I am technical and I still don't quite grasp the reasoning. Why does it matter if a browser makes available a non-standard API? And why is this a concern for mobile and not desktops?
Apple doesn't want app developers to deflect responsibility of user data siphoning off onto third-party websites or parties. Think the contacts API - the user might grant the app access to it in general, but then facebook.com could try to access them via a special browser API; if there aren't any extra prompts within the browser's code asking for user permission, this could lead to the site siphoning off user contacts without the user knowing.