One of the latest changes introduced by Apple is that developers needs to describe the data your app or third-party SDK collects and provide the required reasons of the APIs it uses.
To do so, applications and third-party SDKs that are distributed as XCFrameworks, Swift packages, or Xcode projects, need to contain a privacy manifest file, named PrivacyInfo.xcprivacy.
Table of Contents
Privacy Manifest File requirements
⚠️ Starting May 1, 2024, apps that don’t describe their use of required reason API in their privacy manifest file aren’t accepted by App Store Connect.
The privacy manifest file is a property list (plist) that records the types of data collected by your app, and for each required reasons API in your app or third-party SDK, it reports the reason for its usage.
You need to include a privacy manifest file in your third-party SDK if it’s listed in “SDKs that require a privacy manifest and signature,” in Upcoming third-party SDK requirements. Otherwise, include a privacy manifest file in your third-party SDK if it uses a required reasons API or collects data about the person using apps where the third-party SDK will be used.
You might be receiving these emails from Apple after submitting a build on TestFlight:
Although the TestFlight submission was successful, it’s recommended that you correct the issues in your next submission for TestFlight review.
ITMS-91053: Missing API declaration
Your app’s code in the “file” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryFileTimestamp. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.
ITMS-91053: Missing API declaration
Your app’s code in the “file” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryUserDefaults. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.
ITMS-91053: Missing API declaration
Your app’s code in the “file” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategorySystemBootTime. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.
ITMS-91053: Missing API declaration
Your app’s code in the “file” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryDiskSpace. While/ no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.
How to create a privacy manifest
These are the steps add the privacy manifest to your app or third-party SDK in Xcode, follow these steps:
- Choose File > New File.
- Scroll down to the Resource section, and select App Privacy File type.
- Click Next.
- Check your app or third-party SDK’s target in the Targets list.
- Click Create.
By default, the file is named PrivacyInfo.xcprivacy; this is the required file name for bundled privacy manifests.
You need to add the privacy manifest file to your target’s resources for Xcode to use it when you generate a privacy report. If you distribute your third-party SDK as a static library, use the support for static frameworks in Xcode 15 or later to bundle resources, including the privacy manifest file. Create a framework target in Xcode that builds your product, set its Mach-O type build setting to “Static Library,” and add the privacy manifest file to your target’s bundle resources along with any other resources, for example, image files.
At the top level of this property list file, add the following keys to the dictionary:
NSPrivacyTracking
A Boolean that indicates whether your app or third-party SDK uses data for tracking as defined under the App Tracking Transparency framework.
NSPrivacyTrackingDomains
An array of strings that lists the internet domains your app or third-party SDK connects to that engage in tracking. If the user has not granted tracking permission through the App Tracking Transparency framework, network requests to these domains fail and your app receives an error. If you set NSPrivacyTracking to true then you need to provide at least one internet domain in NSPrivacyTrackingDomains; otherwise, you can provide zero or more domains.
NSPrivacyCollectedDataTypes
An array of dictionaries that describes the data types your app or third-party SDK collects. For information on the keys and values to use in the dictionaries, see Describing data use in privacy manifests.
NSPrivacyAccessedAPITypes
An array of dictionaries that describe the API types your app or third-party SDK accesses that have been designated as APIs that require reasons to access.
Describing use of required reason API
Some APIs in your app may be misused for device fingerprinting, which is not permitted even if users consent to tracking. Apple requires apps to describe the reasons for using certain APIs in their privacy manifest files. Failure to do so may lead to rejection from the App Store. Apps using required reason APIs must declare approved reasons for their use and may only use the APIs for the stated purposes. It is essential to accurately report the use of APIs in the privacy manifest files for both apps and third-party SDKs. Third-party SDKs cannot rely on apps or other SDKs to report their usage of required reason APIs.
You can see all the specific details in the following Apple article:
The sections below outline the various categories of required reason APIs, specify the APIs within each category, and detail the permissible reasons that can be incorporated into a privacy manifest.
