Apple Implements New Policy to Safeguard User Privacy on App Store
In its ongoing efforts to protect user privacy, Apple has announced a new policy for developers on the App Store. Under this policy, developers will be required to provide explanations for accessing specific data, aiming to prevent the misuse of application programming interfaces (APIs).
Certain APIs have the potential for misuse, allowing the collection of user device data through fingerprinting, which is explicitly prohibited by Apple’s Developer Programme License Agreement. To address this concern, Apple will now require developers to declare the reasons for utilizing these APIs in their app’s privacy manifest. By doing so, the company seeks to ensure that apps only use these APIs for their intended purposes.
As part of the process, developers must choose one or more approved reasons that accurately describe how their apps use the API. Consequently, apps will only be allowed to utilize the API for the purposes explicitly selected by the developers.
The new policy is set to take effect in phases. Starting from fall 2023, developers uploading a new app or app update to App Store Connect that involves an API requiring a reason will receive a notice if they haven’t provided an approved reason in their app’s privacy manifest.
Furthermore, beginning in spring 2024, developers will be required to include an approved reason in the app’s privacy manifest, accurately reflecting how their app uses the API, to upload a new app or app update to App Store Connect.
APIs serve as crucial tools for developers to extract and exchange data, and with this new policy, Apple aims to maintain a balance between app functionality and user privacy, ensuring that developers use APIs responsibly and transparently.
