CRW

Home Wiki

Malicious compliance

View on consumerrights.wiki ↗

Work in progress
This article has been flagged for additional work. Treat its claims as provisional.
Stub
This article is a stub. The wiki community is still building it out.
Contents2
  1. Prominent Examples
  2. References

Article Status Notice: This Article is a stub

This article is underdeveloped, and needs additional work to meet the wiki's Content Guidelines and be in line with our Mission Statement for comprehensive coverage of consumer protection issues. Learn more ▼

Issues may include:

  • This article needs to be expanded to provide meaningful information
  • This article requires additional verifiable evidence to demonstrate systemic impact
  • More documentation is needed to establish how this reflects broader consumer protection concerns
  • The connection between individual incidents and company-wide practices needs to be better established
  • The article is simply too short, and lacks sufficient content

How you can help:

  • Add documented examples with verifiable sources
  • Provide evidence of similar incidents affecting other consumers
  • Include relevant company policies or communications that demonstrate systemic practices
  • Link to credible reporting that covers these issues
  • Flesh out the article with relevant information

This notice will be removed once the article is sufficiently developed. Once you believe the article is ready to have its notice removed, please visit the Moderator's noticeboard, or the Discord (join here) and post to the #appeals channel, or mention its status on the article's talk page.

Malicious compliance is an action where one complies with a request or demand, but in such a way that it follows the wording, but not the spirit or intent of the mandate.

Applied to consumer rights, this means a manufacturer or brand complies with regulations in word, but not in spirit, thus rendering the regulation ineffective.

Some common practices include making it intentionally difficult for a consumer to exercise their rights through use of dark patterns, obstacles such requiring communication by letter, imposing fees, requiring registration and many more.

Prominent Examples

  • Apple: After being required by the EU to open up their devices to apps sold outside the Apple App Store, the company created a multitude of hurdles, fees and complications to make it as difficult as possible for developers to actually do this, including a requirement that every independently distributed app still be approved by Apple and fees be paid by the developer.[1][2]
  • Apple: After the EU mandated USB-C as a charging port for all phones, Apple explored various ways to still require cable and accessory manufacturers to go through their costly Made for iPhone certification programmes and require consumers to still buy additional cables and accessories.[3]
  • Other examples of malicious compliance are related to the willingness of companies to follow right to repair laws. Most notably of these companies are Apple, Samsung, and John Deere.[4]

References

  1. Mendes, Marcus (2025-05-27). "EU ruling: Apple's App Store still in violation of DMA, 30 days to comply". 9to5Mac. Archived from the original on 18 Dec 2025. Retrieved 2025-08-29.
  2. https://dev.to/1_king_0b1e1f8bfe6d1/how-ios-sideloading-actually-works-in-2025-dev-certs-altstore-and-the-eu-exception-1m2h (Archived)
  3. Roberts, Paul (2023-09-12). "Will Apple Use a Loophole in EU's USB-C Requirement?". iFixit. Archived from the original on 10 Oct 2025. Retrieved 2025-08-29.
  4. https://www.repair.org/blog/2024/1/26/malicious-compliance-with-right-to-repair-laws (Archived)
Filed under