Your App Will Get Rejected | New Privacy Rules - 2024
Переглядів 30,009
День томуAs of May 1st, 2024 Apple implemented new privacy requirements for all new apps and app updates. These rules require a privacy manifest for popular third party SDKs and your app if you are using a required reason API. UserDefaults is a required reason API so this will affect the vast majority of us.
I show you how to create a privacy manifest in Xcode to fix this issue so can get through app review and get your app on the App Store.
My iOS Dev Courses:
seanallen.teachable.com/
Privacy Updates for App Store Submissions:
developer.apple.com/news/?id=...
Upcoming third-party SDK requirements:
developer.apple.com/support/t...
Describing use of required reason API:
developer.apple.com/documenta...
Describing data use in privacy manifests:
developer.apple.com/documenta...
My Source Code:
seanallen.teachable.com/p/sou...
X (Twitter):
Sean Allen - / seanallen_dev
Hired.com:
hired.com/x/1n01g
Book and learning recommendations that help out the channel if you decide to purchase (Affiliate Links):
Mark Moeyken’s SwiftUI Books:
www.bigmountainstudio.com/a/f...
Paul Hudson's Hacking With Swift:
gumroad.com/a/762098803
RocketSim - Enhance Your Xcode Simulator:
gumroad.com/a/51797971/ftvbh
Objc.io Books (Thinking in SwiftUI & Advanced Swift):
gumroad.com/a/656585843
Timestamps:
0:00 - New App Store Privacy Requirements
0:41 - New 3rd Party SDK Requirements
1:41 - Does this apply to you?
3:06 - What to do about it.
4:45 - Privacy Manifest - User Defaults fix example
5:38 - Required Reasons APIs
8:10 - Your App's Privacy Collection (Health example)
10:39 - Generate Privacy Report in Xcode
#swift #softwaredeveloper #iosdeveloper
@seanallen Місяць тому
Learn more iOS Dev with my Swift, SwiftUI & UIKit courses at seanallen.teachable.com
@K-ti2bb 7 днів тому
What if I use user's location and I don't store it. Do I still have to add it in the list?
@maestrogoldring1094 Місяць тому
Thanks for breaking this down. Sometimes I have a hard time keeping up with these updates from Apple
@seanallen Місяць тому
It's damn near a full-time job...
@dj_256 Місяць тому
I'm an Android dev and dont worry, we are lost too
@peterpaniccc Місяць тому
I develop for android and iOS. I’m a bit masochistic
@chmiiller Місяць тому
thanks Sean, amazing video! There's no content like this on the web, please keep on posting
@seanallen Місяць тому
Thanks, will do!
@AivarsMeijers Місяць тому
I was lazy and just waited on video from you to fix this in my projects :) Thank you!
@seanallen Місяць тому
Glad I could help, Aivars :)
@karthikm.s.5150 22 дні тому
Thank you so much for this!
@rivforest2395 Місяць тому
thanks for the clarity and explanation! 😀
@seanallen Місяць тому
Glad it was helpful!
@manishparihar3361 Місяць тому
Thank you for sharing the updates🙌
@seanallen Місяць тому
You bet!
@ilyabiltuev 9 днів тому
Thank you, Sean! Useful as always! 👏
@seanallen 9 днів тому
Glad you liked it!
@cider6371 Місяць тому
Thanks, it took some time dig around and figure of the structure when the notice first popped up, as well as needing to generate the privacy report manually. I thought the plist was be sufficient enough and that the report would be generated automatically. This'll help remove some confusion for some devs
@etaosin Місяць тому
thx for this material. your news are helpful a lot
@seanallen Місяць тому
Happy to help.
@alexblaga2297 Місяць тому
Thank you! really useful and a great explanation!
@seanallen Місяць тому
Glad it was helpful!
@0xjorgev 20 днів тому
Thanks for the detail explanation Sean!
@seanallen 20 днів тому
Happy to help!
@chuanpham3541 Місяць тому
Super helpful, thank you!!!
@seanallen Місяць тому
Glad it was helpful!
@ShinigamiTodesengel Місяць тому
Thank you very much. This video was very helpful for me ❤
@seanallen Місяць тому
You're welcome 😊
@Nithinkozhikode Місяць тому
Thanks for sharing! 🙌🏻
@seanallen Місяць тому
Happy to help.
