In Washington, efforts to oversee the digital economy often come with unintended consequences. When these proposals conflict, they risk producing a fragmented regulatory landscape that weakens, rather than strengthens, the very safeguards they aim to improve. The result is a system that confuses responsibilities, stifles innovation, and harms consumers.
Nowhere is this clearer than in the competing bills before Congress seeking to regulate app stores. Lawmakers are actively considering proposals that would simultaneously weaken and tighten platform controls, contradictory mandates that create confusion and leave consumers less safe and less empowered.
This year, lawmakers introduced separate bills that seek to dismantle the cybersecurity and privacy protections that app stores currently provide, the App Store Freedom Act (ASFA) and the Open App Markets Act (OAMA). Both of these bills force app stores to allow sideloading and third-party app stores, requirements that would dismantle the core privacy, security, and interoperability safeguards that give consumers confidence that apps they download have been verified. Forcing app stores to accept apps from unvetted sources risks opening an avenue for bad actors to use tools such as malware, spyware, and other malicious activity to steal data or exploit vulnerabilities that vetted app ecosystems are designed to catch.
Simultaneously, a separate group of lawmakers is pushing a bill known as the App Store Accountability Act, which carries a different, but equally serious, set of problems. Instead of loosening app store privacy and security safeguards, it forces app stores to collect users’ personal information such as age, and act as gatekeepers to block underage users from reaching certain types of content. By imposing broad age-verification mandates, it would require users to hand over sensitive personal data like government IDs or biometric information and share it with third parties for verification. This, ironically, creates new privacy and security risks.
Considered together, these proposals create a fundamental policy tension. One set of proposals, while another. One envisions platforms as neutral conduits with minimal responsibility, seeks to weaken or remove the privacy and security guardrails that currently protect consumers. The other aims to tighten those same guardrails through new mandates by imposing heightened gatekeeping obligations and personal data collection requirements. Taken together, they risk producing a fragmented regulatory framework with contradictory aims, making it harder to craft coherent rules or deliver meaningful protections for all users.
When lawmakers pursue contradictory proposals, they threaten to make compliance harder and weaken consumer protections. With Congress considering dueling mandates for app stores, policymakers are simultaneously pushing in opposite directions, demanding that platforms act as both gatekeepers and bystanders. The result is regulatory confusion, weaker security, and fewer real choices for consumers. If lawmakers are serious about protecting consumers, they need a coherent approach that balances security with innovation. Contradictory mandates only ensure that users are left worse off.