Hear me out, developers at Apple! You've done an amazing job with privacy so far. The introduction of ContactAccess and the Contact Access Button this year is truly an amazing work of art. Well done. However, all the way back to the first iPhone I got in 2007, I wished Apple would make API's available to access the users installed apps (in a privacy way). This would (further) open up apps in the category of App Managers and App Launchers. Back in the early days the trick was to use deep link, but that was also awkward, since you needed to know the deeplink upfront and the apps needed to support it. Not ideal. It also had a side effect that Apple noticed, that evil party's used it to scan your device to know which apps you had installed and create a profile from that. Apple fixed that by using LSApplicationQueriesSchemes. Now you have to tell the App upfront which apps you will be calling (up to 50), or use Universal Link to be freed from this limitation again. Again not ideal. Why not turn it around and let the user decide? User central. Imagine an App Launcher app. There is a button in the launcher app where you as a user can click on to add an app. It calls an api available from Apple to launch a privacy shielded sheet with the apps the user got installed on its device. These are not exposed to the launcher app. When the user clicks on the installed app (or apps) it likes to add, the launcher app will get identifiers to launch the app. That's it. This would be limited access, perhaps the api could also expose full access, so permission could be granted once and the app will get all identifiers available. The choice will be up to the user. One step further, but this would be more nice-to-have, is the ability to access meta data of the app, such as icon, title, last launched, app size, etc. This way App Launchers can make decisions such as putting the most recent launched app in front or App Managers can use this to decide which apps you are not using and can advise to remove them to clean up space. Love to hear everyone's opinion. So let it be the start of the discussion.

Why is it that after hiding an app, it can still be seen in many places in the settings, such as: Settings -> General -> iPhone Storage Settings -> private and security -> Pemissions Settings -> Search Settings -> Siri -> Siri APp Access -> Apps Additionally, in the App Store, the hidden app still shows as downloaded. Moreover, global searching for the full name of the app in global search also reveals the app and allows it to be opened. Why isn't the hiding more thorough? Is this a bug or intentionally designed this way?

Does anyone have recent experience of what App Review consider acceptable for location purpose strings these days? My map apps simply display a blue spot on the map showing your current location when you turn on the app's location button. That data doesn't leave the app; I'm not selling it to anyone, or doing anything nefarious. For years, I've had concise location purpose strings such as "Your location will be shown on the map". Now, App Review seem to find that inadequate. They say: "One or more purpose strings in the app do not sufficiently explain the use of protected resources. Purpose strings must clearly and completely describe the app's use of data and, in most cases, provide an example of how the data will be used. Next steps: Update the ... location purpose string to explain how the app will use the requested information and provide an example of how the data will be used. " I've just look at what Apple Maps uses as its purpose string, and it's just "Your location is used to show your position on the map, get directions, estimate travel times, and improve search results." I'm only doing the first of those things, so surely "Your location is used to show your position on the map" would get approved, right? Wrong! I have similar issues with the photos purpose string.

I've added .storeButton(.visible, for:.policies) to my SubscriptionStoreView, and the buttons do appear, but when I tap on them I get a sheet that just says "Terms of Service Unavailable / Somethng went wrong. Try Again.". (similar for Privacy Policy). Is this expected in development? Will these start working correctly in production? (and, more importantly, in App Review?) The docs say that these use the values (i.e. URLs) set in App Store Connect, but that I can override those. This is a new app. Is that wrong, do I need to set the URLs explicitly? Edited to add: the console reports: Failed to fetch terms of service and privacy policy: Error Domain=NSURLErrorDomain Code=-1011 "(null)"

Great post https://security.apple.com/blog/private-cloud-compute/ and I'd love to get on the action to help as a security researcher. There is a call to action, but it seems to be postponed until "after PCC becomes available in beta". Who at Apple should I keep in touch with and what is the best way to communite with that team. Thanks, François Proulx Software Supply Chain Security Research Lead at BoostSecurity.io

In the 'notes' app, users are allowed to set custom passwords to restrict other people who may know your device password from accessing it. However, in the 'lock and hide app', there is no support for custom passwords to prevent people who may know your device password from accessing your privacy. For example, your wife. Why is it necessary to allow certain places in the settings, such as permission settings and privacy reports, to still be able to view hidden apps after hiding them, instead of completely hiding them?

