Apple decided not to roll out Siri in EU after denied request for exemption

I think the worst is hugely impactful laws for which exceptions are constantly carved out so nobody can truly evaluate whether the law/reg is a good one or not.

This OP article doesn't really go into it, but they did actually propose a solution to the divide, they just needed more time to develop it. The Reuters article is reporting on one person's response to the proceedings, which involve more details than this particular article covers.

For instance:

> To address those concerns, Apple designed a system called Trusted System Agent, an intermediary that would let competing virtual assistants safely access the same features and capabilities as Siri AI on EU devices. Apple also proposed launching Siri AI in Europe while rolling out the Trusted System Agent gradually over 18 months. The European Commission rejected both proposals, and according to Apple, did not agree to any alternative.

https://thenextweb.com/news/apple-siri-ai-eu-dma-delay-ios-2...

Care to explain? EU is also a jurisdiction, so why would EU law be legal in other areas than EU?

If the law makes sense, that I cannot judge in this case.

The idea that there is such a thing as "law-breaking products" when consumers ACTIVELY CHOOSE TO SPEND THEIR MONEY ON THEM is insane to me. This is authoritarian nonsense.

It is not the state's place to tell people what they should or should not be allowed to buy.

Those numbers make withholding "risky" products a no-brainer strategy. Also, those numbers put a hard limit of how much Apple will want reevaluate their general strategy of tightly integrated first-party software.

I know it’s not quite as simple as that but I do think it shows Apple are more interested in blaming the EU than reducing the potential issues ahead of time.

Maybe the phrasing is unfortunate, but if compliance to the law requires a “redoing”, launching in that market was never a priority in the first place. That’s a completely legitimate choice, but usually companies whining about regulations are making a financial decision rather than an ethical one.

So Google chose to be evil, now they have to rip all the evil out and redo it from scratch. Can't say I have any sympathy. Should have done the right thing from the start.

Yes, but also its much cheaper to build it in at the very start.

When we built pervert glasses research platform, if we'd just ignored the data privacy laws we could have built it much quicker. But, the only reason it took extra time is because

1) we had no idea what we were doing and

2) the lawyers had even less idea, so we had to do a bunch of reading and make a best guess.

Turns out the guesses were right, but it was painful getting the lawyers to understand.

What if I tell you that there's a surprisingly simple, straightforward and above all very cheap solution: don't implement privacy-invading or anti-competitive features in the first place ;)

As a European I'm conflicted because I think this particular set of privacy laws are overreaching bordering on stupid; but "exemptions" for one of the richest corporations on earth would be beyond absurd and infinitely worse.

Let's call it how it is: Android phones allow every competitor to run their chatbot in place of Gemini. Want Perplexity instead of Gemini? You can have it. Samsung launches with Perplexity as of late.

Apple? As always, went into "ay mate, too integrated, can't give the same APIs to competitors" lame excuse.

Then you should have done it right the first time.

Especially in the case of apple or Google. Look at the app store situation. It is very straightforward to do the work for the whole thing to be open to any competitor. But it is hard to try to design and implement a solution to try to not break any regulations but still manage to keep users captive the maximum without having competitor entering our walled garden.

And yet Apple had no major issues complying to the draconical demands of the CCP to sell and operate there. Weird.

Also, it's not like Apple can't afford the manpower for this. They're not a hole in the wall mon & pop shop.

At the same time, this potentially opens up the entire worldwide market (imagine EU iPhones being imported into US to use with OpenAI or Claude Cowork), and they probably made the estimation that keeping EU out is still better value (70% of the market all to themselves) than fair competition in the 100% of the market (I guess they estimate they might get less than 70% in that case).

Or they are hoping that EU customers will want Siri AI enough to campaign for a change, but I'd find that highly unlikely.

The only difference that I can see here is that the standards layer hasn't solidified yet.

This is true of most things that involve legal. Laws are not code, in basically any jurisdiction they are subject to interpretation, and just because you've dotted your Is and crossed your Ts, doesn't mean an enterprising enforcement agency won't still come after you

The intent matters, not the letter of the law. No loopholes, no bad faith interpretation. Just do what the law wants from you, if you make a mistake in good faith, you'll be given leeway to fix it.

