iPhone XS and XS Max in silver, space gray, and gold.
All New and Updated App Store Apps Required to Have a Privacy Policy Starting October
Apple has announced that, starting October 3, 2018, all new apps and app updates will require a privacy policy in order to be submitted for distribution on the App Store or through TestFlight for beta testing purposes.
Apple already requires a privacy policy for apps that access personal information, including apps that offer subscriptions, accept Apple Pay, or use Apple frameworks such as HomeKit, HealthKit, or CareKit. Now, the requirement will extend to all apps, including basic ones that do not share data in any way.
It does not appear that existing apps on the App Store will be affected by this move until they are updated on October 3 or later, so long-outdated apps may remain without a privacy policy if they are no longer maintained.
Apple detailed the upcoming changes in the News section of its App Store Connect portal for developers on Thursday:
Apple already requires a privacy policy for apps that access personal information, including apps that offer subscriptions, accept Apple Pay, or use Apple frameworks such as HomeKit, HealthKit, or CareKit. Now, the requirement will extend to all apps, including basic ones that do not share data in any way.
It does not appear that existing apps on the App Store will be affected by this move until they are updated on October 3 or later, so long-outdated apps may remain without a privacy policy if they are no longer maintained.
Apple detailed the upcoming changes in the News section of its App Store Connect portal for developers on Thursday:
Starting October 3, 2018, App Store Connect will require a privacy policy for all new apps and app updates in order to be submitted for distribution on the App Store or through TestFlight external testing. In addition, your app's privacy policy link or text will only be editable when you submit a new version of your app.Apple elaborates on its privacy policy requirements in its App Store Review Guidelines, under Section 5.1.1:
To add or edit your privacy policy for the App Store:
1. Go to My Apps in App Store Connect, and click on your app.
2. Under App Store, click on App Information.
3. In the top right corner, add your privacy policy link for iOS apps or macOS apps, or enter text directly for tvOS apps.
4. Click Save.
To add your privacy policy link to your app for external TestFlight distribution:
1. Go to My Apps in App Store Connect, and click on your app.
2. Under TestFlight, click Test Information.
3. Add your privacy policy link for iOS apps, or enter text directly for tvOS apps.
4. Click Save.
Privacy Policies: All apps must include a link to their privacy policy in the App Store Connect metadata field and within the app in an easily accessible manner. The privacy policy must clearly and explicitly:App Store Connect has long provided a privacy policy metadata field for developers to submit a link to their privacy policy webpage for iOS apps. On the Apple TV, there is no web browser, so App Store Connect has a text box for developers to past the full text of their privacy policy displayed in app.
- Identify what data, if any, the app/service collects, how it collects that data, and all uses of that data.
- Confirm that any third party with whom an app shares user data (in compliance with these Guidelines) — such as analytics tools, advertising networks and third party SDKs, as well as any parent, subsidiary or other related entities that will have access to user data — will provide the same or equal protection of user data as stated in the app's privacy policy and required by these Guidelines.
- Explain its data retention/deletion policies and describe how a user can revoke consent and/or request deletion of the user's data.
[ 46 comments ]
Top Rated Comments
(View all)
3 weeks ago
I think Apple should change policy on allowing apps access to people's contacts (such as WhatsApp). I don't like that they can—often with a single single tap, without knowing too much of what's being asked—hit "Ok" and upload their full address book (including my entry) to Zuckerberg's servers without my more acute understanding re potential consequences of said seemingly innocuous action. And without our permission. What did one dev. say, "it's the wild-west of data collection". Given how much Apple care about security, I'm surprised Apple still allows this.
3 weeks ago
Just wrote mine. What a pain. I don’t collect any information. Would be nice if we could just check a “we don’t collect anything” box in appstoreconnect.
3 weeks ago
I think Apple should change policy on allowing apps access to people's contacts (such as WhatsApp). I don't like that they can—often with a single single tap, without knowing too much of what's being asked—hit "Ok" and upload their full address book (including my entry) to Zuckerberg's servers without my more acute understanding re potential consequences of said seemingly innocuous action. And without our permission. What did one dev. say, "it's the wild-west of data collection". Given how much Apple care about security, I'm surprised Apple still allows this.
that's the single reason I've never used WhatsApp. I hate the thought that I have to give them access to the phone numbers, addresses, and email addresses of my friends and family without them being able to consent.
3 weeks ago
I think this will help with transparency (great) but I see another ancillary benefit of weeding out low quality non-viable apps. Devs are going to have to decide if their apps are worth the effort and those that choose not to update with privacy info will find their apps in the realm of abandonware (hopefully)... sort of a self cleaning roomba for the app store.
3 weeks ago
If this just means more reams of fine print in very legal language, then people will generally not read them or understand it. Apple should instead force developers to disclose the ramifications in terms of what can go wrong - kind of like the "Risk" sections in a SEC 10Q or 10K form. Give me a list of reasons why anything I do with this app can go (horrendously) wrong - "my security team is my dog, and he may not keep your health records secure for long"
3 weeks ago
How are single devs supposed to deal with this? Let's say you just use Google Analytics (or Firebase). How complicated must this be? More importantly, WHAT IF APPLE STARTS APPROVING OR DENY BASED ON HOW DETAILED YOUR POLICY TEXT IS?
That’s my concern too.Another aspect I’ve read is that the app must include a link to the privacy details whether the app is web enabled or not. So without more clarification it looks like a small developer would have to then have a website that the app can connect to just to tell the user that they’re not collecting anything and that except for that link it wouldn’t otherwise have even connected to the net?
3 weeks ago
I didn't check but I think it will impact the B2B store as well, but a standard privacy page should be enough. One of the advantages of working for companies with the enterprise membership is avoid dealing with iTunes Connect and all the boilerplate that goes into publishing an app.
As a user I'm ok with more transparency given to the customer, but I think very few people actually read that stuff
As a user I'm ok with more transparency given to the customer, but I think very few people actually read that stuff
3 weeks ago
How are single devs supposed to deal with this? Let's say you just use Google Analytics (or Firebase). How complicated must this be? More importantly, WHAT IF APPLE STARTS APPROVING OR DENY BASED ON HOW DETAILED YOUR POLICY TEXT IS?
[ Read All Comments ]
With several of our recent giveaways focusing on Apple's new iPhone models that are launching today in the US and several other countries, today's giveaway goes back to the Mac. Rain Design...
Belkin today introduced its BOOSTUP Wireless Charging Dock for wirelessly charging an iPhone and Apple Watch at the same time. There is also a USB-A port for charging a third device like an iPad via...
Best Buy's one-day sale today is discounting a collection of Apple Watch Series 3 models (GPS + Cellular) that have been officially refurbished by Geek Squad. Prices for the aluminum models are...
Apple has launched a new iPhone XS and iPhone XS Max "experience" micro-site that puts its ".apple" top-level domain to use, as discovered on Reddit.
As noted by 9to5Mac's...
Microsoft has revealed that Skype is coming to Alexa devices. The partnership between Microsoft and Amazon means that owners of devices in Amazon's Echo range will soon be able to make outgoing...
In iOS 12, Apple added a new Effects camera in Messages that's similar to the live camera features in Snapchat and Instagram, allowing you to take a photo in the Messages app and then edit it...
Apple has given a straight-to-series order for drama series "Defending Jacob," which will star Chris Evans, known for his roles in "Captain America" and "The Avengers,"...
In iOS 12, Apple has introduced new password-related features that are designed to make it easier for iPhone and iPad users to create strong, secure, and unique passwords for app and website logins....
