My app was rejected because the camera usage description was too vague. When I went back to update it with clearer language, the description now does not show up at all. I've edited the Privacy - Camera Usage Description in info.plist targeting the iOS app but it still does not show up. I looked at this old thread but I've already followed the steps suggested therein to no avail.

At times, I saw a Local Network Privacy Alert when opening an app, even when I'm exclusively using cellular data. Additionally, when I reinstall certain apps from the Apple App Store at the same time, some of them immediately request provincial network permissions, others do not which may only use the system network library. Has anyone else faced this issue? It seems like a system issue lead to a unexpected behaviour. The console log has some XPC_ERROR_CONNECTION_INVALID error log related to the process of nehelper. nehelper sent invalid response: <dictionary: 0x245cb7e20> { count = 1, transaction: 0, voucher = 0x0, contents = "XPCErrorDescription" => <string: 0x245cb7fb8> { length = 18, contents = "Connection invalid" } } 30760 0x89d905 UsageTrackingAgent 38502326 libsystem_networkextension.dylib nw_parameters_set_source_application_by_bundle_id_internal Failed to convert from bundle ID (com.apple.UsageTrackingAgent) to UUID. This could lead to wrong data usage accounting. 30760 0x89d905 UsageTrackingAgent 38502326 Network

Hi, My iOS app allows a user to perform a rather expensive cloud operation (costs me 10 cents per time) and I want to ensure they can only do it once a day across all of their iOS devices. The marketing will make it clear this is how it will work so users won't be surprised. While most will only have one iPhone in practice, with my subscription pricing I'd lose money the second someone started doing it on a second device. I could solve this using Sign in with Apple to ensure there is a 1:1 correlation between Apple ID with paid subscription and a user account in my system that I could track usage against but I'd like to avoid users having to sign in at all since it would serve no purpose from a user perspective. identifierForVendor won't work since it's different across every device the same user has Is there something in StoreKit v2 receipts or transaction data that would be stable longterm and have the same result across all devices using the same Apple ID? I don't actually want any info about the user, just a stable anonymized identifier to see they are the same user on different devices. I could also go with a consumable in-app purchase but I don't think users would like this pricing model for this app. Thanks! Colin

We noticed that your app collects information about the user’s friends, contacts, or other third-party persons without the knowledge or consent of those parties. Specifically, the app allows users to enter an IMEI from an iOS device and obtain information. The App Store is designed to be a safe and trusted place for users to discover apps and apps on the App Store are held to a high standard for privacy, security, and content. Next Steps To resolve this issue, please remove any features that collect personal third-party user data from your app. i have a problem with that , but in my app I asked user accpect with Terms of Use & Privacy Policy for use onwer Serial or IMEI for main content ! but app review always Reject my project pls help me , tks a lot for erevyone have a nice day !

Hi, I have a query regarding the inclusion of the privacy manifest. Particularly, these SDKs are not maintained by their respective vendors or the community. Do we have any existing procedures or guidelines in place to tackle such scenarios? or is it possible to represent these SDKs from the app privacy manifest? Thanks.

Hi, Is there a way I can find all the permissions which are granted/denied to an app in iOS? Any particular API which can run through all the permissions at one place?

Being a software company we create and distribute an iOS SDK with our customers world wide. The distribution of the software is in the form of a static library / XCFramework to our customers. They will integrate the SDK and use it to collect data from their hosting as first party. As Apple enforced through this article “Describing use of required reason API” - “starting from Fall 2023 you’ll receive an email from Apple if you upload an app to App Store Connect that uses required reason API without describing the reason in its privacy manifest file”. We are using "NSUserDefaults” in our SDK which is one among the required API listed, and as of now we didn’t create a Privacy manifest file and declared this on the SDK. We tried uploading our app to the Appstore connect portal, as we are not complying with the requirement from Apple we expect to see the warning message. Currently we are unknown about the impact of not having the Privacy manifest, and we would like to test the scenarios and make sure we are declaring the correct information on our SDK. Please could you review this and let us know why we are not receiving the emails. Or is that Apple didn’t harden the uploads yet and something planned for future date?

Hello, is it possible to interact with a nearby device through Bluetooth LE, from the authorization plugin? Currently, I have: a plugin bundle, registered with the authorization mechanisms; a daemon that I have set up to contain all the business logic added the com.apple.security.device.bluetooth entitlement to the daemon package, to allow Bluetooth communication; registered the daemon through LaunchDaemons so that it is managed by launchd And I'm using XPC to communicate between the plugin and the daemon. When I send the request to the daemon to scan for peripherals, I get a TCC error: 0xd5a Error 0x23e5 161 0 tccd: [com.apple.TCC:access] Refusing TCCAccessRequest for service kTCCServiceBluetoothAlways from client Sub:{...} in background session The above error seems to suggest that I can't grant the bluetooth permission from the daemon itself, is there a recommended way to grant permissions before running it? And if granted, would I be able to utilize the framework successfully from the logon screen? Other options I have tried: Invoking the framework directly from the plugin, which failed. Probably because the Security agent process isn't entitled to communicate via Bluetooth and that it would require changing the host process entitlements plist, which I don't have access to? 🤔 Attempting to use a launch agent in lieu of a daemon, with proper entitlement, but that didn't work either. Probably because launch agents are loaded after the user has successfully logged in and I was invoking it before? 🤔 And lastly, I looked into the possibility of utilizing Privacy Preference MDM payload to grant access, but it seems like the MDM options do not include Bluetooth support. Is there any other way to accomplish this? Thank you!

