New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Apple Forces Developers to Remove Screen Recording Code From iOS Apps [Update]

Yesterday, TechCrunch discovered that multiple popular iPhone apps from major companies are using intrusive analytics services that capture data ranging from taps and swipes to full screen recordings, all without customers knowing about it.


Today, Apple has informed app developers that this kind of screen recording analytics code needs to be clearly disclosed to customers or removed from iOS apps. From an Apple spokesperson's email to TechCrunch:
"Protecting user privacy is paramount in the Apple ecosystem. Our App Store Review Guidelines require that apps request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity."

"We have notified the developers that are in violation of these strict privacy terms and guidelines, and will take immediate action if necessary," the spokesperson added.
At least one developer has already been told to remove the code that recorded app activities. From an email to the developer:
"Your app uses analytics software to collect and send user or device data to a third party without the user's consent. Apps must request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity."
Apple is serious about getting rid of this code and gave the developer in question less than a day to remove it and resubmit the app before it would be pulled from the App Store.

High-profile apps like Abercrombie & Fitch, Hotels.com, Air Canada, Hollister, Expedia, and Singapore Airlines are using Glassbox, a customer experience analytics firm with a "session replay" screen recording feature.

Session replays are designed to let developers screenshot or record or a user's screen and then play back those recordings to see how users interact with their apps. Taps, button pushes, and keyboard entries are all captured and provided to app developers.

None of the apps above disclosed that they were recording a user's screen in their privacy policies, which is apparently in violation of Apple's App Store rules.

Apple also requires apps that record the screen to have a little red icon on the top left corner of the phone to make it clear that the screen is being recorded, and it sounds like Apple is going to enforce this rule for this kind of analytics tracking.

Most likely, apps will need to remove this feature because customers are not going to willingly use an app that's recording everything that they're doing and displaying a persistent red icon while the app is open.

There are many other analytics companies that have similar practices like Appsee and UXCam, so there are undoubtedly many more apps that are using these secret screen recording features without customer knowledge.

Update: Glassbox, the company that many apps use for screen recording analytics capabilities, provided the following statement to MacRumors on the issue:

"TechCrunch's piece raised valid concerns. Yet we believe it is partial and doesn't adequately convey the many benefits for our customers and their users; or reflect the security and privacy capabilities inherent in Glassbox.

Glassbox and its customers are not interested in "spying" on consumers. Our goals are to improve online customer experiences and to protect consumers from a compliance perspective. Since its inception, Glassbox has helped organizations improve millions of customer experiences by providing tools that record and analyze user activity on web sites and apps. This information helps companies better understand how consumers are using their services, and where and why they are struggling.

We are strong supporters of user privacy and security. Glassbox provides its customers with the tools to mask every element of personal data. We firmly believe that our customers should have clear policies in place so that consumers are aware that their data is being recorded -- just as contact centers inform users that their calls are being recorded.

Furthermore: No data collected by Glassbox customers is shared with third parties, nor enriched through other external sources.
Glassbox meets the highest security and data privacy standards and regulations (e.g. SOC2, GDPR), and all data captured via our solution is highly secured and encrypted.

We provide our customers with the ability to mask every piece of data entered by a consumer, restrict access to authorized users, and maintain a full audit log of every user accessing the system.

We don't simply record data and provide customers with session replay. Brands come to us because Glassbox means source-proof, tamper-proof, encrypted records of digital activity. These characteristics make Glassbox invaluable, not to 'spy' on customers, but to (a) aid in creating the best and easiest digital journey, and (b) protect both brands and customers with evidential truth that allows for safe and compliant digital experiences."



Top Rated Comments

(View all)

8 months ago
For some here, no matter what Apple does or doesn't do, it just isn't good enough. There sure are a lot of armchair CEO's etc. who seem to have an immediate answer and split-second reaction and fix time for everything that hits Apple. Many of you should put your keyboards to action and apply to Apple. I bet your tune changes to a different song.

I am glad Apple took action.
Rating: 38 Votes
8 months ago
More importantly, how did Apple miss this in their review? Why is it lately incumbent on journalists to police this kind of stuff?
Rating: 26 Votes
8 months ago
Now let's see what google does
Rating: 24 Votes
8 months ago
apple is being unusually responsive lately to the general user community.
who within apple directed this change?
how can we keep this going?
was this simply caused by the Xs and even Xr failure to incorrectly read markets' pricing limits?
or, is this more caused by apple's sensing that it alone has an even greater marketing advantage vs. competitors if it continues to try to do as much as possible to preserve users' privacy?
anyway, its wonderful, and am glad apple took action.
Rating: 23 Votes
8 months ago
One day notice. Perfect.
Rating: 22 Votes
8 months ago

"We have notified the developers that are in violation of these strict privacy terms and guidelines, and will take immediate action if necessary," the spokesperson added.


Immediate action is necessary! Pull the apps right now and don't let them back in until they are following the guidelines.
Rating: 21 Votes
8 months ago

Apple seems to be having to do stuff like this every week lately. Privacy just seems to have gone completely out the window.

It seems like that when you’re the only company in tech that gives a rip about privacy.

Not going to be much privacy news in the Google (Android), Facebook, and Amazon worlds because anything goes and data collection is their business. It’s just business as usual at those companies.
Rating: 21 Votes
8 months ago

Yesterday, TechCrunch discovered that...

Today, Apple has informed app developers...

Any reason why Apple waits until the media makes a big deal about it before doing anything about it? Calculator bug, Group FaceTime bug, etc. Come on, Apple. Get it together. I'm starting to feel like everything they do is a PR stunt. Like if this information wasn't released to the public Apple would have just let the apps continue recording all our screens.
Rating: 21 Votes
8 months ago
That walled garden of the App store really has some holes on the fence.
Rating: 17 Votes
8 months ago

Apple seems to be having to do stuff like this every week lately. Privacy just seems to have gone completely out the window.

Have fun on your Android buddy. They will never eliminate screen recording on androids. never never!
Rating: 15 Votes

[ Read All Comments ]