@iwillburn 22 дні тому
Thanks Bud!
@brianabayne2543 20 днів тому
Thanks so much!! You are amazing ! 💥
@seanallen 20 днів тому
Glad it helped!
@abhishekpednekar211 Місяць тому
You're a saviour! Thanks for the clarity :)
@seanallen Місяць тому
No worries!
@abhishekpednekar211 Місяць тому
@@seanallen I followed the tutorial step by step. 1. Added Privacy manifest. 2. Added key 'Privacy Accessed API Types' with type 'User Defaults' (Used Key from Apple's website) 3. Added Reason (CA92.1) 4. Submitted the build to appstore After doing these steps I still got the mail from Apple saying - ITMS-91053: Missing API declaration- Your app’s code in the “xyz” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryUserDefaults. Am I missing any step here?
@abhishekpednekar211 Місяць тому
@@seanallen I followed the tutorial step by step. 1. Added Privacy manifest. 2. Added key 'Privacy Accessed API Types' with type 'User Defaults' (Used Key from Apple's website) 3. Added Reason (CA92.1) 4. Submitted the build to appstore After doing these steps I still got the mail from Apple saying - ITMS-91053: Missing API declaration- Your app’s code in the “xyz” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryUserDefaults. Am I missing any step here?
@captaintech8337 8 днів тому
Awesome, thank you for the valuable information.
@seanallen 8 днів тому
Glad it was helpful!
@liang0 Місяць тому
this is super useful, thanks so much!
@seanallen Місяць тому
Glad it was helpful!
@azimjondev Місяць тому
@@seanallen 🤫 errorMessage: print("copy paste answer or duplicated") 🥶🥶🥶
@peterpaniccc Місяць тому
Thank you. Awesome content. Unfortunately I watched this after figuring out myself, which was painful
@seanallen Місяць тому
Ah, that sucks. It took me a while to read into this to sort of understand it (some of it is still a little vague)
@peterpaniccc Місяць тому
@@seanallen yes, same. It's poorly done by Apple. Only look at the emails they send. It's a wall of text. I really thought my build was broken. In my opinion it causes too much confusion. In the end, it is a good thing, but the message could be delivered a bit more "politely" (sorry not a native speaker) Keep up the good work 💪
@franksolleveld2909 Місяць тому
Thanks Sean! Very nice.
@seanallen Місяць тому
Glad you liked it!
@nileshjdarji Місяць тому
Very Nice. I am going to use this as a tutorial to update my pList on my next app update. Thank you for such a nice detailed video. Appreciate it a lot.
@seanallen Місяць тому
Happy to help, Nilesh. It was actually quite simple to implement. The tricky part was understanding what's required.
@nileshjdarji Місяць тому
@@seanallen Absolutely. Also I have a question on Deep dish swift. I will DM you on twitter.
@Plain-snippet Місяць тому
Thanks for the info ℹ️ 🙏
@seanallen Місяць тому
No problem 👍
@mskr1451 Місяць тому
Thanks Sean, Nicely explained, I guess signature part is missing that also mandatory for xcframeworks
@seanallen Місяць тому
Yes, 3rd party SDKs that are on that list will need a signature.
@KanyantaMubanga 27 днів тому
Thanks Sean!
@seanallen 27 днів тому
No worries!
@AriPace-xz1zj 21 день тому
Great video, thanks. Can you confirm that existing apps are grandfathered in? I've seen conflicting information on this. Thanks!
@user-gt2uz9jn7e 16 днів тому
Thanks a lot!!! 🙌
@seanallen 16 днів тому
Happy to help!
@tirumaleshkallepalli9176 Місяць тому
Thank you for detailed explanation...just want to know can we identify which the list of libraries require this declaration in our app
@user-rt8up3fo3m Місяць тому
Thanks for the info., I would be lost without this...
@seanallen Місяць тому
Glad to help
@samirguerdah7363 Місяць тому
Thanks for sharing all of this valuable informations. I have a question please, it's not clear for me if the privacy Nutrition Label is required in the privacy ma manifest ? Thanks
@sunbrite12 10 днів тому
Thanks fro sharing!
@seanallen 10 днів тому
You bet!
@amor35 Місяць тому
Thank you Sean. Much easeier than Apple docs.
@seanallen Місяць тому
Happy to help
@vladimirmoor Місяць тому
thanks a lot!