**We noticed that your app collects information from various public sources to build individual profiles, which is not appropriate for the App Store. Next Steps To resolve this issue, please remove any feature that attempts to build individual profiles based on collected public data. ** I do not understand what information that I collect from various public sources to build individual profiles My app takes the image from user and process it to extract facial features and compare other faces in the app database also the user can create an account if he wants to post a missing report and I ask to input the name and gender and date of birth and other information of missing person and all of this I explain in app review But I still face this replay what to do ?

Hi there, We've built a lock screen widget for our app, which displays sensitive information which we would love to hide when the device is locked. The widget contains a VStack with in there a Text with the subject name and another Text with the actual value of the subject. The last Text component with the value should be redacted. During development, we've tried already some things like fully hiding the content on locked (setting Data protection to "Complete protection" on the App ID), but that was not really the result we were looking for. We also tried to set .redacted(reason: .privacy) on the Text component, but that does not result in masking the value when locked. Same goes for setting the component with privacySensitive(). What can I do to make this behaviour work as expected? The view: VStack(alignment: .leading) { Text("Name of Subject") .font(.system(size: 15.0)) Text(entry.dataIsOutdated ? "-.--" : entry.valueAsString!) .font(.system(size: 28.0)) .fontWeight(.bold) .minimumScaleFactor(0.5) .redacted(reason: .privacy) } .frame(maxWidth: .infinity, alignment: .leading) .widgetURL(URL(string: "app-scheme://deeplink")) Thanks for helping!

A website visitor used iCloud Private Relay to send a hate crime email through our web form. What options do we have to prevent this from happening and/or to find out who this person is?

The number is not sync between UIDevice.current.batteryLevel and status bar battery level, maybe due to iOS system battery status update frequency

Hello! Our xcframework is based on .a library. I try to put privacy manifest in ios-arm64 folder of xcframework。But after i generate privacy report, it didnot contain the privacy mainfest of this xcframework。 Our xcframework like this: Tools.xcframework Info.plist ios-arm64 Headers libTools.a PrivacyInfo.xcprivacy Anyone knows how to solve it? Thanks a lot.

Hello, Let's imagine an application (Application A) which launch another application (Application B). These applications are bundle apps. What happens if Application B tries to read a file in current user's Documents folder ? TCC will check if the application is allowed to access to Documents folder. But will it check this right for application A or application B (or both ?) I have tried to run an application from Terminal. My terminal is authorized to access to Documents folder. And i am surprised because TCC did not asked me to allow the application itself. It seems TCC is looking for parent process rights. Can you confirm ? Thanks

I have an iPhone with iOS 16.7.2, Microsoft Windows 11 23H2 and iCloud app for windows 14.2 and when I select option to turn on Advance Data Protection, it requested me to download iCloud for Windows latest version but there's not higher version that 14.2. I needed to delete profiles from my iPhone and then, I could activate data protection on but now, I can't access to iCloud app from Windows PC. Is there another way?

Hello all, My team makes a third-party SDK in the form of an xcframework, and we're working on creating our privacy manifest. However, I've noticed that the privacy manifest we include in the xcframework does not seem to get aggregated in with the base app's manifest when generating the privacy report. Is that even the expected behavior? That when generating a privacy report, it will aggregate the manifests from the app and all frameworks? We've always recommended to our clients to select "Do not embed" when adding our SDK, as embedding it seems to introduce problems when submitting to the app store. Are the problems in the aggregation due to the fact that it's not embedded? If it turns out that our manifest won't get aggregated with the client's app's manifest, what should we do? Should we recommend that they manually include any items from our manifest into theirs? I'd appreciate any information, I haven't been able to find any solid details on any of this.

I have a question about the privacy manifest file (PrivacyInfo.xcprivacy). If the third party SDK used in our app is not updated (or the repository is read-only and not permanently updated), can we include the description for the third party SDK in the privacy manifest file of our app?

I have an application that uses Accessibility APIs to determine if a browser tab with website content is present by checking for the AXWebArea role element. However, some users have reported that the app is not working after a recent update. When I check for permission using the following code, the result is YES, but the app still cannot detect the AXWebArea element in the browser though other elements like AXButton were there: NSDictionary *options = @{(__bridge id)kAXTrustedCheckOptionPrompt : @YES}; NSLog(@“%d”, AXIsProcessTrustedWithOptions((__bridge CFDictionaryRef)options)); The issue is resolved when the app is removed and re-added to the Accessibility permissions list in the System settings. I would appreciate a detailed explanation of what could be causing this issue.

After some years our app has been writing some data to HealthKit we decided to remove this functionality from the app. Permissions were removed from requestAuthorization(toShare:read:completion:) method. For new users everything works fine, but for users who were already asked for writing permission in Settings toggles for permissions are still on. Is it any way to update toggles list in Settings for actual state of permissions? Thanks in advance.

It seems that whenever I scan the contents of ~/Library/Containers with my app, I get the warning [App] would like to access data from other apps, regardless of how often I have already allowed it. When the warning appears, the last scanned file is ~/Library/Containers/com.apple.CloudPhotosConfiguration/Data. My sample code: let openPanel = NSOpenPanel() openPanel.canChooseDirectories = true openPanel.runModal() let url = openPanel.urls[0] let enumerator = FileManager.default.enumerator(at: url, includingPropertiesForKeys: nil) while let url = enumerator?.nextObject() as? URL { print(url.path) } Is it expected that one has to allow this warning every time the app is run?