Errors building with manual provisioning profile and packages with PrivacyInfo.xcprivacy added. When I look at the changes in the package, the only difference is adding this .xcprivacy file. The error looks like this: PLCrashReporter_CrashReporter does not support provisioning profiles, but provisioning profile *** has been manually specified. Set the provisioning profile value to "Automatic" in the build settings editor. Using an Enterprise certificate with manually created provisioning profile, I don't have the option to choose automatic. And I can't change build settings for the swift packages. Does anyone know how I can work around this issue?

I am a spatial computing / XR and Human-Computer Interaction researcher from a private university. I am interested in using the vision pro's newly-exposed camera access to develop and evaluate new algorithms for computational perception. ( WWDC session here: https://developer.apple.com/wwdc24/10139 ) I understand this is targeted at large enterprises, but I would like to know if by some means as a researcher affiliated with an educational institution I could develop private for-development-only applications for the vision pro with the enterprise APIs enabled. The intent is not to publish apps, but rather to contribute to the research community through R&D. However, to my knowledge, I would be ineligible as a normal "business" as I do not employee 100+ employees. I am an independent researcher, and on occasion, I collaborate within small research groups within my university that focus on this kind of camera-based perception algorithm development. Could someone from Apple comment? Thank you.

Hi, I have an issue with App submission. My flow is: show third party cookie consent banner (is an external SDK) show ATT Apple with this message "Allowing tracking will enable more personalized ads for you." Apple says this: You collect data to track after the user selects "Ask App Not to Track" on the App Tracking Transparency permission request. Specifically, we noticed the app accesses web content you own and collects cookies for tracking after the user asked you not to track them. Next Steps To resolve this issue, please revise the app so that you do not collect data for tracking purposes if the user does not give permission for tracking. Alternatively, if you do not collect cookies for tracking purposes, revise the cookie prompts that appear in the app to clarify you do not track users. in the rejection they put the ATT alert and the third party banner as the screen Do you have any input on this as Apple never says things clearly about what the problem is. Thank you

Is there a Description key for an app to explain why it's requesting Accessibility permissions?

I am trying to access the CMAltimeter class, and I keep getting the error Domain=CMErrorDomain Code=105. I know that indicates my app does not have permissions for motion and fitness. All the documentation I can find mentions the need to add NSMotionUsageDescription to Info.plist. However, I have done that, and it does not help. I am using Xcode 15. It seems that whenever I go to look up how to get permissions to something, the information on the web seems to be outdated, and Apple seems to move stuff around. I have found I can add the entry to Info.plist by using the Info.plist editor and selecting "Privacy - Motion Usage Description", but that does not help. I also notice that when I info tab on my build target, there is a "Privacy - Motion Usage Description" there also. If I add the entry there, it takes out out of my Info.plist, and makes an entry in the project's project.pbxproj file named INFOPLIST_KEY_NSMotionUsageDescription. Regardless of which of those I use, I still do not the 105 error. I'm sure I'm missing something more, but I can't find it anywhere. There was mention of a "Health and Fitness" in the signing capabilities, but I could not find anything listed there in Xcode 15

When I send a build in Xcode the process occurs normally, but a few minutes later I receive an e-mail saying: "ITMS-90683: Missing purpose string in Info.plist - Your app’s code references one or more APIs that access sensitive user data, or the app has one or more entitlements that permit such access. The Info.plist file for the “***.app” bundle should contain a NSMicrophoneUsageDescription key with a user-facing purpose string explaining clearly and completely why your app needs the data. If you’re using external libraries or SDKs, they may reference APIs that require a purpose string. While your app might not use these APIs, a purpose string is still required." So the problem is the description of the use of the microphone, right? As the attached image shows that I have already done this process, and I continue to receive this error. Even when I remove the part of the avfoundation code that uses the microphone to try to submit the build, the error continues to be returned to me

By calling the deactivationRequest from the main app bundle, we see Privacy & Security prompts for TouchID to deactivate the System Extension. We want to know if there's way to avoid that prompt. And also need know why the prompt pops up to deactivate our own app's System Extension component. We even tried to call the deactivate request from Daemon which contain the root access. We still see the prompt. https://developer.apple.com/documentation/systemextensions/ossystemextensionrequest/deactivationrequest(forextensionwithidentifier:queue:)