@seanallen Місяць тому
Happy to help
@khuongduongnguyen4306 3 дні тому
Cảm ơn Sean! Rất hữu ích
@borto_ale Місяць тому
Great video, saved me a lot of time! But i have a question: why isn’t the app privacy report on the app store automatically filled in based on the plist file? Do I really need to copy paste everything manually from the Xcode generated pdf?
@seanallen Місяць тому
I believe so at this point. This is all brand new stuff. The idea for the privacy report is to help you fill out your privacy info on the App Store. Before the privacy report you just had to guess what the 3rd party SDKs were doing.
@HiteshKumar-qr4kc Місяць тому
Thanks for sharing great knowledge Sean. I have this confusion, can you please help, If I have an app and I'm using one of the lib from the list so still I will have to update app with privacy file? OR only if I'm submitting a new app or adding any new lib?
@seanallen Місяць тому
If you are using a required reasons API (like user defaults) then you have to add the privacy manifest no matter what. If you are using a 3rd party SDK that is on that list, the way I read the documentation (as I do in the video), they 3rd party SDKs have to have a privacy manifest when submitting a new app or if you add that SDK as an app update.
@captainmichaelj2321 Місяць тому
Thanks so much for the content, as usual. I do have some legacy libraries which are not really maintained, can I still use them by declaring what they are tracking and putting them manually into the privacyInfo? Most of my libraries are ones mentioned by Apple, e.g Firebase, but I do use uncommon ones.
@seanallen Місяць тому
I mention this in the video, but if your app is already on the App Store and is using these libraries, you don't have to do anything. You're grandfathered in. It only applies if you are submitting a brand new app or adding one of those SDKs in an app update.
@VishnuvardhanNasina 23 дні тому
Hi, Is it applicable to MDMs also? or just for store submissions?
@alejandrotevez6302 Місяць тому
Im about to launch an app and sometimes I get so much into the bone that I forget to check on those kinds of details. You are a saint for breaking this stuff down, INSTANT SUBSCRIBE :D
@seanallen Місяць тому
Happy to help and welcome to the channel :)
@MassonLifestyle Місяць тому
Thanks for this video. Somewhat overwhelmed with all this things I have to do for JUST one app. I get it, it's all for privacy but I feel like I'm going to need to put in a check list of all the things that I need to review before I submit an app to the App Store. Or is there such a list?!
@seanallen Місяць тому
Sadly, that's the facts of life as an iOS dev. It gets more complex year after year.
@MassonLifestyle Місяць тому
@@seanallen it does!
@toadlguy Місяць тому
Of course, in this case, you could not collect user identifiable information 😀
@software-sage Місяць тому
Great overview for the new privacy rules. Apple is trying to confuse us. This breaks it down very clearly.
@seanallen Місяць тому
Happy to help!
@toadlguy Місяць тому
It should be noted that, although a PIA for developers, this is a good thing and is trying to avoid the use of 3rd party APIs collecting data and avoiding any need to report it to the user, even without the developers knowledge (as well as generally make the Privacy Nutrition labels better).
@seanallen Місяць тому
Exactly.
@NguyenThanh-zi2po Місяць тому
I have 2 app. The 1st app is a framework. I build it in release mode. And "pod install" it for my 2nd app like install Firebase sdk... I only install 1st app(framework) for 2nd app. Not public my 1st app. Should i create privacy manifests file for the 1st app?
@coffeeL-502 Місяць тому
thanks
@seanallen Місяць тому
You're welcome!
@messidsa1092 24 дні тому
after make the file should upload the file manifest? and where?
@dineshvijaykumar4237 Місяць тому
Just to clarify, this only applies if you are making a new update to your app or creating a new one? i.e. If I have an app currently on the store that uses UserDefaults and requires location updates, do I need to update it with the new privacy manifest file now? Or do I only need to do it when I make an update to the store?
@seanallen Місяць тому
Right. Your next update will be rejected if you don't have a privacy manifest. But if you never update the app, then you won't have to do anything.
@msolak48 8 днів тому
Teşekkürler.
@seanallen 7 днів тому
I appreciate the generosity! Happy the video was helpful.
@msolak48 7 днів тому
@@seanallen I sent an update to my application today by watching your video and it was approved without any problems. Thank you for preparing such valuable and useful content.
