References for Apple's Privacy Requirement for App Developers

Photo by Jason Dent on Unsplash
Photo by Jason Dent on Unsplash

I hadn’t planned to write this because it seemed that most apps should already be dealing with these requirements. However, after spending a considerable amount of time on this, I felt it would be a waste not to document the experience. Thus, I’ve managed to summarize it in this post.

Why

Developers need to ensure that their privacy manifests include the required reasons when using certain libraries (e.g., an analytics library) and APIs (such as UserDefaults). This policy applies to all app submissions after May 1st, 2024.

As excerpted from Apple’s announcement:

Starting May 1, 2024, new or updated apps that have a newly added third-party SDK that‘s on the list of commonly used third-party SDKs will need all of the following to be submitted in App Store Connect:

  1. Required reasons for each listed API
  2. Privacy manifests
  3. Valid signatures when the SDK is added as a binary dependency

I don’t remember the exact version, but I’m certain that the current Xcode no longer automatically generates the required privacymanifest.info file when creating a project. Thus, some developers might need to manually generate one due to this requirement.

While resolving this requirement isn’t overly complicated, I found the descriptions scattered and somewhat difficult to comprehend (at least for me). Therefore, I compiled the related references, hoping this can serve as a useful resource should I need to revisit this issue.

Reference

Tool

And finally, I randomly came across this site while dealing with Apple’s privacy requirements. It’s such a useful tool that I regret not finding it earlier. Kudos to Donny Wals!

PrivacyManifest.dev