> 4.5.4 Push Notifications must not be required for the app to function, and should not be used to send sensitive personal or confidential information. Push Notifications should not be used for promotions or direct marketing purposes unless customers have explicitly opted in to receive them via consent language displayed in your app’s UI, and you provide a method in your app for a user to opt out from receiving such messages. Abuse of these services may result in revocation of your privileges.
Interesting. I feel like this clause is violated very often by major apps:
> Push Notifications should not be used for promotions or direct marketing purposes unless customers have explicitly opted in to receive them via consent language displayed in your app’s UI, and you provide a method in your app for a user to opt out from receiving such messages.
Uber violates this. At least as of a few years ago, there was no way to get notifications about driver arrival without also getting special offer and Uber Eats spam notifications periodically. Not only was there no opt-in consent, there was no way to turn them off without disabling the status updates.
It's particularly bad when apps with legitimate time-sensitive functionality do this.
I denied the app the ability to send any notifications on principle, and now it's very annoying to have to check the app to see the driver status. It makes things worse for both me and them and I use it less as a result.
At the point in time when I disabled notifications for the app, it did not. I tried that. Even after navigating dark patterns, digging into the menus, and turning those options off, I still received promotion notifications.
Perhaps they've fixed it since? I don't know because they've already burned my trust and they've done nothing to earn it back. Publicly acknowledging and apologizing for this would have been a way to start getting off my list of bad actors.
Even if they've made it possible to successfully turn those off deep in the menus now, whatever dreamed-up definition of "opted in" it's operating under is a tortured legalistic one that undermines the actual meaning and spirit of opting in.
I can sympathize. I don’t know about uber in particular but it gets quite tiring trying to find and follow these obscure settings.
And what’s worse is that the companies always seem to find a way to reset it to what they want quite frequently. One of their tricks is to reorganize permissions frequently so the ones that allow their spam to get through are always new.
I had to completely turn off notifications for Instagram because none of the provided settings appear to disable the almost-daily "for you" and "trending" notifications. Now I don't get notified when someone DMs me there, which has lead to me missing important messages.
Same. And I used to work there, and I raised it with them. They have all their career incentives aligned to getting people to see spammy notifications. I was powerless.
The problem with the user hostility is that, in the long term, people don't use it.
As a web dev I see so many things that are lights-on-nobody-home about Meta. The Meta app on my phone generates numerous notifications, when I get one that says a game that looks really cool is 50% off, clicking on it doesn't send me to the landing page in the their app store, it sends me to the senseless home page of the app which seems to have the message "move on folks, nothing to see here"
The Instagram web application fails to load the first time I load it on my computer and I have to always reload. On either Facebook or Instagram I am always getting harassed by OnlyFans models that want me to engage with them... on the same platform where I engage with my sister-in-law.
When they say they are "careless people" I wonder if they are not just careless about sexual harassment and genocide but careless about making money because we're in a postcapitalist hell where Zuck could care less for making money for his shareholders but rather gets a squee from sitting behind Trump at his inauguration and hires people with $100M packages not because he wants them to work with him but because he doesn't want them to work with someone else.
I went through a couple rounds of trying to raise specifically this issue with support before simply uninstalling the app out of principle. They had their chance and burned it.
1. your profile icon (bottom right) > hamburger menu (top right) > Notifications > Posts, stories, and comments > turn off ‘Posts suggested for you’ and ‘Notes’
2. on the same screen, set ‘First posts and stories’ to ‘From people I follow’
3. back out to Notifications > Live and reels > turn off ‘Recently uploaded reels’ and ‘Reels suggested for you’
This works for me, but if you’re still getting notifications you don’t want, you’ll have to figure out what category/type they fall under and turn that off.
Yes, unfortunately, they have changed their permissions structure a few times, and each time I have had to go back in and re-configure it so that the ads don't show up. It's quite annoying, they seem to be doing everything they can to follow the letter of the law while disobeying its spirit.
I discovered this a few months ago - it's worth spending the 60 seconds to update these settings to get rid of Uber's terrible promotion notifications!
It's interesting that 600MB can be perceived as both trivial (e.g. on a fiber connection this is a matter of seconds) and excruciating (e.g. on a rural satellite line this could be 15-20+ minutes).
can't find what you're talking about. Per ChatGPT, "In iOS, there is no universal path like Account > Settings > Communication > Marketing Preferences across the system. That type of menu usually appears within individual apps or websites, not in iPhone’s system-wide Settings."
So does "Too Good To Go". Missed a pickup notification because I didn't remember having angrily turned off all notifications one day, since they don't have any more fine-grained option.
I let their support know, but they don't care. I guess as long as it still brings in more additional sales than it costs in lost users, it works for them.
