There are a lot of non-technical requirements for the Apple App Store, for instance on what an application can do with bluetooth, local networking, contacts, photos, and location data - even after the user gives access approval for them.

Another great example is the target of the Apple/Facebook spat currently - Apple has not just said that the developer needs to go through the OS-dialog approval to use the IDFA (identifier for advertising) to track users, but to do _any_ cross-organizational tracking, including using mechanisms that Apple does not have technical protections for.

Apple developer accounts involve real-world identity verification, so that (hopefully) abuse results in an actual ban of the company and people rather than just of a throwaway account.