I am using cloudkit to save users high scores in a public database. The preference over using Game Center is because of simplicity and works really well for what I want to achieve. I simply want to let users know their global position. Because of data privacy laws the app asks the user for their permission to submit their score each time they get a new high score. However, I have noticed that CKRecords under 'created' and 'modified' in addition to UTC time and date also contain creatorUserRecordID. Could this be a privacy issue? Can you extract any personal information from this? Can this be used to track back to the user? Is it linked to CKUserIdentity which I understand does contain personal information, although as I understand you need users consent to get this information. Under creatorUserRecordID it says... "Every user of the app has a unique user record that is empty by default. Apps can add data to the user record on behalf of the user, but don’t store sensitive data in it"
Currently I simply ask the user if they are happy to submit their score. But do I need to point out that it also stores a creatorUserRecordID? Obviously I don't want to do this if it is not needed as the user will 1) Probably not understand what a creatorUserRecordID is and 2) It makes the question complicated and will likely make most people refuse to submit their score.
If it is a privacy issue, is there anyway to stop a CKRecord creating this ID and simply save a score? All I need is a list of scores so the app can determine their current position.
If creatorUserRecordID does not contain any personal details and cannot be tracked back to the user please let me know, so I can be reassured that my current set up is fine and I am not causing any privacy issues!
This post did seem to indicate you may possibly be able to fetch personal details?? https://stackoverflow.com/questions/55782166/how-do-i-fetch-any-info-about-user-that-modified-ckrecord
creatorUserRecordID is a system-created ID tied to a CloudKit container. Back to the earlier day, CKContainer had APIs for discovering user records if the users meet some criteria – For example, they must be in the current user’s on-device Contacts database, and have granted the userDiscoverability permission for the container.
Those APIs were deprecated years ago, as you can see from the link mentioned above, and so there is no API today that can discover the user identify represented by creatorUserRecordID. Given that, I don't see any obvious privacy risk when using the ID.
CloudKit needs creatorUserRecordID for access control, and so there is no way to prevent the system from creating it. If you would really like to avoid that,maybe consider using NSUbiquitousKeyValueStore, which allows you to store a maximum of 1024 keys (and per-key value size is limited to 1 MB), and doesn't expose any CKRecord.
Best,
——
Ziqiao Chen
Worldwide Developer Relations.