This is something I like better on Android: As far as I remember, separate "notification channels" are mandatory there, and deactivating a given one is possible purely from the OS notification UI, without having to dig through inconsistent and hidden in-app options.
I definitely get unmutable notifications on Android from my first-party phone manufacturer bloatware apps, which is the equivalent here. Would I like to see the new Themes in the Theme Marketplace?
Pretty sure I've had marketing notifications on third party apps I couldn't disable without losing functionality, too. Separate notification channels might be mandatory in theory, but even if so, the Play Store is worse at policing that kind of thing in practice than Apple.
It's still fundamentally down to app to properly use those multiple channels even on Android; if they want to, they can shove ads down the main channel instead.
This is one of those cases where ultimately the app stores need to have a rule about it, and actively enforce it with hefty penalties for non-compliance.
Curiously I have the opposite problem with Too Good To Go - they never give me notifications of available things I might be interested in, even though I've set that I want them.
This is on Android though, so perhaps an ecosystem difference?
I uninstall even if I do not have alternatives, I install/delete Uber every time I use it. When I need a ride with them I install it, when the ride is over I tip the driver and delete the app. Every single time, no exceptions
I’ve said several times before that notifications should be reportable as spam directly to Google/Apple, just like email spam reporting.
Google tried to tackle this with notification channels, but the onus falls on the developer to actually use them honestly. No company trying to draw attention back to their app with advertisement notifications will willingly name a notification channel “advertisements” or “user re-engagement” or similar — they’ll just interleave spam with all the non-spam. This API from G hasn’t worked.
There should be a public API, open to any user-designated program (including self-made, without requiring any special hoops to obtain any fancy entitlements), that can act as a "firewall" for all notifications (except, possibly, for few system-critical ones), allowing it to control and modify those as it seems fit.
Applications can interact with notifications on the user's behalf via the accessibility permission - I do this with KDE Connect. I don't know what the limitations are.
Last time I've checked, kdeconnect-ios was unable to read any third-party notifications, not to mention doing anything to them or modifying their text or appearance in any way.
Sounds great! Until your grandpa downloads a notification filter than really just forwards all his notifications to the bad guys so they can hack all his accounts
Precisely this. There needs to be an API that all apps have to use not only for notifications but also for getting your contacts, your phone's location, etc. that is spoofable by the user. Or better yet, an AI program that runs entirely on the phone and does the spoofing automatically and entirely on behalf of the user.
Let the enshittified apps' ads interact with your AI agent and steal your fake "data" in the background without bothering the user.
Also important: It must be IMPOSSIBLE for any app to detect that its requests are being intercepted by your agent. (If they can tell, they'll refuse to work until you give them direct access.)
This is a real killer app for AI but you'll never get VC funding to build it.
But of course you need a rooted phone, and rooted phones can't run banking apps, tap-to-pay, Netflix, Pokemon Go, blah blah..
The notification "firewall" is probably not impossible to make. I use Pushbullet, it mirrors notifications to my computer (to the browser extension to be exact), and I can already dismiss notifications coming into my phone from the computer. It should be possible to make an app that intercepts all notifications, analyzes their contents and dismiss them if they're spam...
> Google tried to tackle this with notification channels, but the onus falls on the developer to actually use them honestly. No company trying to draw attention back to their app with advertisement notifications will willingly name a notification channel “advertisements” or “user re-engagement” or similar — they’ll just interleave spam with all the non-spam. This API from G hasn’t worked.
Revolut are really annoying for this. I'm sure there's a few spare days In their development cycle for someone to implement it if they wanted to, but instead they keep everything on the same channel which is 50% promo shit, because you don't want to miss that notification warning you about fraudulent activity on your card.
We also need some kind of (privacy friendly) open rate tracking and spam protection.
If many users receive a new kind of notification, using a new template, with low open rates, and uncorrelated with app activity, somebody at Apple should at least give it a 5-second glance and decide between "false positive" and "needs to be elevated"
Same I think I denied the wallet app the ability to notify me after this ad. It’s so ingrained in me that I don’t think about it anymore… if I see an add in a notification I just immediately swipe, settings, turn off
Why not just use the mobile website then? An app icon is itself equivalent to having a billboard on your homescreen. What is the app providing besides notifications that necessitates its use?
It would only violate App Store guidelines if Apple forces itself to agree to, and be bound by them. I think it's arguable that they probably do not, and so they didn't violate the guidelines because they're not bound by them.
Wouldn’t the guidelines apply to anyone using it who doesn’t have specific, legal, written exemptions? Not to say they don’t have it, but simply hand-waving “well they wrote it so it doesn’t have to apply to them” doesn’t seem quite as simple to me. I could be wrong!
