Hi all: I have a macOS application which capture mouse events: CGEventMask eventMask = CGEventMaskBit(kCGEventMouseMoved) | CGEventMaskBit(kCGEventLeftMouseUp) | CGEventMaskBit(kCGEventLeftMouseDown) | CGEventMaskBit(kCGEventRightMouseUp) | CGEventMaskBit(kCGEventRightMouseDown) | CGEventMaskBit(kCGEventOtherMouseUp) | CGEventMaskBit(kCGEventOtherMouseDown) | CGEventMaskBit(kCGEventScrollWheel) | CGEventMaskBit(kCGEventLeftMouseDragged) | CGEventMaskBit(kCGEventRightMouseDragged) | CGEventMaskBit(kCGEventOtherMouseDragged); _eventTap = CGEventTapCreate(kCGHIDEventTap, kCGHeadInsertEventTap, kCGEventTapOptionDefault, eventMask, &MouseCallback, nil); _runLoopRef = CFRunLoopGetMain(); _runLoopSourceRef = CFMachPortCreateRunLoopSource(NULL, _eventTap, 0); CFRunLoopAddSource(_runLoopRef, _runLoopSourceRef, kCFRunLoopCommonModes); CGEventTapEnable(_eventTap, true); CGEventRef MouseCallback(CGEventTapProxy proxy, CGEventType type, CGEventRef event, void *refcon) { NSLog(@"Mouse event: %d", type); return event; } This mouse logger need accessibility privilege granted in Privacy & Security. But I found that if accessibility turned off while CGEventTap is running, left & right click are blocked, unless restart macOS. Although replace kCGEventTapOptionDefault to kCGEventTapOptionListenOnly can fix this issue, but I have other feature which require kCGEventTapOptionDefault. So I try to detect accessibility is disabled and remove CGEventTap: [[NSDistributedNotificationCenter defaultCenter] addObserver:self selector:@selector(didToggleAccessStatus:) name:@"com.apple.accessibility.api" object:nil suspensionBehavior:NSNotificationSuspensionBehaviorDeliverImmediately]; } However, the notification won't be sent if user didn't turn off accessibility but removed it from list. Worse, AXIsProcessTrusted() continues to return true. Is there a way to fix mouse blocked, or detect accessibility removed? Thanks!

In the Required Reason API doc, the UserDefaults section defines NSPrivacyAccessedAPITypeReasons CA92.1: Declare this reason to access user defaults to read and write information that is only accessible to the app itself. This reason does not permit reading information that was written by other apps or the system, or writing information that can be accessed by other apps. If I store a user generated string in UserDefaults, later on fetch it within the same app, send it to my backend component, and lastly my backend component share the string with 3rd party developers, do I still fall into the CA92.1 category? In other words, do I need to submit an approval request for this kind of usage? My understanding is this usage still falls into CA92.1 because it does not access device signals for fingerprinting purposes, but I am not sure. Please advice. Thanks!

Hi everyone! I've encountered an issue while developing an app using SwiftUI and could use some help or suggestions. It seems that there's a conflict between using PasteButton and a background gesture simultaneously. Xcode: 14.3.1 var body: some View { VStack(spacing: 25) { Button("button") { debugPrint("tap button") } PasteButton(payloadType: String.self, onPaste: { _ in debugPrint("tap PasteButton") }) } .background(.yellow) .onTapGesture { debugPrint("tap background") } } In the code snippet above, when I tap the Button, it displays tap button. However, when I tap the PasteButton, it shows tap background. Strangely, if I long-press for a second and then release, it displays tap PasteButton. From the view hierarchy perspective, Button and PasteButton both appear at the top level. The only peculiar aspect is that upon screen generation, the PasteButton doesn't immediately appear; it gradually emerges with an animation after approximately 0.5 seconds. If anyone has experience or thoughts on handling this PasteButton and background gesture issue in SwiftUI, I'd greatly appreciate your input. Thanks so much!

Hello everyone, According toPrivacy manifest files | Apple Developer Documentation, the following targets require a privacy manifest: Apps and third-party SDKs — distributed as XCFrameworks, Swift packages, or framework bundles — can contain a privacy manifest file, named PrivacyInfo.xcprivacy. From this statement, I know "Swift packages" are included under "third-party SDKs". However I'm not clear what kind of "Swift packages" are considered as "third-party SDKs". Referring to the answer, Digital signatures available for S… | Apple Developer Forums, it's mentioned that digital signatures is focused on binaries. From this, I understand that Privacy manifest is mandatory for Swift packages containing binaries. However, I'm unclear about the necessity of the Privacy manifest in the following two scenarios, for example: Is a privacy manifest required for open-source Swift packages that only provide source code? For local swift packages used within an app (like for modularization) that contain only source code, is a privacy manifest necessary? If anyone is familiar with this, your insights would be greatly appreciated.

