As far as I can tell this basically means that all apps must be approved by Apple to follow their “platform policies for security and privacy” even if publishing on a third party app store. They will also disable updating apps from third party app stores if you stay outside the EU for too long (even if you are a citizen of an EU country, with an Apple account set to the EU region).
The idea that preventing app updates is in line with their claims of protecting security is utterly absurd. “Never attibute to malice what can be explained with stupidity,” but Apple isn’t stupid.
Apple will put up with fines if it judges that if they manage to avoid the fine, the financial benefit will outweigh the fine.
If there’s a 50% chance that I stand to make $100m, and a 50% chance to be fined $20m, it makes sense (if I’m unethical, like corporations are) to take that gamble. Even more so if I think I can use lawyers to shift the chances in my favor.
If you’re to make $100m, and there’s a 99% chance to be fined $100m… it still makes sense to risk it, worst case scenario you end up as you were.
The beauty of EU’s laws, is that the fines are set as a % of “global revenue”, not just of revenue in the EU, nor in terms of profits, so large multinational corporations stand to lose way more than what they are likely to gain by not complying.