Speaking Up for Small Developers: Our Founder’s Experience at the UK CMA Roundtable on the DMCC
In April 2025, Mitchel Volkering, founder of vaic.at Software had the opportunity to join a roundtable discussion hosted by the UK’s Competition and Markets Authority (CMA) and ACT | The App Association, about the Digital Markets, Competition and Consumers Bill (DMCC) — legislation that is often described as the UK’s version of the EU’s Digital Markets Act (DMA). I joined a group of fellow ACT members, founders and developers to share our perspectives directly with UK policymakers on what this legislation could mean for small technology businesses like mine.
The conversation quickly made it clear: trust in app stores is paramount for small developers, especially when our apps handle sensitive data. For our own recruitment-focused apps, trust is the foundation of our user relationships. When people download our apps from the Apple App Store, they have confidence not only in our products but also in the platform’s rigorous review process. That layer of trust is critical — users are far less inclined to share sensitive personal data if they’ve downloaded an app from an unknown website or an alternative store with fewer safeguards. Sideloading and alternative stores can also impact the trust users have in the App Store. Bad experiences in other stores damage the trust consumers have in the overall platform and therefore be less willing to experiment with third party developers.
Why Trust Matters More Than Ever
Mitchel shared with the CMA that our experience under the EU’s DMA has been troubling. The loosening of App Store controls has already allowed adult content apps to be marketed as if they were Apple-approved. This corrodes user trust, and for small developers like me, that reputational damage is hard to recover from. Apple and Google should be able to use their expertise to put proportionate, well-considered security measures in place before sweeping regulation is imposed.
Several other founders echoed these concerns, highlighting that:
- The 15% commission fee for small developers is not only fair but also pays for valuable security infrastructure that protects users and developers alike.
- Alternative app distribution carries high risks, especially in terms of piracy, user safety, and brand trust.
Piracy, Security, and the ‘Wild West’ Risk
A recurring theme was piracy — and how the DMA has already worsened it in the EU. One founder shared that since sideloading became available, piracy of their app has increased significantly, even on iOS. These pirated versions can be disguised to look legitimate, meaning unsuspecting users may download unsafe copies without knowing.
Others pointed out that third-party app stores are essentially the Wild West — with inconsistent vetting, minimal accountability, and often no ability to enforce privacy or security standards. Without strong, enforceable baseline requirements from the App Store, the DMCC with sideloading and alternative stores, risks opening the door to serious consumer harm.
Some founders voiced scepticism that the government could effectively regulate multiple app stores. The better approach, they argued — and I agree — is to make the existing platforms work better, not to break them apart.
Why Small Developers Have the Most to Lose
Unlike large companies, small app developers don’t have huge marketing budgets or strong brand recognition to fall back on. We rely on the trust users place in the app stores we distribute through. If that trust is eroded, we can’t simply outspend the problem — and the impact on our businesses can be devastating.
In fact, as one founder put it, it’s easier and safer for small developers to publish on the Apple App Store than to navigate multiple fragmented app store ecosystems. Managing different builds, complying with varying store rules, and policing piracy across platforms would add huge costs — costs many small teams simply cannot absorb.
A Call for Proportionate Regulation
We all agreed that regulation should protect consumers and foster competition — but it must be proportionate and mindful of the unintended consequences. Forcing small developers into unregulated or poorly regulated distribution channels doesn’t level the playing field — it tilts it in favour of the biggest players, who can manage the complexity and absorb the losses.
The CMA asked thoughtful questions about certification of app stores and how PWAs might play a role in avoiding fragmentation. But as several of us pointed out, international enforcement and verification would be extremely difficult. Certification alone won’t solve the deeper issues of trust, piracy, and user safety.
Final Thoughts
It was encouraging to see the CMA engaging directly with small developers on the DMCC. My hope is that they carry forward the message that security, trust, and user safety cannot be compromised in the name of competition. The App Store model is not perfect, but it works for small businesses — and any changes must strengthen, not weaken, the trust users have in downloading our apps.
We are grateful to my fellow founders for their candid insights and to the CMA for opening the door to these important conversations. As the DMCC progresses, we will continue advocating for a balanced approach that keeps the app economy safe, fair, and sustainable — for developers and consumers alike.
UPDATE:
In a recent announcement, the CMA has paused sideloading and alternative marketplaces pushes on Apple platforms. This decision is a positive development for small developers, and while other provisions regarding alternative payment systems are still not fully satisfactory, it suggests that the DMCC is taking corrective action. Conversely, the EU’s DMA and its impact on EU SMEs continue to deteriorate. vaic.at Software will continue to engage in dialogue with the UK Competition and Markets Authority and the European Commission DMA Unit regarding the ongoing process in relation to the DMCC and DMA.
Comments
There are no comments yet.