Exactly, plus the fact that Android seems to manage just fine without the notarization requirement would suggest that too could be invalidated by the Commission.
I'm not supportive of Apple at all in this but to say that Android works "fine" without notarisation is a stretch[1].
Apple already has already implemented a perfectly functional balance between security and developers rights on the Mac, they just need to adopt that model on iPhone.
> Apple already has already implemented a perfectly functional balance between security and developers rights on the Mac
They really haven't - some APIs are locked behind entitlements that you can only get by paying the developer fee and requesting it specially from Apple. Among other nuisances.
Only when an app is distributed from their store though? You can request a developer certificate, notarise your apps and deploy them from your website using any API you desire...
That's incorrect, some MacOS APIs (I'm not sure why you think a website is involved here?) require special entitlements (regardless of how they're distributed) and you cannot use them with a normal developer certificate - you need to pay the Apple tax and speak with someone at Apple directly to get them.
If they follow the Mac model of non-notarized app packages being installable with a warning (which can he disabled system-wide with a hidden setting) then that's basically equivalent to the Android model, which requires jumping through extra hoops to enable third-party app installs as well.
People will be tricked into jumping through all of those hoops to install malware on their phones, but people are already tricked into harming themselves via their phones all the time on iOS and Android alike. People are ticked into using their (legit) bank apps to send money to fraudsters, into downloading (from the App Store) NFT scam apps, into downloading (from the App Store) scammy and predatory apps disguised as free colorful puzzle games. What does this proposed malware do? Surreptitiously record location data? Trick the user into parting from their money? Pop up unexpected ads and redirects? Apple's blessed apps already do all of that. What bad behavior is possible in from within an app sandbox that isn't common practice on the App Store? The only thing that comes to mind is location recording and sending of that information to the attacker, ie a spying GPS app installed by an abuser. The platform-level way to fix that would be to allow users to provide apps spoofed locations without informing the app that the location isn't real, which Apple won't do because... it would harm Netflix and Niantic's business model, I guess?
Read recital 62 on page 16 of the DMA. Then read Article 6(4) on page 35.
Gatekeepers are allowed to gatekeep as long as it is fairly applied. That includes charging money for access to the platform and to install software.
Article 6(7) on page 36, says that once software is installed, access to the system services, APIs and ABIs must be free of charge. BUT THAT IS ONLY AFTER THE SOFTWARE IS INSTALLED. You are conflating two different things.
It allows for security measures, that's the only justification for restricting interoperability at all. The "free of charge" for when it's allowed still stands.
Security is a really good reason to restrict access to the system from anything other than installed software.
My best guess is that you are either confused as to what "installed" means, or you want the DMA to be more than it can be, and are so angry that Apple is flaunting its limitations that you aren't thinking rationally.
If you want to make a complaint that access to the system services are supposed to be free of charge but aren't, the EC is just going to throw your complaint in the trash. If you want to make a complaint that the Core Technology Fee is an unfair general access condition, you might actually get somewhere :)
