Hacker News new | ask | show | jobs
by phartenfeller 844 days ago
I think removing persistent storage and the ability to add websites to the home screen makes it obvious what their strategy is. The EU shows that they want interoperability for big players like they do with messenger interoperability in the DMA. The web is such a fundamental standard and its interoperability is so important I guess the EU will fine Apple for such behavior. The question is how soon this will happen.
3 comments
reddalo 844 days ago
I seriously hope the EU will intervene on this -- it's outrageous and malicious compliance.
link
JimDabell 844 days ago
> Removing persistent storage

They aren’t making any policy changes relating to storage.

Apple have been progressively locking down methods websites use to persistently track people for privacy reasons. All forms of permanent storage (e.g. cookies, local storage) are limited to a seven day lifetime unless the user interacts with that website / web app. If the user keeps visiting the website / web app at least once a week, the storage remains.

Another thing Apple have been doing is using the act of installing a PWA as a signal that it should be trusted more than anything you happen to come across in a browser. So the seven day lifecycle doesn’t apply to PWAs that you install to the home screen.

What is happening now is that because PWAs installed to the home screen are no longer available in the EU, people use those PWAs through a web browser. And due to this, the seven days lifetime without user interaction starts to apply.

It’s a problem, but this specific thing isn’t a recent policy change from Apple regarding storage, it’s fallout from PWAs not having the elevated privileges from being installed to the home screen.

link
the_gipsy 844 days ago
So - effectively, apple is crippling PWAs exactly as being said. Got it.
link
JimDabell 844 days ago
I’m saying that Apple’s policy specifically regarding storage is the same as it was back in 2019.
link
rictic 844 days ago
"I didn't delete your files, I moved them from the bucket where they aren't deleted to the bucket where they are deleted, and then according to my own policies, I deleted them. This change is mandatory."

It's a policy change that impacts storage and has the practical effect that PWAs on iOS in the EU have had the persistent storage feature removed with no replacement.

Seems fair to gloss that as "Removing persistent storage."

link
JimDabell 844 days ago
> It's a policy change that impacts storage

I agree. It has a knock-on effect. But their storage policy hasn’t changed, a different policy has.

> Seems fair to gloss that as "Removing persistent storage."

The problem is when you try to determine their intent from the misunderstanding that they have changed their policy specifically regarding storage. They haven’t done this. Their storage policy is the same as it has been for years.

link
mdhb 844 days ago
And yet pretending this new approach to PWAs is somehow business as usual is incredibly disingenuous.
link
JimDabell 844 days ago
I haven‘t said anything of the sort.
link
lo0dot0 844 days ago
They could just make cookies a user choice, but it's Apple we are talking about here, it's all about hard coding and hand holding.
link
throwitaway1123 844 days ago
Agreed. I'm actually receptive to the idea that persistent storage is a privacy issue, but the solution is to ask the user, not delete their data after a week of inactivity. This policy actually creates a perverse incentive for PWAs to store user data on the server where privacy is even more of an issue rather than store it locally in IndexedDB/localStorage, since the local data is ephemeral. It would be akin to native mobile apps having their data removed after a week of inactivity, and them responding by storing all user data in the cloud behind a login wall.
link
veeti 844 days ago
It really makes me wonder what makes people engage in such pointless semantic handwringing like this. Your comment even acknowledges the end result: support for PWA's and as a result persistent storage has been removed. Do you think that end users care that you can make some theoretical mental gymnastic argument about how there hasn't been a "policy change" when from any practical point of view there actually has been one?
link
JimDabell 844 days ago
It’s not pointless semantic handwringing. I was specifically responding to this:

> I think removing persistent storage and the ability to add websites to the home screen makes it obvious what their strategy is.

Inferring their motives from a policy change that hasn’t taken place is pointless.

This would have been a reasonable thing to say:

> I think removing the ability to add websites to the home screen makes it obvious what their strategy is.

Specifically referring to the removal of persistent storage as if it were a policy change they are currently enacting is counterfactual.

link
rezonant 844 days ago
The argument is pedantic.
link
pmontra 844 days ago
You are correct but Apple might get away with that because those users bought Apple phones because they like Apple and those phones. Some of those users might also not like the EU but that's not important. They made an explicit pro Apple choice as customers and they'll defend their choice not to concede that they were wrong at trusting Apple. The blame will be on the EU. Those bureacrats in Brussels...
link
ThePhysicist 844 days ago
The 7 day limit only applies to third-party cookies / storage, that has nothing to do with progressive web apps.
link
JimDabell 844 days ago
That’s incorrect. See the section Capped Lifetime For All Script-Writeable Website Data:

https://webkit.org/blog/9521/intelligent-tracking-prevention...

link
ThePhysicist 844 days ago
That's only for tracking-related cookies/storage as detected by Safari, regular cookies e.g. for authentication or storage of app-related data are not affected by this at all.
link
rezonant 844 days ago
No I think you are mistaking the mechanism that enables this policy for some kind of Safari magic that tries to detect the purpose of the stored data.

https://developer.mozilla.org/en-US/docs/Web/API/Storage_API...

> Safari proactively evicts data when cross-site tracking prevention is turned on. If an origin has no user interaction, such as click or tap, in the last seven days of browser use, its data created from script will be deleted. Cookies set by server are exempt from this eviction.

It doesn't matter what the data actually is or whether it is used to track users. Safari deletes it.

link
pantulis 844 days ago
> I guess the EU will fine Apple for such behavior. The question is how soon this will happen

Too late, I'm afraid. Apple has pulled a really smart trick against the tons of paper written by EU commissioners.

link
t0mas88 844 days ago
Really smart tricks can buy you a few years, but in the end either you'll get sued for not complying with the intention of the law or the law gets changed to kill your trick.

The legal system doesn't like tricks, a "yes but I did X in a really clever way so it's not X" defence doesn't usually work.

link
Xelbair 844 days ago
I think you aren't aware that EU courts judge on intent, not letter of the law.
link
pantulis 844 days ago
I did not mean to say that Apple will get away with this, it's just that I don't expect the EU to be exactly fast in its response. As the FA says, it will take its sweet time and by then Apple will have reinforced their dominant position. Of course Apple and their legal teams already know that.
link
pantulis 844 days ago
Well that happened really fast

https://www.ft.com/content/d2f7328c-5851-4f16-8f8d-93f0098b6...

link
deanishe 842 days ago
What? It's paywalled.
link
pantulis 842 days ago
Sorry! https://archive.is/vbPfD
link