I want to use Admob in my application - an ad when opening the application only! After many searches, some of which I did not find an answer but i found: As of December 8, 2020, Apple has made it mandatory for developers to release what data is being collected and what it's being used for. If developers don't comply, they won't be able to publish new apps or release updates for current apps. My questions is: According to Apple policies, can Admob be used in the application? and to upload the application, what data does Admob collect and what i need to mark in app store connect?

Hey all, recently I've been inspecting my app's privacy report to look for any unexpected hosts. One thing I've noticed is that for hosts that seem unexpected, like the facebook example below, the context field is populated. For all expected requests, it is an empty string. Here in the docs, context and contextVerificationType are not described in much detail. Could someone provide me with some more detail on how those fields are populated? My assumption is that these domains are coming from embedded WKWebView's, but I'm not sure how those fields are populated so I cannot confirm my suspicion. Is it possible to have context poopulated without being in a webview? { "timeStamp":"2023-08-08T09:37:33.456-04:00", "initiatedType":"AppInitiated", "context":"facebook.com", "domain":"www.facebook.com", "contextVerificationType":2, "type":"networkActivity", "domainType":1, "firstTimeStamp":"2023-08-08T09:37:33.456-04:00", "bundleID":"my-bundle-id", "domainOwner":"Facebook, Inc.", "hits":1, "domainClassification":1 } Thanks! LMK if I can add any additional details or if this has been discussed before.

From this document Note : You only need to supply NSPrivacyAccessedAPITypes for apps and third-party SDKs on iOS, iPadOS, tvOS, visionOS, and watchOS. From this video iOS 17 automatically blocks connections to tracking domains that have been specified in any privacy manifest included in your app It seems iOS needs NSPrivacyTrackingDomains to block connections when user has NOT provided tracking permission. But the document says only needs NSPrivacyAccessedAPITypes to supply. As a SDK(for iOS) developer, I would like to know which keys to provide for Privacy Manifest. Also, I made an app including xcprivacy to test NSPrivacyTrackingDomains to block connections but it connected to the domain. Is this feature already available in Xcode15 beta 5 (iOS 17 beta 5)?

The new protection of a private window in safari is great. But what if you share your iPad or Macbook with your children who also can acces the device with their fingerprint or passcode? I would like to see the option for a separate passcode for a private window. Is that something that is in the development pipeline?

We have an iOS application that supports the iOS share extension. We notice when a link is shared from Google Maps to other apps, the link automatically gets a "g_st" parameter with the bundle ID of the target app! The bundle ID of the destination share extension app becomes a part of the shared URL dynamically! This is being used as a kind of referrer with links. How is this being done and is this something that's allowed in iOS? For example, if a Google Maps link is shared to the LinkedIn iOS app, the URL changes to contain LinkedIn's share extension bundle ID!

Currently building a freemium iOS app without any login features. In order to track the paid features (i.e. unlimited token usage) I am using device ID in the database (using Google Firebase). Problem is I see new device IDs pop up in the database for the same user using the same device. This breaks the paid feature and removes their access to unlimited tokens when this new device ID activates. Other then creating a formal login system (e.g. username and password) what is the best way to log a user's device info so that the app user can keep their paid features? Thanks for the help!

I am getting the error below after successfully notarizing my app and then I try to install from the DMG and try to launch it, it crashes. Termination Reason: Namespace TCC, Code 0 This app has crashed because it attempted to access privacy-sensitive data without a usage description. The app's Info.plist must contain an com.apple.security.device.audio-input key with a string value explaining to the user how the app uses this data. Note: I have already added the entitlements to my electron-builder config and and I can see the entitlements in the Info.plist of my .app in the Applications directory. hardenedRuntime: true, extendInfo: { NSMicrophoneUsageDescription: 'Need microphone access for recognizing audio', 'com.apple.security.app-sandbox': true, 'com.apple.security.cs.allow-jit': true, 'com.apple.security.device.audio-input': true, 'com.apple.security.cs.allow-unsigned-executable-memory': true, 'com.apple.security.cs.disable-executable-page-protection': true, 'com.apple.security.cs.disable-library-validation': true, 'com.apple.security.device.microphone': true, 'com.apple.security.network.client': true, 'com.apple.security.files.user-selected.read-write': true, 'com.apple.security.cs.allow-dyld-environment-variables': true, }