Summary of required reason APIs
File timestamp APIs
Require reasons for accessing creationDate, modificationDate, fileModificationDate, contentModificationDateKey, and other related functions. Declare reasons like displaying file timestamps, accessing metadata within the app container, or user-granted directories. Use specific reason codes for third-party SDKs or displaying timestamps to users without sending information off-device.
System boot time APIs
The usage of functions like systemUptime and mach_absolute_time(), need reasons for use, such as measuring time between app events or calculating timestamps. Declare reasons for app functionality or optional bug reports with considerations for data usage. Ensure prominence in bug reports and adherence to user choices for sending information off-device.
Disk space APIs
Including volume and system capacities, require explicit declaration for displaying disk space, managing file storage, or optional bug reports. Declare reasons based on app behavior, low disk space impact in health research apps, and user-initiated bug report submissions. Adhere to permission protocols for sending disk space details, avoiding unnecessary downloads, and informative bug report inclusions.
Active keyboard APIs
Need reasons for determining activeInputModes, essential for custom keyboard apps or user interface personalization. Declare reasons for primary app functionality, user interface adjustments, and ensuring active keyboard data remains on the device without transmission.
User defaults APIs
Usage of functionality like UserDefaults, require declaration to access app-specific information. Declare reasons for reading and writing app-restricted data, app group exclusivity, or third-party SDK functionality. Access managed app configurations or feedback stored under specific key sets for Mobile Device Management compatibility, ensuring compliance with the Apple protocol.
Example Privacy Info file
Here is a sample file that you can directly download and use in your project, you can later update it based on your needs. This PrivacyInfo.xcprivacy file specifies four API categories accessed by an application, each associated with a unique reason code. These include access to user preferences (NSPrivacyAccessedAPICategoryUserDefaults) with reason code CA92.1, monitoring of disk space usage (NSPrivacyAccessedAPICategoryDiskSpace) with reason code 7D9E.1, retrieval of file timestamps (NSPrivacyAccessedAPICategoryFileTimestamp) with reason code 3B52.1, and checking the system’s boot time (NSPrivacyAccessedAPICategorySystemBootTime) with reason code 35F9.1.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>NSPrivacyAccessedAPITypes</key>
<array>
<dict>
<key>NSPrivacyAccessedAPITypeReasons</key>
<array>
<string>CA92.1</string>
</array>
<key>NSPrivacyAccessedAPIType</key>
<string>NSPrivacyAccessedAPICategoryUserDefaults</string>
</dict>
<dict>
<key>NSPrivacyAccessedAPIType</key>
<string>NSPrivacyAccessedAPICategoryDiskSpace</string>
<key>NSPrivacyAccessedAPITypeReasons</key>
<array>
<string>7D9E.1</string>
</array>
</dict>
<dict>
<key>NSPrivacyAccessedAPIType</key>
<string>NSPrivacyAccessedAPICategoryFileTimestamp</string>
<key>NSPrivacyAccessedAPITypeReasons</key>
<array>
<string>3B52.1</string>
</array>
</dict>
<dict>
<key>NSPrivacyAccessedAPIType</key>
<string>NSPrivacyAccessedAPICategorySystemBootTime</string>
<key>NSPrivacyAccessedAPITypeReasons</key>
<array>
<string>35F9.1</string>
</array>
</dict>
</array>
</dict>
</plist>Describing the data your app or third-party SDK collects
Once you have your PrivacyInfo file, it’s time to provide a description of all the data your app collects. To do so, for each type of data your app or third-party SDK collects, you will need to add a dictionary to the NSPrivacyCollectedDataTypes array in your privacy information file. You will need to add the following keys to the dictionary.
NSPrivacyCollectedDataType A string that identifies the type of data your app or third-party SDK collects.