The whole point of an agreement is that it sets out what parties will do for each other, and what happens if there is a breach.
Apple could already do things with the App Store without needing to agree to something to get Apple to let Apple do App Store things.
Apple is not going to sue themselves for being in breach.
etc.
Just because there's e.g. a license agreement doesn't mean you need to agree to something, if you are somehow otherwise authorized to do the thing. E.g. fair use, or you have a pre-existing right or ownership, or whatever.
No. Apple does not sign up for an Apple Developer account. Contracts with oneself aren't even meaningful.
This is a common tech enthusiast fallacy: thinking that law is code. So there must be some "if app published, there must be a developer account, and if the developer account violates the rule the app must be removed". It just doesn't work that way.
Apple has contracts with third parties to allow them to distribute apps in Apple's App Store. That's it.
The law definitely is not code, but the law could require Apple to follow the same requirements they set for others. Then the government could sue Apple (or otherwise enforce this behavior.)
This is the reason why anti-trust agencies don’t like this. Apple (with its App Store) is a gatekeeper and in Europe at least it should not favor its own apps over the others(i.e maps, payments, AI integrations etc). It should play fair.
“Fair” meaning that an app that was designed from the ground up by the same people that created the device and operating system should get the same attention as a malware-ridden hack from six years ago?
What does fair even mean here? Ensuring the advantages of vertical integration can’t be enjoyed by users?
No, it’s really not. The law is not intended to be deterministic or efficient, and it is neither. Law explicitly leaves room for human judgment and context in ways code doesn’t and shouldn’t.
While I am in agreement about the common tech enthusiast, or perhaps just dev, mental failings regarding law, I feel obligated to point out that App store guidelines written by the company running the app store are not law.
Resido - the app for honeywell smart thermostats - requires notifications to be enabled to view or manage your thermostat settings or run time history. This is relatively recent because I had disabled notifications over a year ago due to it pushing ads to me.
The good news is you can limit it to only showing badges, but you have to at least have that enabled or it just freezes on a blank screen after telling you to edit your settings.
What an awful app too. It doesn't refresh the current temperature without force-quitting and restarting. Not as bad as my water heater app though. Couldn't get it to pair after 30 mins of headbanging, finally got through to their support who told me that the app usually doesn't work and they don't know why, and that I shouldn't bother trying.
It was annoying because my previous house had some z-wave enabled thermostats I could manage through the alarm system without any of that BS, I thought the honeywell in this rental would be nicer but all it's done is confirm I'll be using something other than honeywell controls in my next house.
Never knew this before - OfferUp is a huge violator of this where they will push notification containing only advertisements with a loud notification that is identical to those used when someone makes you an offer. There is also no way to disable those promotional notifications without disabling all notifications from the app.
A lot of companies violate that policy, and it quickly leads me to uninstall the app when they do.
I didn’t get the F1 ad though (at least not yet).
I have seen Apple abusing notifications in other areas to push their subscription services though, and it a problematic trend. It makes them look cheap and desperate.
I hope this impacts current or future lawsuits regarding anticompetitive app store practices. It's a clear example of the unfair playing field Apple runs.
Lord help us if “what’s good for the goose is good for the gander,” and the remedy (or the portent [0]) is throwing open the platform to everyone to advertise this way…
That element of “well it’s different when we do it” is what’s so unclassy here. And, like… so weirdly un-self-aware.
And all for a coupon for a garden-variety movie?! The movie doesn’t have anything to do with Apple, other than being made on their dime. What a strange purpose for which to piss away your perch above the fray.
At least save this intrusion for when you’re pushing a magical new self-driving Apple Car or something!
You cannot possibly know that. Regardless of how many instances of infractions you know of you cannot know how many instances didn't occur because of the rule and you cannot know how the known infractions were punished by Apple behind closed doors. The very existence of this rule is what makes the playing field unfair.
Uber does this all the time to me. It’s so frustrating. I allow notifications from uber when I don’t from most apps because they are useful when a ride is incoming. Yet I get random spam notifications. I wish Apple would stand up for their own rules and do something about it but since they don’t even enforce this rule on themselves what hope is there
you probably agreed to it in the 1000+ pages of privacy policy you get at the start of setting up an iphone. And there is not one checkbox for opting out.
I've always wondered why apple feels entitled to do stuff like say "privacy is a right" while simultaneously collecting enormous amounts of data from your phone.
I think back to the dan ariely investigation into dishonestly showed that disclaimers (like license agreements/privacy statements) are pretty much the gateway to bad behavior. it's like carte blanche to do whatever they want.