@bolloj7250 Місяць тому
If the 3rd party SDKs have not included the privacy manifest, can you cover them in your own app's manifest file? For example if a 3rd party is using UserDefaults without the manifest file, can I include its use of UserDefaults in my app's privacy manifest?
@seanallen Місяць тому
I believe so. Remember, this is all brand new so no one has experience with this yet. But as I read the documentation, I believe that's true.
@bolloj7250 Місяць тому
@@seanallen Thank you for your response, i suppose we have to try and find out. Apple docs were a bit vague
@subinsuresh3234 Місяць тому
We have an app which uses lot of inactive SDKs now(Last updated around 3-4 years ago), and getting email for Required reasons APIs. What should I do if I need to release some app updates?
@seanallen Місяць тому
As I read the documentation, you will need to include a privacy manifest in your app and declare that you are using the required reason API for. You will need to do your best to understand WHAT those 3rd party SDKs is using it for and declare the proper reason.
@subinsuresh3234 Місяць тому
@@seanallen So I need to add the required reasons API details in my privacy manifest file on behalf of the inactive SDKs?
@pritamsarkar7879 Місяць тому
1 question: I am currently building an app for launching in the App Store. My question is my app sign in /sign up from the backend data fetch by firebase, then how can I fatch these in the future and what will be the alternatives? AppAuth is also in the list. Love from 🇮🇳
@seanallen Місяць тому
You can still use the FirebaseSDK. I assume Firebase is updated often enough that they most likely already have the privacy manifest implemented. You would have to check their repo (like I mention in the video). But if they updated it, you should be fine as long as you're using the latest version of the package.
@ruslanzaki7946 Місяць тому
Thanks for sharing Sean, but why so stress-inducing title ?!
@seanallen Місяць тому
The game of UKposts, my friend.
@toadlguy Місяць тому
Hopefully some day, UKposts (and other Social Media sites) will realize the people are being manipulated in ways that are distinctly NOT positive and show some actual responsibility 😉
@isurujn Місяць тому
Thanks a lot of explaining all this, Sean. I was feeling a bit lost on this topic. On a related note. Is anyone else feeling like iOS development is becoming less fun due to these annoying grunt work? Setting up all the privacy nutrition labels on App Store Connect was tiresome enough. Now I have to do it in a plist AND do it in ASC again? You'd think ASC could simply automate this since we're supplying a damn plist with the app! Knowing how unreasonable and frustrating app reviewing can be, now I might have to face rejections due to the third-party SDKs as well. I haven't even thought about dealing with all the concurrency changes in the upcoming Swift version! I have half a mind to ditch iOS development and switch my stack altogether 😩
@seanallen Місяць тому
It definitely gets more complex every year as Apple updates and builds new things. But I imagine other platforms deal with this as well. The only constant in technology is change.
@tokero5199 Місяць тому
So does this replace all the clicking on app store connect that we previously had to do to create the privacy nutrition labels?
@seanallen Місяць тому
No. the privacy report that gets generated is just an aid to help all that clicking be more accurate.
@zacdemi Місяць тому
@@seanallen Hopefully Apple makes nutrition labels automatically for us soon.
@seanallen Місяць тому
@@zacdemi That would be ideal!
@tokero5199 28 днів тому
@@seanallen Ok thanks..
@azimjondev Місяць тому
Hello, is it possible to create this file and fill in the data in the project and upload the app to the appstore? Do we not need to send the reported .pdf file to another place?🙄
@Thehappiesthiccup Місяць тому
Do you know of any other sources confirming that you’re grandfathered in if you your app is already in the store and uses those SDKs?
@seanallen Місяць тому
You want another source other than Apple itself? developer.apple.com/support/third-party-SDK-requirements/#:~:text=SDKs%20that%20require%20a%20privacy%20manifest%20and%20signature&text=Starting%20in%20spring%202024%2C%20you,as%20part%20of%20the%20update.
@Danica-jh9jz Місяць тому
@@seanallen sorry for the confusion, i still dont understand... what if i have an app that uses those sdk-s (and old app), and i want to release updates, but not adding any of those sdk-s, just to continue using them?
@seanallen Місяць тому
According to that linked documentation, those SDKs only require a privacy manifest if you are submitting a new app to the app store that includes them OR if you are updating an existing app that is adding one of those SDKs.