NSPrivacyCollectedDataTypeLinkedA Boolean that indicates whether your app or third-party SDK links this data type to the user’s identity.
NSPrivacyCollectedDataTypeTrackingA Boolean that indicates whether your app or third-party SDK uses this data type to track.
You can see all categories and and valid values in the official Apple documentation:
Create your app’s privacy report
Xcode can create a privacy report by aggregating the privacy manifests from your app and the third-party SDKs it links to. Use the privacy report to better understand all of the data collected by your app and whether it tracks. Create the privacy report for your app by doing the following:
- Open your project in Xcode.
- Choose Product > Archive. Xcode creates the archive and reveals it in the organizer.
- Control-click the archive in the organizer and choose Generate Privacy Report.
- Choose a location to save the privacy report.
- Switch to Finder.
- Navigate to the location where you saved the privacy report, and double-click to open the report in Preview.
App extensions don’t include privacy information files. The operating system and App Store Connect use the privacy information file in the extension’s host app bundle, in combination with those from third-party SDKs your app links to.
User Privacy and Data Use in Bugfender
In case you use Bugfender to collect logs and crashes from your users, you might be concerned about Bugfender’s use of data on your application. If this is the case, you can be safe because:
- Bugfender does not track your users across apps or websites.
- Bugfender does not use your user’s data for their own purposes, nor sell it to third parties, for advertisement purposes, nor any other purposes.
- Bugfender does not access the device’s advertising identifier (IDFA) nor the ID for Vendors (IDFV).
- If you’re developing an iOS application, you do not need to ask the user for permission with the AppTrackingTransparency framework, since Bugfender does not do “tracking” in the definition of Apple in connection with advertising.
- If you gather personal data with Bugfender, you can sign a Data Processing Agreement with us, so that you and your users are protected under GDPR.
At Bugfender we take security and privacy very seriously, if you want to read more about security related topics you can check our Bugfender Security and Compliance knowledge base.
Nutrition Labels for the App Store
As mentioned, Bugfender does not track users, and by default collects a minimal set of information about the device (see Which device data is automatically collected from users?).
Out of the categories Apple indicates, Bugfender collects:
- Other Diagonstic Data, since you use Bugfender to collect application logs and crashes. This information is not linked to the user and not used for tracking.
The Bugfender iOS SDK already includes a .xcprivacy file with this statement since version 1.13.1. So if you are using this or a later version of the iOS SDK, you are safe with the new Apple requirements.
Please note you may be collecting additional data with the help of Bugfender (your user’s name, email, etc.), and you may be using it for additional reasons (analytics, product personalization, etc.). Also you may be linking this data to the user by adding custom key-values and using the data for tracking. If that’s the case, you’re responsible for declaring these uses of information in App Store Connect or your application’s .xcprivacy file.
Look out for the following:
- Product Interaction, if you enable automated UI logging or if you do manual logging to track interactions.
- Crash Data, if you enable crash reporting.
- Performance data, if you log anything related with performance.
- Identifiers, if you use custom device key-values to associate the logs of a device with its owner or the device itself.
Conclusion
Proper implementation of Privacy – the manifest file is the key to following Apple’s privacy guidelines. Transparent declaration of API usage can build more trust for the user while helping in meeting those set by regulations. Stay updated with the documents provided by Apple in a bid to always remain compliant as standards change.
We discussed about the Data collections and declaration of what is being collected and for what reason. All Keys with reason and description are detailed in this article.
Remember that Privacy accessed APIs are mandatory from May 01, 2024 to submit the apps on App store. These APIs are mainly related to the use of UserDefault API, System boot time, FileTimestamp and Disk Space. All listed apis and functions, if used in your App or third-party SDK, need to specify the reason of use.
Privacy is the utmost concern of Apple for it’s users and Apple try to maintain the highest level of security, privacy and trust of it’s users to use it’s products. These API’s will help users know the upfront, what all data will be collected by the app and why and where that data will be used.
Happy coding!