> When interpreting EU law, the CJEU pays particular attention to the aim and purpose of EU law (teleological interpretation), rather than focusing exclusively on the wording of the provisions (linguistic interpretation). This is explained by numerous factors, in particular the open-ended and policy-oriented rules of the EU Treaties, as well as by EU legal multilingualism. Under the latter principle, all EU law is equally authentic in all language versions. Hence, the Court cannot rely on the wording of a single version, as a national court can, in order to give an interpretation of the legal provision under consideration. Therefore, in order to decode the meaning of a legal rule, the Court analyses it especially in the light of its purpose (teleological interpretation) as well as its context (systemic interpretation).

https://www.europarl.europa.eu/RegData/etudes/BRIE/2017/5993...

Complying with complex privacy laws is surprisingly orthogonal to making a product with good privacy.

In another regulatory area (not privacy, but something more historically regulated) we ran into strange situations where complying with the letter of the law would require us to walk back things that we had done in a better way. The laws are not simple and they're not written by engineers or even people who understand what future product needs look like.

Here's their argument in their own words: https://www.apple.com/newsroom/2026/06/due-to-dma-siri-ai-de...

EU wants Apple to open 'Siri AI', with access to a personal context, open to other model/AI providers.

Apple says "We can't do this in a privacy preserving way".

You can definitely question what their true motivations are, but it seems pretty plausible that there is a moral case for this system to not be opened up to other providers who may do a worse job at privacy than Apple (especially when you are Apple and you trust yourself).

I think there is a place in these sorts of ecosystems for privileged players. If you buy an iPhone you implicitly must trust Apple to some degree.

The DMA isn't a privacy law. In this case, the DMA would appear to require Apple to open up all user data to any AI agent. That removes the ability to provide privacy protections.

You can argue Apple should do that, but you can't in the same breathe argue for privacy.

Lemma 2: you are obliged by other regulation to offer equal access to user data to third parties, so others can build equivalent functionality (DMA).

Lemma 3: malicious third parties will absolutely try to abuse the access and trick the user into sharing their data by all means possible. You will be held responsible in court of public opinion at minimum and legally at maximum if/when a malicious third party abuses said access.

This is a hard, possibly technically unsolvable problem no matter how much money you might have, because the root issue is not technical, it's the fact that you legally have to give third parties access and no way to control what they do with it - and as others have mentioned in the threads, it's exacerbated by the fact that the regulation doesn't say "this is okay and this is not", it is vague and judges things "by outcome", so you may spend all the time in the world implementing a solution you think will work, and then get hit by fines/lawsuits because the implementation is judged as not sufficient after the fact.

The DMA and the GDPR are laws that at their core make each other more difficult. the stated outcome of the DMA - allowing any vendor/user full access to your device - is not easily supported when solving for privacy.

The requirements are not onerous, it is the basic preemption of monopolist behavior.

Qualifying "random apps" is something that is a true challenge, but that holds regardless of the API being offered — the problem is that Apple saves some programming API only for themselves, instead of introducing acceptable & objective market terms to be met (if deemed unsafe, they could require companies to demonstrate compliance with things like CRA to get access to these APIs).

Do you never install software on your desktop computer?

I’m not saying I believe that’s the real reason here. But it is broadly true. Ask any company that offers a free tier where most of the complaints and problematic customers come from.

This is the bit that's likely hard, because generally keeping safety and privacy guarantees as data flows through the system is extremely hard, and Apple would not be able to guarantee it for other products without large review investment.

But ultimately, they probably just do not want to do it until Siri AI gets a decent marketshare first, so competing agents would have to both build new solutions for the platform once open, but also deal with an incumbent dominant player already on people's phones.

If you wouldn't mind reviewing https://news.ycombinator.com/newsguidelines.html and taking the intended spirit of the site more to heart, we'd be grateful.

One of the issues here is that there are many people with strong opinions that don't understand the thing they have strong opinions about. Which is the normal state of human affairs.

You don't seem to know how backdoors work.

Oppressive regimes mandate that tech companies pre-install apps to protect people from spam calls, or install specific root certificates so they can intercept your traffic and insert a helpful banner into your browsing session to remind you when to pray.

The EU isn't going to ask Apple to add DataCollectionBackdoor(). They are going to demand that in the spirit of freedom and happiness EU companies must have access to Apple users private data.

You want Apple to anonymize a users data, then hand that users data to a third party who knows who the user is? I don't think PCC is doing what you think it's doing.

In exchange, it also less secure, less user friendly, and less popular.

Apple has been working for a while to secure MacOS but it’s hard without breaking compatibility with old processes.

The new Siri has much deeper access to personal data and absolutely can not be trusted being siphoned off to a 3rd party server.

