If I could change anything, I would codify interoperability and access equality into law. If you have an API on your device and any app has access to it (1st party or not) than all parties should have access to it. It's fine if you want to have private system APIs, but if you're publishing apps for your platform than all apps should have access to the same APIs.
Maybe even specially call out that anyone can install any app they want on their mobile device, and this must be made accessible. You could even add in some weasel words like "after reasonable precautions have been taken" so that Apple can make you jump through some hoops to install an "unapproved" app. Let the courts sort out what is reasonable or not.
If a user is willing to go through the hoops to get exposed, I'm not sure anyone should stop them. Also, this is an old and tired argument. Computers have been this way forever. And yet you can build a platform that has a reasonable tradeoff between security and usability.
“And yet you can build a platform that has a reasonable tradeoff between security and usability.“
What examples do you have in mind and what has ‘usability’ got to do with this?
Also - as soon as one reputable App requires users to ‘go through the hoops to get exposed’, any app that can fool users into thinking it is reputable will be able to do so.
Maybe even specially call out that anyone can install any app they want on their mobile device, and this must be made accessible. You could even add in some weasel words like "after reasonable precautions have been taken" so that Apple can make you jump through some hoops to install an "unapproved" app. Let the courts sort out what is reasonable or not.