Hello, I include a Privacy Manifest file in my app and specify one Privacy Nutrition Label Type (Email Address, for marketing purposes). My app uses some third-party SDKs like RevenueCat that contain Privacy Manifest files with nutrition label types specified (Purchases History for RevenueCat for example). Xcode can generate a report that aggregates all the data types that are collected by the app. But is App Store Connect updated when I upload a build? Or do I have to manually setup the App Privacy info? Thanks

We're testing this new functionality with our app. One issue I've discovered is that because Gmail intentionally doesn't support push via the Mail app, sending codes to a Gmail email means users will likely never see this autofill. It does appear if you enter the Mail app, pull new messages, and then quickly switch back to the code entry in your app and present the keyboard. I'm basically looking for a behaviour correction here from Apple. Perhaps iOS should intercept notifications for the Gmail app (and other notable apps), or provide a way for devs to publish codes to a system API. As it stands, a large portion of our customers who use Gmail presumably will not be able to use this autofill feature.

Good afternoon, After a long time of using of Macbook security popups with requesting access from apps start appearing For example today I opened vscode to work with nuxtjs and 3 popups appeared: vscode requests access to photos, calendar, contacts, desktop, icloud etc The same happens with PHPStorm. If I open terminal, the same things happen with terminal I haven't installed anything and haven't updated anything Then I decided to update the latest MacOS, thought that it may help, but it didn't help My questions are: How to fix that? All applications even terminal should not have such permission requests Is it a bug and it will be fixed in a patch? Why do these popups always appearing if I clicked Don't allow? OS: MacOs Sonoma 14.5 Mac book Pro 2019

We are requesting some information on what should be done in the following case: We have an application that has a privacy manifest, where tracking domains are listed. When the user does not give his/her consent to be tracked, non tracking domains are being used for requests to bring ads. The application in question has a webview where content (ads) are loaded. When a user clicks on an ad, another webview is opened, and this webview does not know that it is in a non tracking flow. Therefore, tracking domains are being used instead of non tracking domains. Since multiple redirections might be in play, there is no way to pass data from the original webview to the one that is opened once the ad is clicked. Would the tracking domains being used in the second webview be blocked? If so, what can we do to circumvent this scenario? Is this even a use case considering privacy manifest? Thanks

Hello, I have an iOS app that is recording audio that is working fine on iPads/iPhones. It asks for microphone permission and after that recording works. I installed the same app on my M3 MacBook via TestFlight since iPad apps are supposed to work without a change that way. The app starts fine and everything, but it never asks for Microphone permission, so I can't record. Do I need to do something to make this happen (this is not macCatalyst, its running the arm64 iPhone binary on macOS) thanks

Hi everyone, I wanted to ask if anybody knows what the current status is about the declaration of required reasons APIs. Before May 1, when I uploaded a new build to the App Store Connect and added it to a group with external testers, I got a notification by email like the following: ITMS-91053: Missing API declaration - Your app’s code in the [...] file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryDiskSpace. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. In an article published by Apple (https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api) it is even statet that that after May 1, apps that do not comply are not accepted by the App Store Connect. According to my interpretation, even the upload should be rejected. I am currently in the process to add a privacy manifest and add the declarations. For testing purposes, I wanted to add the declarations step by step and see where I still need to fix anything. My problem is, that the warnings by apple are not beeing sent anymore. I have uploaded a new build after May 1 with no privacy manifest and therefore no API declarations, it was accepted by App Store Connect and even passed the review for an external testers group. Does anybody have information about the following questions? Did Apple shift the deadline? How can I trigger the warning emails again so that I know what to fix and see, when my app is compliant? Thanks in advance!

I added Privacy manifest for my app and submit it to review and apple reject my app with what comment ITMS-91054: Invalid API category declaration - The PrivacyInfo.xcprivacy for the “Frameworks/SmartlookAnalytics.framework/SmartlookAnalytics” file contains “Disk Space” as the value for a NSPrivacyAccessedAPIType key, which is invalid. Values for NSPrivacyAccessedAPIType keys in any privacy manifest must be valid API categories. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api. i look at the package manifest and all looks fine (attached image). Maybe somebody saw that issue - and may tell me how can i fix it.