We send out a transactional emails and have made all the important configurations (mail tester score 9.5 to 10 out of 10 points; DKIM, DMARC, SPF, etc.). However, Icloud.com marks our emails as SPAM and gives an X-ICL SCORE of 4.333034030041. Apparently a value >4 is classified as SPAM for iCloud. How do I find out what exactly is driving the value up to 4 so I can improve that?

Hi Apple Team, As for considering allowed reasons for accessing required reasoning API, fraud detection is not listed as allowed reason or any exception for scenarios involving fraud detection described in the document. I believe it is necessary to add, fraud detection as allowed reason or grant exception for scenarios involving fraud detection as valid usage, as these API's play crucial role in detection and prevention of frauds. API's playing crucial role in fraud detection and prevention. System boot time APIs User defaults APIs Disk space APIs Thank you.

I work for a company that specializes in providing fraud detection With Apple's recent announcement regarding the introduction of privacy manifests, we are want to ensure that we are fully compliant with all requirements and standards. Our company provides third-party libraries for various businesses to integrate into their platforms, primarily to detect and prevent fraudulent activities. This data is solely used for fraud detection and prevention, and not for advertising or any other purposes. Given the outlined context, we seek clarity on the following points: As a third-party library provider focused on fraud prevention, do we need to disclose the specific data points we collect under the new privacy manifest requirements? Are there any particular considerations or exemptions for companies that use data exclusively for security and fraud prevention purposes and not for advertising or other unrelated functionalities? Same questions but regarding required reason API I have wrote the support but did not get any message back, so want to try my chance on the forum

Hi guys, has anyone seen this issue? When installing an application, which requires Full Disk Access (kTCCServiceSystemPolicyAllFiles), user enables this feature, but after reboot, OS automatically turns it off. Filed feedback in case it's a new issue. Any idea how to fix it? Any workaround to keep Full Disk Access enabled? Thanks.

Hi Apple team. Our library calls stat/fstat to get the file size, not the timestamp. In this case there is no applicable reason for NSPrivacyAccessedAPITypeReasons. Will the app still be rejected if I don't set something for NSPrivacyAccessedAPIType? Or should I write a reason for lying? The documentation seems to be contradictory.

This may be a dumb question, but I can’t seem to find an answer that I understand. If I integrate GameKit/GameCenter into my game, essentially just to auth and then unlock achievements, MAYBE a leaderboard; do I become liable for player data under for ex. GDPR? I don’t plan on sending it anywhere so I guess that’s why I’m so unsure.

I've added a privacy manifest (via Xcode 15) in my iOS app and created a new release that was approved and published.. However, in App Store Connect my apps Privacy Nutrition Labels (General > App Privacy) have not been updated, nor have the privacy labels been updated in the actual App Store for my latest release. So my question is: Shouldn't have my app's App Store Connect privacy page and App Store privacy nutrition labels be automatically updated, per my latest release that included the new privacy manifest? I'm under the impression that they should have but maybe I'm mistaken; it would seem odd to still have to manually update privacy nutrition labels in App Store Connect when a privacy manifest was in the latest approved/published release. Thanks.

Hello, I've been going through Apple's documentation on describing the use of required reason APIs in the privacy manifest file, and I have a question about handling APIs from third-party SDKs. If we've already integrated the manifest file provided by the third-party SDK into our project, do we still need to list the reasons for the APIs from the third-party SDK in our app's manifest file?

My app was rejected because I use the word 'Enable' on a button, which triggers the system permissions request. I've attached below the the rejection reason, along with the screenshot they provided. I made an appeal for this rejection last week, but haven't heard anything since. So I thought I'd ask for opinions. My issue with the rejection is that not only can I not find any violation of Privacy guidelines, but the suggestion from the reviewer is worse and would be a confusing UX. My flow is a typical onboarding flow, describing features and asking for permissions up-front to ensure the app works properly from the start - something lots of apps do. Sure it could be improved but this is the first version & release. Does anyone have any thoughts on this issue, or even a better suggestion than the one the reviewer provided?