iphone

A New App Store Rule Requires Apps to Have a Privacy Policy

app store

Given everything that happened with Facebook and the Cambridge Analytica scandal, I’m honestly surprised to see that more apps aren’t forthcoming about their privacy policies.  I’ve written many times about this topic, and I’ve indicated that we all need to be more diligent about the apps we’re using and the privacy policies for those apps.  Which is why I’m happy to see that Apple has made a privacy policy mandatory for any apps within the App Store.  Prior to this, the policy wasn’t mandatory.  There was a privacy policy URL metadata field for a long time, but it wasn’t necessarily being used.  In addition, Apple has required apps that use subscriptions to have a privacy policy, but this new requirement will apply to all apps in the App Store.

That said, Apple won’t pull existing apps from being sold, but if you have an app and you want to get it into the App Store, you’re going to have to have a privacy policy.  And if I’m being honest, it needs to be good.  Why do I say that?  Because everyone knows what could be happening with their data, and we are all much more aware of those possibilities. Which means, we’re much more diligent about what we allow our phones to do these days.

If you’re using an iPhone or an iPad, you can simply tap on the link to the privacy policy and read it in Safari.  As of right now, tvOS doesn’t have a web browser, so developers will have to copy and paste their privacy policy into a text box when they submit their apps so that the Apple TV can display it.  Apple says the privacy policies must identify what data the app collects, in what manner, and how it is used. It is also the responsibility of the app developer to confirm that the behavior of any embedded third-party frameworks complies with the parent app’s privacy policy. Apple also says that apps must clearly explain data retention policies and detail how a user can revoke consent and request deletion of any personal data stored.

As mentioned, Apple isn’t removing any apps that don’t currently have a privacy policy.  Yet.  They certainly could pull those down as they venture into this a bit farther.  What I like about Apple is that they’re cautious.  They don’t necessarily want to rock the boat, but at the same time, they want to make things better, and in this case, safer, for customers.  While I did suggest that this is likely related tot he Cambridge Analytica/Facebook scandal, there is a possibility that it’s also related to the new GDPR regulations.  As this definitely fits.

What’s great about the GDPR is two-fold.  It means that the U.S Government doesn’t have to regulate tech giants, but a lot of the tech giants are making changes to their own products and services to align with GDPR regulations, and everyone else in the world is benefiting from them.  Where this will go is anyone’s guess, but I’m happy to see Apple making proactive changes, even if those changes are mandated under European law.