Apple Inc.'s
What Happened: Apple's latest step in its push toward user privacy is an update in its developer documentation to address concerns related to device fingerprinting. Developers will now be asked to provide justifications for using certain Apple APIs that could potentially contribute to fingerprinting.
It comes as a response to the shift some marketing companies made towards more intricate user identification and tracking methods.
According to the update in Apple's documentation (first spotted by AppleInsider), developers will start receiving emails from Fall 2023 if they upload an app to App Store Connect that utilizes a "required reason API" without adequately describing the purpose in its privacy manifest file. By Spring 2024, App Store Connect will no longer accept apps that fail to comply with this requirement.
The term "required reason API" refers to specific APIs developers must explain their use of. However, it's important to note that the list of these APIs is subject to change based on Apple's discretion.
Approximately 30 "required reason APIs" apply across all Apple platforms currently. These APIs cover various functions, such as keyboard access, calculating free disk space, and determining the user's device runtime. While there are exceptions within these APIs, Apple emphasizes that any information accessed for these reasons and any derived information must not be sent off-device to protect user privacy.
Why Is It Important: With these new measures in place, Apple aims to give users greater control over their data and ensure that apps adhere to stringent privacy standards. Developers will need to be more transparent about their data collection practices, and the tech giant is enforcing these guidelines to protect its user's data.