Comment by archagon
The problem is that the rhetoric around this law from its promoters is that of an app ban, not a business sanction. And indeed, the app is being banned from Apple and Google's app stores despite it being free to download and use.
The government currently lacks the ability to yank a binary from computing devices en masse, but the technology to do so is already mostly in place. (See Apple’s notarization escapades in the EU, for example. And I think Microsoft is working in a similar direction: https://secret.club/2021/06/28/windows11-tpms.html) I have a sickening feeling that this is only step one, and that the government will eventually mandate the ability to control and curate all software running on desktop and mobile devices within the country for “security” reasons. National security goons are salivating at the prospect, to say nothing of US corporations that are getting clobbered by foreign competitors.
I believe Google Play does actually have the ability to remove apps if it wants to, intended for malware.
If the government were to mandate that they use that feature, or Apple use that feature, especially to prevent future side-loaded installs, I'd be much more sympathetic to the overreach arguments. But that's not what they did. Rather this is a narrow law that prevents these companies from assisting in wide scale espionage. The fact that they could do some other bad thing doesn't mean the thing they did is bad.
The courts use phrases like "narrowly tailored to achieve the governments legitimate interest" to describe the balancing test here...