Apple is committed to protecting the privacy of its platform users. There is a small set of APIs that can be misused to collect data about users’ devices using fingerprinting, which is prohibited by the developer software license agreement. To prevent misuse of these APIs, at WWDC23 the company announced that developers will be required to state their reasons for using these APIs in their application’s privacy declaration. This will ensure that applications only use these APIs for their intended purpose. As part of this process, you will need to select one or more approved reasons that accurately reflect your application’s use of the API, and your application will only be able to use the API for the selected reasons.
Apple las week released a list of APIs that require a reason for using them. Among them, for example:
- File timestamp API that determines file creation dates
- System boot time API, revealing information about the operating time of the OS
- Disk space API giving information about available storage space
- User defaults API giving access to user settings
Starting in Fall 2023, when you upload a new app to App Store Connect or update an app that uses APIs (including those from third-party SDKs) that requires a reason, you’ll receive a notification if your app’s privacy statement doesn’t include an approved cause. And starting in Spring 2024, in order to upload a new app or app update to App Store Connect, you must include an approved reason in your app’s privacy statement that accurately reflects how your app uses the API.
If you have an API usage scenario with reasons not yet covered by the approved ones, and that scenario is directly useful to people using your app, you can let Apple know.