By John Gruber
Next-generation Apple device management for macOS, iOS, iPadOS, and tvOS. Request access.
Jim Dalrymple, on the Dash/App Store affair:
Apple’s anti-fraud team has apparently been working with the developer for some time to stop fraudulent positive reviews, and negative reviews on competitors’ accounts. According to Apple, all attempts to work with the developer have failed, resulting in the account being terminated.
“Almost 1,000 fraudulent reviews were detected across two accounts and 25 apps for this developer so we removed their apps and accounts from the App Store,” Apple spokesperson, Tom Neumayr, said in a statement provided to The Loop on Monday. “Warning was given in advance of the termination and attempts were made to resolve the issue with the developer but they were unsuccessful. We will terminate developer accounts for ratings and review fraud, including actions designed to hurt other developers. This is a responsibility that we take very seriously, on behalf of all of our customers and developers.”
It’s really important to note that this has been going on for quite some time — it’s not a quick decision that Apple made on the spur of the moment last week. In fact, a warning was first sent to the developer two years ago, but the behavior did not change.
From what I’ve been told by sources at Apple, it’s not about Dash, which is a very popular app (and deservedly so). It’s about the other 20-some apps from the same developer, which he apparently published through one or more different developer accounts. I think one reason why the developer community has rallied behind this developer is that the account for Dash had no other apps associated with it. Now that this story is breaking, the developer community is uncovering some of these apps. Most of them are generic consumer utility apps.
I quibble with Dalrymple’s headline: “Apple Responds to Dash Controversy With Proof”. Apple claims they have proof, but they’re not showing it — it’s Apple’s word against the developer’s. Part of this, I think, is that Apple doesn’t want to reveal how their anti-fraud systems work. Part of it too, though, is that they want to protect the privacy of their communications with the developer over the years that they’ve been accusing him of fraud. Quite frankly, Apple doesn’t want to slime him. For example, note that their public statement does not address him by name.
Apple typically lets accusations like this slide. It’s a no-win situation for Apple, publicity-wise: let an accusation stand unanswered and Apple looks like the App Store is run like a banana republic, but if they dispute it, they face the optics of a hundred-billion-dollar Goliath punching down against a small indie developer. This case with Dash gained enough attention that I think they felt they had to respond. Too many developers believed that Apple acted capriciously, when in fact, according to Apple, this was the culmination of a years-long dispute.
One side or the other is lying here. And Apple is adamant that it’s not them.
I’m glad our community assumed the best of another developer and pressured Apple to justify this severe action. We should now accept that they have.
The public often doesn’t get the full story behind decisions and changes they see, but it’s usually not for sinister reasons — it’s often just someone taking the high road and letting another party save face.
Apple states that nearly 1,000 fraudulent reviews were detected — and that they’d given the developer notice and had tried to resolve the issue with him.
If this is true, then it would be hard to say that Apple has done anything wrong. In fact, we want Apple to notice fraudulent reviews (since they harm consumers and other developers), get them removed, and work things out with the developer.
What I’ve done: 3-4 years ago I helped a relative get started by paying for her Apple’s Developer Program Membership using my credit card. I also handed her test hardware that I no longer needed. From then on those accounts were linked in the eyes of Apple. Once that account was involved with review manipulation, my account was closed.
I was not aware my account was linked to another until Apple contacted me Friday, 2 days after closing my account. I was never notified of any kind of wrongdoing before my account was terminated.
What Apple has done: on Friday they told me they’d reactivate my account if I’d make a blog post admitting some wrongdoing. I told them I can’t do that, because I did nothing wrong. On Saturday they told me that they are fine with me writing the truth about what happened, and that if I did that, my account would be restored. Saturday night I sent a blog post draft to Apple and have since waited for their approval.
The story, as best as I can figure out: there are two developer accounts tied to the same credit card, bank account, test devices, and “com.kapeli.*” bundle ID. According to Popescu, the non-Dash account was run by a relative of his, and Popescu was unaware of the review fraud they were committing and unaware that Apple considered that account linked to his own, the one used for Dash.1 Apple’s anti-fraud warnings were all given to the account controlled by Popescu’s relative, and according to Popescu, he was never notified, neither by Apple nor his relative. Neither side is disputing that one of the accounts here was involved with App Store review fraud.
Popescu concludes his response by publishing a recording of a phone call with an Apple representative. Popescu did himself no favors by doing so. For one thing, it’s a breach of trust. But for another, I think Apple comes off well in this recording. They’re bending over backwards to give Popescu another chance and have his account reinstated.
We don’t know what happened between that call and Apple’s statements tonight. I’m guessing Popescu and Apple couldn’t reach an agreement over the wording of the public story, but I think what Apple asked for in that phone call was extremely reasonable.
It seems like Popescu somehow snatched defeat from the jaws of victory. A strange story has gotten a lot stranger. What I don’t get is why Apple went public today, even though Popescu claims to have sent them a draft statement over the weekend and never heard back.
Apple developers: the only thing you know right now is that you don’t know everything. That is the only lesson from this Dash mess.
If, as Popescu claims the two accounts were run by two different developers, it would explain the extreme discrepancy in quality. The account that committed review fraud was publishing dozens of, well, rather junky looking apps of dubious utility. The other account only published two apps: Dash for Mac and Dash iOS, both of which are of outstanding quality and utility. It’s circumstantial and obviously subjective, but one account looks like a huckster and the other looks like that of a developer with high integrity. ↩︎