Table of Contents
In a time when almost every app collects personal information and data breaches are becoming more common, privacy and security concerns are on the rise. To address these issues and bring peace of mind to the users, Apple has added new requirements for iOS developers to help increase user data collection transparency.
A key part of these rules is the Apple privacy manifest, an important measure for app transparency. But what exactly is this manifest, and what does it mean for iOS developers? In this article, we will discuss what the Apple privacy manifest is, how to set it up, the challenges it might present for developers, and whether it’s as daunting as it seems to be.
What are Apple privacy manifests?
The Apple privacy manifest is a file that developers must include when submitting or updating their app to the App Store. This file, named PrivacyInfo.xcprivacy, is a type of property list (plist) that outlines the privacy practices of an application or third-party SDK. It also lists all the types of data collected by the app or any third-party SDKs it uses, along with the reasons for collecting this information.
But there’s more to it. Some APIs can be misused to secretly collect information to identify the user or device (fingerprinting). This is not allowed, even if the user gives their consent to collect this type of data. So, the manifest must also explain why your app or any third-party SDKs use these APIs and ensure they are only used for the reasons you’ve given.
Expert Commentary
Keep in mind that when you integrate a third-party SDK into your app, you are responsible for all the code it brings into your app. You need to be aware of its data collection and usage practices.
Apple provides a list of third-party SDKs whose integration into a project requires compliance with the following rules. When you submit a new app or update an existing one on the App Store, you must include a privacy manifest for any SDKs from this list. If you use one of these SDKs as a third-party binary framework, it must also have the developer’s signature. Xcode will check if the SDKs are signed by the same developer who created them to ensure they are safe and secure.
When a developer is ready to release their app, Xcode automatically combines the privacy manifests from the app itself and all the third-party SDKs it uses. This creates a single, clear report summarizing all data collection activities, including the data you collect and the required reasons API you use in your app. This combined report helps developers create more accurate Privacy Nutrition Labels for their apps.
Privacy Nutrition Labels
Starting with iOS 14, the App Store introduced a feature called Privacy Nutrition Labels. While the privacy manifest is a document for developers, these labels show users what kind of data an app collects from their device and how that data is used. This helps them understand and make better choices about which apps to use.
You can see the labels on an app’s App Store page. They are divided into three main categories:
- Data Used to Track You: This is information collected to follow you around as you use different apps and websites. For example, if you visit several websites and see the same ads everywhere, that’s because your data is being used to track you across those sites.
- Data Linked to You: This is information that is connected to your identity but not used to track you across other apps or sites. For example, your email address or your home address is linked to your profile in the app, but it’s only used to manage your account or send you notifications.
- Data Not Linked to You: This is information that isn’t tied to your identity and is used in a general way. For example, if an app collects data on how many people use a feature but doesn’t link that data to individual users, it’s used to improve the app without knowing who the users are.
Developers need to provide accurate information for these labels, and the privacy manifest helps them do just that.
The importance of compliance
At this point, everyone who has an application in the App Store or is working on one to make it published already knows about this manifest. Apple introduced privacy manifests at their 2023 Worldwide Developers Conference as part of a broader effort to improve privacy for app users.
As the requirement to implement the manifest became mandatory in May 2024, Apple has long started sending out emails with a warning for those who don’t have the manifest inside their app.
Non-compliance with Apple’s privacy standards can lead to severe consequences for developers, so is for businesses. The most immediate risk is app rejection during the App Store review process. Apple rigorously checks whether an app’s privacy manifest accurately reflects its data practices, and any discrepancies can result in the app being rejected.
Additionally, non-compliance can damage an app’s reputation and lead to user distrust. In a market where privacy is becoming a significant concern for users, failing to provide transparent and truthful information about data practices can result in users abandoning your app in favor of more privacy-conscious alternatives. Moreover, businesses and developers can face legal consequences if their app is found to be violating privacy laws or regulations by failing to disclose its data practices accurately.
Implementing privacy manifests in your iOS app
Creating and configuring a privacy manifest is a multi-step process that requires careful attention to detail. As it’s more frequently used, we will consider how to create a privacy manifest in Xcode.
Create a privacy manifest
The process of creating a privacy manifest includes a few steps:
- Step 1: Open Xcode. Start by opening your Xcode project. Go to the “File” menu, select “New,” and then choose “File.”
- Step 2: Choose the file type. In the panel that opens, select the “iOS” category. Under the “Resources” section, choose “App Privacy File.”
- Step 3: Add the privacy manifest. Select a destination folder for the file. The file will be named PrivacyInfo.xcprivacy by default.
- Step 4: Set the target. In the target list, select the appropriate target for your application or third-party SDK.
After you create a privacy manifest file, you can add details about how your app handles user data. Depending on the product type and platform, Xcode will automatically determine where this file should go. For apps on iOS, iPadOS, tvOS, visionOS, or watchOS, the privacy manifest should be placed at the root of the app’s bundle.
You can find the more detailed instructions in Apple’s official documentation.
Configure your privacy manifest file
After creating the file, you need to determine the support keys and add them to the dictionary, which will be the foundation of the property list. These keys are important for setting up the file and show the main details about how data privacy and collection practices are handled in the app or third-party SDK.
