As Apple's court case with Epic nears the App Store's 30% cut as come under heavy scrutiny. Apple's refrain is basically this cut funds the App Store and is used to keep customers safe. I want to focus on the "keeping customers safe" bit, and offer proof this is an outright lie.

In truth, there are 2 distinct ways App Store customers are kept safe from malware and otherwise nefarious actors:
1. App Review: human & automated reviews
2. iOS API Design: limits/controls the data & parts of iOS that are made accessible to 3rd party developers

Apple claim the App Review process keeps customers safe from nefarious apps. It’s impossible to say how many scams App Review catches, but we can say definitively that this process is inherently flawed. To circumvent App Store rules, a developer needs only to:

1. Submit an app update that includes the code for the circumventing behavior, but disable it via a feature toggle while Apple is reviewing the app.
2. Upon Apple approving the app update, change this feature toggle to enable the circumventing behavior. https://en.wikipedia.org/wiki/Feature_toggle

Voila. The App Store guidelines are circumvented. This is *literally* what Fortnite did when it enabled direct payments on iOS. That App Review failed to catch this is all the evidence one needs that App Review is a flawed process that can be circumvented.

In reality, by far the most effective means of customers being protected on iOS is due not to App Review but iOS API Design. This process cannot be circumvented. It is iOS API Design, not App Review, that prevents apps doing things such as:

It's literally baked into iOS that no app can freely perform any of these actions. iOS users are 100% protected from these attacks & this is 100% due to iOS API Design, not App Review.
If App Store review was abolished tomorrow, iOS API Design protections would remain in place.

This is to say @tim_cook's "If you had sideloading you would break [iOS]'s privacy and security model" statement to @karaswisher is an outright lie.

I'd like to think @TimSweeneyEpic's lawyers could prove this statement is perjury if said under oath. https://pca.st/2jgncm00#t=1229 

The list of ways consumers could be legitimately harmed if App Review was abolished is in fact extremely limited (such as apps employing scammy purchases or displaying unauthorized content).
Spoiler: these scams are rampant on the App Store in 2021. https://www.theverge.com/2021/4/21/22385859/apple-app-store-scams-fraud-review-enforcement-top-grossing-kosta-eleftheriou

It would be helpful for media/regulators covering/investigating the App Store to understand the difference between App Review & iOS API Design, and not fall for Apple's spin.
Feel free to share this thread with anyone you think would benefit from it (Hi @vestager).