News
NEW
Apple doubles down on privacy commitment with new API rules
Apple new api rules

Published July 31, 2023
by Yes We Trust

min read

Summary

    Last week, following its continued efforts to foster data privacy practices within its products, Apple released a list of APIs that will now require iOS app developers and publishers to declare reasons for their use. 

    This comes following an announcement during Apple's Worldwide Developers Conference 2023 (or WWDC23), the company's 34th annual conference hosted for its developers, which took place in June.

    During the announcement, Apple unveiled its Privacy Manifests, a new tool that "helps you accurately identify the privacy practices of your app's dependencies," and aims at cracking down on a practice known as "fingerprinting".

    "There are existing APIs in our platforms that have the potential of being misused for fingerprinting. However, these APIs also provide powerful user experiences when accessed appropriately. To support important use cases that benefit the users while avoiding fingerprinting, there is a new category of APIs called Required Reason APIs. "

    - Tony Tan, Privacy Engineering at Apple (source: Apple WWDC23 "Get started with privacy manifests)

    In short, "fingerprinting" is a practice enabled by some APIs to collect data that can be used to access signals in order to identify your specific device and display targeted advertising, often without your consent.

    This practice is not allowed by Apple, and the company is now doubling down on preventing its use by requiring extra steps for app developers and publishers that are looking to use these APIs for genuine use. Going forward, developers looking to add or update an app to the AppStore will need to declare a reason for using APIs from the list of required reasons API and describe the intended use for it.

    Starting in fall 2023, when you upload a new app or app update to App Store Connect that uses an API (including from third-party SDKs) that requires a reason, you’ll receive a notice if you haven’t provided an approved reason in your app’s privacy manifest. And starting in spring 2024, in order to upload your new app or app update to App Store Connect, you’ll be required to include an approved reason in the app’s privacy manifest which accurately reflects how your app uses the API.

    - Apple (source: Apple Developer News and Updates)

    What do you think about this new development from Apple? Continue the conversation in the Yes We Trust community on LinkedIn:

    Go to the Yes We Trust community

    Related Articles
    Our freshest data privacy content for you
    • News

    iOS 17 unveils advanced security and privacy options │ Yes We Trust

    September 25, 2023 by Jivika Lillaney

    iOS 17 Unveils Advanced Security and Privacy Options

    Read Article

    • News

    Apple Bans employees from using ChatGPT at work | Yes We trust

    May 26, 2023 by Yes We Trust

    Apple Bans employees from using ChatGPT at work

    Read Article

    • News

    Google, Apple, Microsoft and Norway: zero-day vulnerabilities in the spotlight | Yes We Trust

    July 31, 2023 by Jivika Lillaney

    Google, Apple, Microsoft and Norway: zero-day vulnerabilities in the spotlight

    Read Article

    • News

    Apple to now invest in GenAI │Yes We Trust

    October 25, 2023 by Jivika Lillaney

    Apple to now invest in GenAI

    Read Article

    • News

    Threads, Meta's new app, is live... unless you're in the EU | Yes We Trust

    July 7, 2023 by Yes We Trust

    Threads, Meta's new app, is live... unless you're in the EU

    Read Article

    • News

    Apple opposes UK surveillance bill update | Yes We Trust

    July 25, 2023 by Yes We Trust

    Apple opposes UK surveillance bill update

    Read Article