The keys include:
- Privacy Tracking Enabled (NSPrivacyTracking): Tells if the app or SDK tracks user data.
- Privacy Tracking Domains (NSPrivacyTrackingDomains): If tracking is allowed, list the internet domains your app or third-party SDK connects to for tracking purposes. Tracking won’t work without permission.
- Privacy Nutrition Label Types (NSPrivacyCollectedDataTypes): List and describe the types of data collected by the app or SDK.
- Privacy Accessed API Types (NSPrivacyAccessedAPITypes): List the API types your app or third-party SDK accesses that have been designated as APIs that require reasons to access.
Expert Commentary
To protect user privacy, Apple introduced the AppTrackingTransparency (ATT) framework. This means that if you want to track a user’s activity for advertising or other reasons, you must get their permission through the ATT framework. Originally, Apple planned for all tracking requests to fail if a user declined permission (via the ATT prompt). However, right now, requests to domains listed in Privacy Tracking Domains still go through, even if the user denies permission. This is expected to change in the future, so keep this in mind.
Xcode Instruments offers a tool to help you find domains in your app that may profile users. Apple also provides a detailed guide on how to use the tool to check your app’s network activity.
Describe the collected data types
It’s necessary to describe what types of data the app or third-party SDK collects and why. Therefore, for each type of data, you need to create a dictionary and add details to the “NSPrivacyCollectedDataTypes” list in the privacy information file. This will help to fill in the Privacy Nutrition Labels.
The details you need to list include:
- NSPrivacyCollectedDataType: A label that describes what kind of data is collected (like location or email). You can choose a value from Apple’s official list.
- NSPrivacyCollectedDataTypeLinked: A yes/no value showing if this data is linked to the user’s identity.
- NSPrivacyCollectedDataTypeTracking: A yes/no value showing if this data is used for tracking the user.
- NSPrivacyCollectedDataTypePurposes: A list of reasons why the data is collected, using specified reasons from the provided list.
Explain the purpose of the required reason APIs
As we already mentioned, some of the APIs can be misused to collect data that could be used for fingerprinting. Therefore, choose and add the types of APIs your app uses to the Privacy Accessed API Types list. You can select the reasons and types from Apple’s official document.
In case you have a valid reason for using an API that helps the user but isn’t included in the list, you’re not out of options. Apple regularly updates the document, so you can submit a request to have your reason added if it’s not already included.
Generate an app privacy report
You can create a privacy report after completing the manifest. It’s not a necessary step; the report can be very helpful for filling out your app’s App Store page and useful for future reference.
Challenges the developers might face
Despite the fact that Apple has provided extensive documentation to help developers create and implement iOS privacy manifests, this task is not exactly easy. One of the challenges with implementing the Apple privacy manifest is the need to update all dependencies to their latest versions and ensure that they include the necessary manifest files.
This can be particularly time-consuming for older apps, where updating and verifying all components and changes can take considerable effort. Besides, if you’ve developed a library or framework for your project, you need to make sure it also includes a privacy manifest. Coordinating these updates and ensuring compliance across all dependencies and components can be a complex and demanding task.
Expert Commentary
The app might be using a library that was discontinued years ago, and no new versions with a privacy manifest will be released. In this case, one possible solution is to create a fork of the library and fill out the privacy manifest file yourself. This way, you will ensure the library meets the necessary privacy standards.
Expert Opinion
We encountered an interesting case. We’re developing an SDK that is distributed in binary form. Within our SDK, we included a repackaged SDK from Apple’s list, where the classes of the repackaged SDK were renamed to avoid name collisions with other dependencies.
In summer 2024, we had no issues publishing updates for applications that already had releases in the App Store with our SDK (prior to Spring 2024). However, when we integrated our SDK into an application for the first time in June 2024, the build was rejected with the following message:
We noticed one or more issues with a recent submission for App Store review for the following app:
Please correct the following issues and upload a new binary to App Store Connect.
ITMS-91065: Missing signature – Your app includes “Frameworks/xxxxx.framework/xxxxx”, which includes YYYYY, an SDK that was identified in the documentation as a privacy-impacting third-party SDK. If a new app includes a privacy-impacting SDK, or an app update adds a new privacy-impacting SDK, the SDK must include a signature file. Please contact the provider of the SDK that includes this file to get an updated SDK version with a signature. For details about verifying the code signature for a third-party SDK, visit: https://developer.apple.com/documentation/xcode/verifying-the-origin-of-your-xcframeworks.
So there’s no doubt that starting in Spring 2024, Apple Connect began performing intelligent analysis of binary frameworks in submitted builds to detect the presence of repackaged third-party SDKs from their list when they are first added to an application. They detect it even if you rename classes of the repackaged SDK.
Final thoughts
The Apple privacy manifest represents a significant advancement in enhancing transparency and user control over data privacy. However, meeting the new requirements can be challenging, particularly for apps with numerous APIs or third-party SDKs. As an experienced software development company, SoftTeco can assist you with updating your app and implementing the privacy manifest to ensure compliance with Apple’s policies. We understand the complexities of these privacy requirements and can provide tailored solutions to streamline the process, minimize the risk of app rejection, and help maintain user trust. Contact us for more details.
Comments