> It could instead require third parties to improve theirs.

Apple made it sound like their proposal for that was rejected by the EU. And it would be consistent with previous regulatory decisions by the EU for them to not want Apple to be setting the rules for how third-party interoperability partners/competitors ensure privacy.

It seems to me that the EU has a preference for protecting privacy with legal mechanisms, and generally doesn't approve of Apple's attempts to protect privacy with technical mechanisms because that inevitably limits interoperability with systems that aren't designed around the same restrictions and assumptions.

Would that be allowed under EU law?

Apple is building a system that is more private than EU law requires. If they tell say Facebook that Facebook can integrate in but first must meet the same more than is legally required standard Apple is aiming for wouldn't that be anti-competitive?