What the UK CMA’s Mobile Ecosystem Proposals Mean for Small App Developers and Startups

 

The UK’s Competition and Markets Authority is reshaping how Apple and Google operate, but will small developers benefit or be left behind?

The UK Competition and Markets Authority (CMA) published new proposed roadmaps setting out how the Digital Markets, Competition and Consumers Act (DMCCA) will apply to the mobile ecosystems operated by Apple and Google. Some of the proposals intended to promote competition are good for small developers. However, others could have unintended consequences for the small businesses that make up the backbone of the UK’s £38.4 billion app economy.

While ACT | The App Association welcomed the CMA’s decision to pause plans to mandate third-party app stores and sideloading (a step that responds to concerns raised by the small developers, startups, and software companies we represent), several other proposals in the CMA’s roadmaps continue to raise concerns for our members, particularly around security, transparency, and implementation. Here’s a closer look at what’s on the table.

What the CMA is proposing

The CMA is using its new powers under the DMCCA to address perceived imbalances in the mobile platform market. Both Apple and Google have been designated as having Strategic Market Status (SMS), meaning they must follow new rules aimed at improving platform access and competition. Key proposals in the CMA’s current roadmaps include:

• App store review: More transparent app review processes and clearer reasons for rejections, leading to fewer unexplained delays. Safeguards against the misuse of review data to develop competing apps.
• Mobile browsers: iOS must allow alternative browser engines; Android browser choice screens must not prefer Google’s products over third-party options.
• External pricing: Developers must have the ability to direct users to alternative payment options outside the app stores.
• AI transparency: The CMA requires more clarity on how AI tools impact app rankings, discovery, and engagement.
• Interoperability: Platform features and services such as messaging, payments, or voice assistants must work more seamlessly with third-party apps.
• Alternative app distribution: Proposals to allow sideloading and third-party app stores have been paused, pending further analysis.

The role of small developers in the UK app economy

Startups and small technology companies are the backbone of the UK’s £38.4 billion app economy, supporting around 400,000 jobs.  As the CMA considers its next steps, the needs and perspectives of small businesses must remain at the centre of policymaking.

Too often, calls for more drastic interventions come from a few global firms with the loudest voices and deepest pockets. These companies represent only a fraction of the app development ecosystem, yet they often dominate public and regulatory discourse. Small companies frequently rely on the tools and protections provided by curated online marketplaces (COMs), like Apple’s App Store and Google Play, to reduce overhead and build trust with users. These platforms offer critical infrastructure for small developers, including built-in data protection and privacy compliance, subscription and payment infrastructure, and app vetting processes that reduce exposure to fraud and malware. Without this digital infrastructure, smaller developers would face increased overhead and struggle to earn or maintain consumer trust.

The CMA’s decision to hit pause on third-party app stores and sideloading followed consistent feedback from small app developers, including our members, who highlighted the risks these proposals pose to consumer safety and confidence. Security is crucial to the ongoing success of small developers, who rely on the trust consumers have to download and subscribe to apps made by small developers without a recognisable brand.

Ongoing concerns for startups and small tech

While the pause on sideloading is welcome, several remaining proposals continue to raise concerns for smaller firms, particularly around security, engineering demands, and compliance risks. We’ve long cautioned against reforms that undermine secure, trusted platforms. The CMA’s pause on sideloading shows recognition of how important these systems are, not merely for consumers, but also for the viability of the developers who depend on them. That same consideration must now be applied to the rest of the roadmap. Key areas of concern include:

• Mobile browsers: Opening browser choice must not compromise user safety.
• Interoperability requirements: New mandates may increase engineering and compliance demands for developers, with no guarantee of benefit and the danger of compromising the privacy and security of end users.
• Platform data access: Transparency is important, but any new data-sharing rules must avoid introducing additional privacy or compliance burdens.

What comes next

The CMA will continue its consultation process and plans to refine the roadmaps before implementation. We will remain closely engaged in these discussions and encourage startups and small app developers to stay informed and share their perspectives.

This is a critical moment for the future of the UK app economy. Your input now could help shape a regulatory environment that rewards innovation, not litigation. Do you want to get involved?  Contact Stephen Tulip to engage with the App Association to help shape our response.