{"id":50388,"date":"2025-12-10T16:12:13","date_gmt":"2025-12-10T21:12:13","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=50388"},"modified":"2025-12-10T16:15:05","modified_gmt":"2025-12-10T21:15:05","slug":"sanctioned-entities-slip-through-app-store-controls","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2025\/12\/10\/sanctioned-entities-slip-through-app-store-controls\/","title":{"rendered":"Sanctioned Entities Slip Through App Store Controls"},"content":{"rendered":"

Tim Hardwick<\/a> (Hacker News<\/a>):<\/p>\n

\n

The Tech Transparency Project<\/a>, a non-profit advocacy group, flagged 52 apps in the App Store that had links to entities found on the Treasury Department’s list of Specially Designated Nationals (SDNs), a designation that prohibits U.S. companies from doing business with them.<\/p>\n

Linked organisations included Russian financial institutions such as Gazprombank and National Standard Bank propping up Moscow’s invasion of Ukraine, and China’s Xinjiang Production and Construction Corps (XPCC), which has been sanctioned for involvement in repression of Uyghur minorities. Another app was run by a company owned by an accused Lithuanian drug trafficker.<\/p>\n

The linked entities reportedly used name variants, shell developers, or partial references to obscure their sanctions status.<\/p>\n

[…]<\/p>\n

Legal experts say that [2019] agreement increases Apple’s exposure now, since the latest similar lapses suggest its promised improvements were insufficient. The findings also call into question Apple’s long-standing claim that its App Store provides a “safe and trusted” environment for users.<\/p>\n<\/blockquote>\n\n

Given what gets through App Review<\/a>, I’m sure you’re shocked that Apple’s sanctions status matching didn’t account for “spelling and capitalization variations” or “country-specific business suffixes.” Apple subsequently removed 35 of the apps but disputes that the others were in violation. The Google Play Store had 18 violations.<\/p>\n\n

Previously:<\/p>\n