@ChristopherCricketWallace 4 дні тому
It's a shame this isn't auto-generated by sniffing out which SDKs and APIs are used. At least make the first version and let us edit it before submission.
@masteringreactnative 29 днів тому
We added facebook sdk to our react native expo app, how should we go about fixing this in react native?
@seanallen 29 днів тому
I've never built anything in ReactNative, so I can't say.
@user-mj6wk9pp9f Місяць тому
I don't think it's true that this only applies if the app is just adding an SDK, or a new app, Apple's email implies differently. The SDKs that use these, that it is warning about, were not added be me. Similar comments can be seen elsewhere in the comment section.
@seanallen Місяць тому
I read that right from Apple's documentation. To clarify, if you (or the 3rd party SDK) are using a "required reasons" API (like user defaults), you have to add the privacy manifest no matter what. The new app or adding an SDK into an app thing only applies to the 3rd party SDKs that are on that list. What does the email you received from Apple say?
@akashgaur-ie2bz Місяць тому
I did all the things, declaring all privacy in the PrivacyInfo, but it still shows same issue while submitting the app.
@seanallen Місяць тому
Tough to say what's going on without any more info. Are you using one of the SDKs on the list? What required reasons API are you using?
@akashgaur-ie2bz Місяць тому
Yes
@user-sz1ux9sm5c Місяць тому
what if a third party used Userdefaults? Does the third party SDK should provide privacy manifest too?
@seanallen Місяць тому
As far as I understand, yes. The SDKs should be updating their privacy manifests and if they use UserDefaults, that should be included.
@user-sz1ux9sm5c Місяць тому
@@seanallen thanks, so if I've understood correctly, even though our SDK is not listed by Apple, If we use UserDefaults in our SDK we should provide privacy manifest file.
@seanallen Місяць тому
This is all new, so I'm not 100% sure. But that's how I read it. As you saw, it's a very simple implementation, so it can't hurt to add it to your next update.
@user-sz1ux9sm5c Місяць тому
@@seanallen lol no, I've already published it in jan release, now I was wondering whether was is necessary or not
@yashjain1144 Місяць тому
I have a question Our apps use alot of 3rd party SDKs. Is it possible to just add all the required reasons in the app's manifest file without having to upgrade the libraries?
@toadlguy Місяць тому
Hopefully it will be smart enough to know that if you are collecting Health Data NOT linked to customer, you can't possibly be using it for Product Personalization and will reject your app. 🤣
@seanallen Місяць тому
Lol, oops. I was riffing off the top of my head and didn't put that together 🤣
@ErikTheHalibut Місяць тому
First 🎉
@marekbee Місяць тому
damn, I am too late...
@seanallen Місяць тому
Gotta be quick
@Ali_55614 10 днів тому
Another reason I hate Apple as developer, nice video though, Thanks!
@devsda1 Місяць тому
If App Store Connect can detect what APIs are being used why can’t it generate a manifest automatically?
@andreabottino2714 Місяць тому
i'm guessing that's because it's down to the devs to specify what the app is doing, it can't be one size fits all
@seanallen Місяць тому
Yup 👆
@devsda1 Місяць тому
@@andreabottino2714 it could just autofill the APIs and let the dev specify the reason
@peterpaniccc Місяць тому
iOS devs need to suffer 😂
@Hgvpuncher Місяць тому
I like it. It may be a bit of hassle but this is bringing another layer of safety for everyone. Less liabilities to data protection claims?
@samirguerdah7363 Місяць тому
Hello,
@andrewebling1961 7 днів тому
In other words, a shed load of time spent which will have no impact or value for 99.99% of all users, who don't even read the privacy nutrition labels. Thanks Apple!
@RusokuLab Місяць тому
We have become safer. Only without the IOS applications at all.
@act-iosprog Місяць тому
:pepeuwu:
@SalarPro Місяць тому
🫡
Sean Allen
Переглядів 18 тис.
FLIP FLOP Hacks
Переглядів 74 млн
BBC News Україна
Переглядів 591 тис.
The Swift Bird
Переглядів 4,1 тис.
Sean Allen
Переглядів 13 тис.
Swift Heroes
Переглядів 6 тис.
Immersed
Переглядів 22 млн
PRO Hi-Tech
Переглядів 82 тис.