Apple announces updated App Store Privacy requirements for developers
Apple announced last week upcoming changes to the App Store review process, with a focus on increased transparency and user privacy for third-party app developers.
![Apple announces updated App Store Privacy requirements for developers](/content/images/size/w2000/2024/04/apple-app-store.webp)
Apple announced last week upcoming changes to the App Store review process, with a focus on increased transparency and user privacy for third-party app developers. These changes take effect on May 1, 2024, and aim to provide users with a clearer understanding of how their data is used within apps.
Apple emphasizes its commitment to user privacy and security within the App Store. The company has implemented various features over the years to achieve this, including Privacy Nutrition Labels and app tracking transparency. A core principle is developer responsibility for all code within their apps, including third-party code from frameworks and libraries.
Previously, Apple established privacy manifests and signature requirements for specific third-party software development kits (SDKs). These manifests detail how user data is collected and used by the SDKs. Additionally, required reasons must be provided for certain APIs (application programming interfaces) used by the SDKs.
Changes Taking Effect May 1, 2024
Starting May 1, 2024, new or updated apps with newly integrated third-party SDKs from a designated list of commonly used SDKs will require the following submissions in App Store Connect according to Apple:
- Required reasons: Developers must specify the reasons for using each listed API within the SDK.
- Privacy manifests: Privacy manifests outlining data usage practices for the SDK must be included.
- Valid signatures: When an SDK is integrated as a binary dependency, a valid signature is required.
Apps that fail to meet these manifest and signature requirements will not be accepted by the App Store.
Additional Considerations
Apple has outlined specific scenarios where apps may also be rejected:
- Missing reasons for listed APIs: If a developer fails to provide a reason for using a listed API, the app will not be accepted.
- Dynamic frameworks and newly added SDKs: Integration of a new, listed third-party SDK via a dynamic framework embedded through the Embed Frameworks build phase can lead to app rejection.
Apple indicates that these required reason submissions will eventually encompass the entire app binary, not just third-party SDKs. This signifies a potential future where developers will need to justify all data collection practices within their apps.
Recommendations for developers
Apple encourages developers to:
- Review data usage by SDKs: Gain a clear understanding of how third-party SDKs within their apps utilize user data.
- Find alternative solutions: If an API cannot be justified with an approved reason, explore alternative solutions that meet user privacy expectations.
- Embrace transparency: These changes aim to improve transparency for users and strengthen the overall app ecosystem.
These updated App Store privacy requirements place greater emphasis on developer responsibility regarding user data within apps. By understanding and adhering to these guidelines, developers can ensure a smooth app review process and contribute to a more transparent and privacy-focused app ecosystem.
PPC Land is an international news publication headquartered in Frankfurt, Germany. PPC Land delivers daily articles brimming with the latest news for marketing professionals of all experience levels.
Subscribe to our newsletter for just $10/year and get marketing news delivered straight to your inbox. By subscribing, you are supporting PPC Land.
You can also follow PPC Land on LinkedIn, Bluesky, Reddit, Mastodon, X, Facebook, Threads, and Google News.
Know more about us or contact us via info@ppc.land
Our latest marketing news:
- Amazon launches Target Promotion for Sponsored Products advertisers
- Amazon Prime Video secures landmark NBA and WNBA broadcasting rights deal
- FTC Warns: Hashed data not anonymous, companies risk deceptive practice claims
- Taboola unveils AI-powered solution to boost publisher traffic amid digital shifts
- Meta tackles Nigerian financial Sextortion Scams in massive account purge
- FTC launches probe into surveillance pricing practices of eight companies
- Location-based advertising: revolutionizing digital marketing strategies
- Reddit's exclusive Search Deal with Google raises concerns over AI Data
- Netflix surges in Nielsen rankings, streaming dominates TV consumption
- Kargo and TikTok partner to enhance offline sales insights for advertisers