There is a 100% chance this would be used maliciously immediately. Meta would pressure users to install their meta AI agent, which would then go and read the users DMs, and create profiles on all the users who don’t even use Facebook by reading their data from everyone they talk to who did.

Personally I'd much prefer no siri access to app data than allowing evil companies like Meta/TikTok/Etc this level of access.

Sure, 3rd party will get some shit. But if Apple neither protected me on their App Store _or_ on the app stores that they extort, what the fuck is their racket for? As long as Apple keeps this behaviour, they deserve to have their cornflakes pissed in.

Tesla is a good example. Elon Musk became political and anti-EU, which resulted in an irreparable damage of the Tesla brand in Europe. Not for everyone, but a big group of people would never again consider buying a Tesla. As a result Tesla lost market share in Europe.

Apple seems to be on the same path now.

The DMA is also threatening Apple's high profit margins. That's the whole point of the DMA.

Apple is not abiding, because they want to use time to really ensure they have the best assistant, before they allow competitors to build assistants for iPhone that can replace Siri (in the EU only probably)

From Apple's strategy board point of view, no.

It is in fact an antitrust law. It basically argues (correctly in my opinion) that Apple and other companies have created new markets inside of their products. And in those markets they exert total control, including charging developers extortionate fees, forcing them to use their subpar and expensive payment systems or restricting what users can run on the devices they own & a lot of paid money for.

They can ship any feature they want, as long as they give users the option to choose alternative implementation of the feature.

Because it's not self-defeating, what would that even be FAANG packing up and abandoning Europe? Worked out splendid for China.

Oh come on. Apple doesn't want to give up control. That's what this is about. The privacy thing is just to make them look good

Apple wants to implement features that access data locally. It doesn’t want to allow competition for offering those features, but if it did, competitors may use that access to local data to exfiltrate.

So it is about both competition and, as a result of creating competition, privacy.

While I can appreciate the reason for the DMA, people don't have to buy Apple devices, they can buy any type of phone they want and just use the ecosystems provided by these phones.

Apple is free to do what they want. The EU can go and try and build their own iPhone (good luck with that).

Seriously EU folks need to come to down to earth sometime.

How? How do you safely handover effectively every single bit of data on someone’s phone to any third-party company and preserve privacy?

Sure you can try and demand agreements from the third parties but will the EU see that as a move to limit competition?

Ignoring all other concerns it is a rather thorny problem.

I don’t think the EU would accept, and as a user I certainly wouldn’t accept, having to agree to a pop-up every time I used any feature that used any data on my phone that might go to a third-party AI.

Apple frames this as a privacy issue when it's only a brand/control issue.

Apple does not adhere to EU law. It's their task to either go with the local law, or leave their customers hanging. And I rightfully express my disappointment that they currently do the latter.

They’re not going to over a single unproven feature.

Never underestimate the power of a really, really, really irritated counterparty.

This one does not appear to be Apple being a dick, like they have been on the App Store and a number of other things.

access to all of your messages, photos, what's on your screen, browsing history, etc. Apple says hey so we're going to need some time to figure out if we can do that in a way that won't completely fuck over our users.

The point is that if Apple's model gets all that access, they should give others access to those APIs as well, otherwise they are giving themselves benefits over the competition. A company can do that, but not once they are considered a gatekeeper in the EU. It's up to the user to choose an LLM provider that has good privacy rules (or stick with Apple if there is no other provider). That's fair competition, a user can weigh pricing, privacy, etc. and make their own choice. Now they are stuck with Apple and have to get an iCloud+ subscription to fully use the AI features. The 18 month delay is not to figure this out, it's to entrench themselves as much as possible first.

Following your line of reasoning, if Apple had this behavior in 2010-2015, instant messaging applications outside iMessage wouldn't have the option to ask access to your contacts (privacy), no possibility to share a location in a chat (privacy), no means to show notifications (probably privacy too), etc.

It's surprising how much people are willing to do the bidding of tech oligarchs. Remember, this is the company that has spent years doing malicious compliance around the DMA and DSA, why should they be trusted this time?

Interoperability is not free. One of the trades it brings is a notably lowered ceiling in terms of tightness and capabilities, and this persists no matter how many man-hours are poured into engineering the systems that enable it.

The Linux desktop is a great example of this at play. While it's technically worked for decades at this point, it's been a constant struggle to make it a high quality, thoroughly polished experience end to end and that's partly thanks to the unavoidable friction and gaps between layers that comes with interoperability and tens of involved parties.