There’s a big change in the Apple App Stores this week, although you probably haven’t noticed it. Back in June of 2020, during the virtual Apple Worldwide Developer Conference, Apple announced its intention to add privacy information to App Store descriptions. On December 14, 2020, all of the App Stores (iOS, iPadOS, macOS, tvOS, watchOS) added a Privacy Policy label to each app description.
Apple has provided a full support article on its website describing, how you can take control of your personal data.
Information Provided by the Privacy Policy Labels
Apple defines the information an app collects on you in three different categories: data used to track you, data linked to you, and data not linked to you.
Data used to track you
The tracking data comes from the act of linking user or device data collected in an app with user or device data collected from other apps, websites, or offline properties. Examples of those offline properties include retail receipt aggregations used to target ads at users or measure the effectiveness of advertising. Apps share user and device data with data brokers who sell the information to advertisers.
Data linked to you
This information specifically links to your identity. That link comes from your user account on the app, your device, or other details. There is a lot of information that an app collects about you. Personal contact info, including your address, email address, and phone number? Contacts provides it. Health and fitness information is accessible from health APIs or apps.
Financial information like payment and credit info is linkable to an account or device. Apps easily capture location, whether regional or precise. Browsing and search histories link back to users, so advertisers know who they need to target their products or services. Even user content like emails, audio files, texts, customer support requests, and more is traceable to you or your device.
Data not linked to you
Apps also collect anonymized and aggregated information not necessarily linked to a particular user. The aggregated info data is useful for research or other purposes.
Privacy Policy Labels: Developer Requirements
Developers must understand and explain what information their app collects and how it is used. Apple provides some exceptions to its disclosure requirements. As an example, user feedback or customer service requests do not need to be specifically noted. Almost every other bit of data collected by an app must now be disclosed.
Apple isn’t exempt from the requirements. Its own internal apps that aren’t listed on App Stores (examples include the macOS Dictionary, TextEdit, the iOS Watch app, etc.) have privacy disclosures on the company website.
What if Developers Don’t Follow The Guidelines?
Apple does not remove apps from the App Store if they don’t have the privacy info. However, it does not app updates to post until privacy information is listed. Any app not abandoned by its developer must include the details.
Looking at Privacy Policy Labels
So, where do you find this privacy information? Eventually, Apple wants every app in each App Store to have a special screen in the app’s product listing page to have privacy info presented in easily understood tabs. A search of many popular apps in both the iOS and Mac App Stores today showed that almost none of them currently use Apple’s suggested format (seen at right).
In this format, the developer marks each category with icons indicating the data captured by the app.
TL;DR
At the present time, most developers are simply providing a link to a web page that describes their privacy policy. This is useful, but those policy statements are not consistent from app to app. Many users may choose to just ignore the privacy information.
My favorite text editor app on macOS, iOS, and iPadOS — Bear — has a Privacy Policy link that points the user to https://bear.app/privacy/. That policy is very detailed, and I feel that for many users, it’s a case of tl;dr – “too long, didn’t read.”
Nowhere in Apple’s documentation about the new privacy policy labels did I see anything about when or if the company expects developers to follow the suggested App Privacy screen format. Let’s hope developers do use that format, so more users begin to take control of their personal data.
Related Links
Can’t find TextEdit in the App Store, but I want to see its Privacy Policy Label.