Our Insights
Post 5 mins Sian-Louise Montgomery

The music app that was guilty until proven innocent

When an app disappears without warning

Musi was a well-loved music app with over 66 million downloads. It didn’t host pirated files or shady links, it simply let users stream audio from YouTube videos through a clean, ad-supported interface. By all appearances, it was above board. But that didn’t stop Apple removing it from their store, without a single warning.

 

Believing you’re compliant, until you’re not

Musi didn’t own the content it surfaced, but it didn’t claim to. It relied on YouTube’s public API, monetised its own interface, and assumed that was safe. Behind the scenes, however, music rights holders had raised complaints. Apple received enough of them to act. The risk wasn’t worth it, so Musi was pulled. Just like that. No notice. No negotiation. One day it was live. The next, it was gone. In this instance, Musi’s downfall was copyright – but we frequently see similar situations where an app developer ignores technical compliance regulations and suffers the same fate. All it takes is one overlooked issue for the whole thing to unravel.

 

Ten years of work. Gone overnight.

Musi’s team had spent a decade building their business. They were generating tens of millions in ad revenue and had a massive global user base. The takedown was a critical blow. Not just financially, but operationally. Their users lost access, clones appeared, and the original developers were left scrambling, with no roadmap to resolution. They filed a lawsuit, arguing that Apple acted without due process. Unfortunately, it was too late.

 

“We didn’t think we were doing anything wrong”

This is where it gets uncomfortable. Musi didn’t see themselves as infringing anything. They weren’t hosting or distributing files. They weren’t passing off someone else’s content as their own. But that good will wasn’t enough to protect them. Many app teams believe that if they’ve passed review once, they’re in the clear. That’s rarely true. Policies evolve, complaints stack up quietly and platform providers don’t need your approval to take action.

 

What would have made the difference?

A clearer compliance strategy. That might have included active review of platform rules, closer dialogue with content providers, and a pre-emptive approach to rights holder concerns.
This isn’t hindsight bias. It’s basic protection – the kind that gets skipped when things feel stable.

Even though Musi fell on copyright grounds, it’s a sharp reminder of how fragile apps can really be. For other developers, it could just as easily be data handling, permissions, or out-of-date SDKs that triggers their downfall.

 

The question isn’t whether your app is live today. It’s whether it would survive a challenge tomorrow.

One of the first things we look at with clients in our audits is what else they’re using, and which systems they rely on that aren’t internal to them. If you rely on another platform’s API, or if your model brushes against third-party content in any way, it’s worth asking: would your app stand up to scrutiny? Many don’t know the answer until it’s too late.

 

A quick check now can prevent a tougher blow later

For technical issues, use our App Triage Checklist for a high level overview of what needs looking at. Then, follow with our App Risk Radar tool for a more in depth review of your compliance, security, policy awareness and audit readiness.

It takes five minutes, and it could highlight issues that may otherwise be invisible – until they’re not. 

Let’s take a look at where you might be exposed, and what to do before it costs you.

 

;