As the European Union (EU) implements new policies and regulations for their digital market, it must carefully balance economic considerations alongside access, privacy, and security. Unfortunately, the mobile app store provisions of the Digital Markets Act (DMA) could undermine foundational security controls that have made the mobile phone ecosystem so trustworthy and resilient. The Center for Cybersecurity Policy & Law is concerned that a proliferation of ways to install apps will be overwhelming to users and open numerous avenues for bad actors to exploit them. This is not to suggest that there is nothing that can be done to protect users, but it will take action from companies and the users themselves to make sure that they are protected in ways they have not had to in the past. This paper outlines potential risks to EU citizens, their devices and data, as well as approaches to mitigating those risks. We conclude with recommendations to help regulators and policymakers ensure that users can continue to trust the mobile ecosystem, and how to mitigate potential security implications for users and enterprises. We hope this paper will also provide insights for other countries as they look to foster competition in their own digital markets while protecting the security and privacy of their citizens.

To download the paper in Korean click here.

To download the paper in Spanish click here.

To download the paper in Japanese click here.

To download the paper in Turkish click here.

To download the paper in Portuguese click here.

‍