No one is forcing you to use any app, let alone developers.
Without this becoming a rant, what fraction of that "security" is protecting you from nothing more than apps that didn't pay the Apple tax. You must admit, the narrative that only approved apps are "good"/"safe" is insanely self serving and conveniently hard to falsify.
Let me provide a concrete example: right now I can download and use Facebook, with less tracking than Facebook likes, on the App Store. If Facebook is allowed to offer a sideloaded app with all the tracking included, what do you think the chances are they will keep the version on the App Store? If they remove it and only offer the new sideloaded version, I am worse off as a user than I am right now.
This is relying on Apple to act as a regulator of Facebook. That's not Apple's job, and they do a bad job of it. That's the job of the government, which is actually (ostensibly (unlike Apple)) representing the people.
The fact that Facebook can do any spying on you at all (because it can still track you, on your current Apple device, right now) is because government regulators are dropping the ball. It's not Apple's responsibility, it's not something they're good at, and it's not something that they should be doing.
I would contend that so far, Apple has done a better job of ensuring their customers' privacy in the face of other companies that employ dark patterns to try to extract personal information from the device that neither Apple nor Apple's customers allowed them to.
The government, so far, has been rather toothless in terms of ensuring the privacy of people and have issued paltry fines to the companies that amounted to no more than a slap on the wrist and extracting a promise that they'll do better next time (with their hands behind their back and fingers crossed).
The reason I purchase apple devices is because they are the only ones that are taking my privacy seriously.
Government regulators are letting the market decide how valuable customer data is and Apple is saying "it is valuable and our customers value not letting random people getting it." Thus, I am voting with my wallet because in this case, votes for elected officials isn't doing much.
App tracking permissions are handled by the OS, it's entirely possible to ship Facebook apps that can't track because they can use the same exact permission system that the existing Facebook iOS app is using.
You don't need the App Store for security, it isn't a dichotomy.
Ignoring Facebook as the example since nobody who cares remotely about tracking is using Facebook.
Then [company] lose marketshare to those who don't care about anything outside of the App Store, and when media outlets and social networks pick up on how [company] app on this third party store tracks so much more information than it used to, even more people will uninstall. It's what we've seen on Android for years, there is a huge reputation factor when it comes to third party app stores. That reputation factor is the reason why F-Droid is the major choice outside of the Play Store.
There is incentive here for app developers to continue to provide solid services. Just not Facebook, as their primary goal is tracking.
Epic Games is going to put their own storefront on iOS, and it's going to have few if any of the polices for customer protection that the App Store does.
Epic will be able to give you games for free to gain market share, just like the Amazon App Store tried on Android and just like Epic is currently trying on Windows. The horror!
Then an app like F-Droid will come along and offer even more protections than the App Store. Confound it!
For my part, this is a step in the right direction. With a few more fixes, iOS might even become usable enough for me to buy a device that runs it.
Epic currently can’t do that on iPhones in their apps because in-app subscriptions all use Apple’s subscriptions system and can be managed in one place
If you wanted to use an abusive subscription system currently you would have to do it outside the app via a web browser
The fb webpage still exists. No app. No permissions. No problems.
If Facebook makes a change that kills the low-tracking front-ends and insists everyone be tracked more, and in response you grovel to them and put up with their new app, then no amount of EU law or App store law was ever going to protect you from yourself. Apple store polices are a red herring, the problem you're actually highlighting is the adversarial relation you have with fb.
That depends entirely on how much friction there is involved in the process. I think you know and Facebook knows that technical hoops at the level of, say, enabling developer menus on Android is a bridge too far for the average tech illiterate user.
Reminder that Epic tried this with Fortnite and eventually went back on the play store. And this was on the platform that had sideloading since day one.
I think this depends on how much friction side-loading ends up being. If I can just click a link and hit "run" like I can on a computer, yeah it could be an issue.
If it requires diving in to Settings or connecting the phone to a computer -- Facebook would never abandon the App Store, friction to using side-loading would be too high.
Without this becoming a rant, what fraction of that "security" is protecting you from nothing more than apps that didn't pay the Apple tax. You must admit, the narrative that only approved apps are "good"/"safe" is insanely self serving and conveniently hard to falsify.