Ingratitude is one of the chief faults of human nature and, consequently, one of the strongest of all the forces in politics. Too often, proposed intrusions into the market are predicated on nothing more than a great forgetting of what benefits the market provides, benefits that can be had only in an atmosphere of economic freedom. Would-be planners assume that tinkering with one aspect of an industry’s operations will not muck up the whole.
An illustrative instance of this phenomenon is debates over regulating app stores. What Europe did with its Digital Markets Act, some on Capitol Hill wish to do with the American Innovation and Choice Online Act (AICOA), reintroduced Wednesday night in the 119th Congress. This coalition seeks, inter alia, a “sideloading” mandate: compelling operating systems to allow users to download applications from any third-party digital storefront, not just from the well-curated Apple App Store and Google Play. The impact of this proposal, advanced purportedly to increase consumer choice and competition, would, albeit inadvertently, fracture cybersecurity protections on which consumers rely to preserve their cybersecurity.
Trusted app stores are sheepdogs, keeping malware from entering the paddock. The malware business is sophisticated—far too sophisticated for the average user to confront without help. As might be expected, iPhone users, whose devices maintain high barriers against third-party downloads, succumb to malware at very low rates.
The scale of the project of app vetting, moreover, requires centralized oversight. In a recent news release, Apple reported “evaluat[ing] more than 9.1 million app submissions [in 2025], helping to welcome over 306,000 new developers to the platform. In addition, the team rejected over 2 million app submissions—including over 1.2 million new apps and nearly 800,000 app updates—for failing to adhere to the App Review Guidelines.” In addition, “Apple terminated 193,000 developer accounts over fraud concerns and rejected more than 138,000 developer enrollments.” That same year, Google for its part “prevented over 1.75 million policy-violating apps from being published on Google Play and banned more than 80,000 bad developer accounts that attempted to publish harmful apps” (emphasis removed). In the relative safety of these stores, users can assume, reasonably, that most any application available for download is safe and secure.
Parents in particular should fear the importation of European sideloading mandates to American shores. In the United States, parents who put iPhones in their children’s pockets can have confidence that certain kinds of applications—pornography applications, for instance—are not stocked on the digital shelves of the App Store and cannot be downloaded from third-party stores. In the European Union, however, the DMA’s provisions ensured that “an iPhone porn app called Hot Tub is available…from one of the non-Apple mini app stores” created in the wake of the law (as The Washington Post reported). Lawmakers can have either the robust competition of the market, which brings along with it cybersecurity protections and other features valued by consumers, or a bespoke, abstract theory of “competition” cherished by academics and bureaucrats, which subjugates consumers’ revealed preferences to technocratic wish casting.
It bears noting that if a user prefers to sideload, he may do so. If he chooses to hazard risks of sideloading for the sake of gaining more flexibility, he may do so. The effect of the DMA—and AICOA would do the same—is to render such high-security devices illegal, stripping users of the choice to buy them. Interventionist technology policy rarely succeeds in limiting its effects to the stated object of intervention. Instead, the effects of regulation radiate outward, damaging technological features users value. The “problems” perceived by meddlesome regulators in tech markets beget interventions; those interventions beget genuine problems, with which users are left to contend. The EU has provided Americans with myriad case studies on the effects of interventionist technology policy; American lawmakers have only to study them to know that AICOA and other proposals copied from the European regulatory code should not be brought stateside.
