea, even though time and again corporations prove that they have no allegiance other than to the almighty dollar (which, to be clear, is not a complaint. That is how society has set them up. My only complaint is that e.g. you seem to have forgotten that this is how it works).

Hence, given that the system works on, in essence, fear / coercion, the only right answer is to do an attitude adjustment, find a massive club, and beat a whole bunch of IT companies into absolute pulp until the remaining CEOs understand.

And before you make a note about the brash, medieval nature of that comment - it is already clear that these CEOs who think they are God's Greatest Gift To This Planet, are already meekly running, tail between their legs, to kiss the pinky ring of a personalist wannabe emperor president. They are _clearly_ motivated by such fear and _clearly_ cannot be trusted to rise to the occasion and be a new form of benevolent leadership for the citizenry.

I wish they were. It'd be so much easier.

▲ burnerthrow008 3 hours ago | parent | prev | next [-]

> This feels like it could be solved with a list of permissions that the user has to turn on when using 3rd party AI.

Nah, that just shifts the goal posts. If they did that, developers would be whining about "scare screens", as we have already seen when Apple put app installs behind a permission prompt.

They're already up in arms about the requirement from Apple (and Google) to know who is behind the apps that slurp up all your data.

The DMA maximalists won't be happy until Apple releases an anonymous service to automate setting up a Kafka topic to send each iOS user's PII to whoever wants to receive it.

	▲	ipaddr 2 hours ago \| parent [-]
		You can downloads millions of things for your computer without kyc protocols. Why are phones in a special class? Your data is being slurped by the people who sold you the phone and you are worried about the small fish.

▲ Velocifyer 3 hours ago | parent | prev [-]

> "requires developers to submit ID to publish an app on the appstore (at least I had to after ~1000 downloads to be able to publish an update)"

What is the purpose of that?

	▲	wmf 2 hours ago \| parent [-]
		So there's someone to sue if the app misbehaves.