Startups

Apple's New Privacy Policy Updates: What You Need to Know

The growing, warranted concern over privacy infringement and personal data breaches is currently being curbed by global legislative efforts and some corporate action. Apple announced on App Store Connect new regulations to protect user data by requiring that all apps have an accessible, plain-language Privacy Policy by October 3, 2018.

3 min
September 20, 2018
Allie Wilfer
Studio Experience Coordinator

This year was eye-opening for many digital consumers, as we watched US Senators stumble through the painful Cambridge Analytica hearing. We reeled in horror as we downloaded all data collected on us by Facebook alone.

The growing, warranted concern over privacy infringement and personal data breaches is currently being curbed by global legislative efforts and some corporate action. Apple announced on App Store Connect new regulations to protect user data by requiring that all apps have an accessible, plain-language Privacy Policy by October 3, 2018.

New apps and app updates must follow Privacy and Data Collection standards before being submitted for review to TestFlight or the App Store. Apps that do not currently follow these new regulations will have no penalty, but all updates must comply with a linked Privacy Policy.

Policies must disclose:

  • What data is being collected, how it is collected, and uses for the data
  • Who has access to the data (internally and externally), along with a Privacy Policy from third-party connections that is equal, or more strict
  • How data is stored, for how long, and steps a user can take to erase collected information
  • Clear, comprehensible data collection permissions

iPhone set up and box

Why is Apple just now enforcing these regulations?

CSR (corporate social responsibility) and liability.

Companies must now take the time to build a privacy policy and/or hire a legal professional to assist. For startups, it’s not always a straight shot to the finish line. Unexpected costs that couldn’t be foreseen, such as new Apple Store regulations, can set startups and small businesses back. But it’s not all doom and gloom. Privacy policies allow for consumers to better trust the digital products they use, and is a way for developers and companies to protect themselves from accusation of data misuse.

Now one year after the giant Equifax data breach, essentially no penalties or punishment have come about from what was irresponsible security and lack of transparency with consumers by the company. So although Apple may be able to get away with displacing responsibility entirely onto developers legally, privacy infringement nevertheless will always be an ethical issue.

Will Apple then be reviewing all privacy policies submitted? Nothing has been formally stated by the company, but changes can only be made to a Privacy Policy when the app is resubmitted for review. This at least implies the intention of enforcement.

Along with Apple Privacy Policy requirements come data collection restrictions

  • Minimization of information collection. Data should only be taken when essential to functionality of the app.
  • Permission settings must be clear and respected. No manipulation of those settings, such as coercion to release data by unnecessarily limiting functionality, is permitted.
  • Any data with consent for release may not be repurposed outside of initially stated use.

Although many times digital consumers appreciate targeted ads and personalized online shopping experiences, the collection of our information has always been dangerous. We freely give and save sensitive information to frequently visited sites in order to make our experiences smoother and more efficient. Who here has their bank card linked to their Amazon account?

Data misuse, privacy invasion, and the consequences

Security issues are only part of the concern, however. Wrongly utilizing data can lead to election tampering, intense psychographic targeting, and archives of personal data or photos we wish to keep private. Stored somewhere is a web of our actions online, sites visited, interactions with others, things we’ve said and done, the information we’ve given freely about ourselves without understanding the policies that allow such a cache to build up. Ex Machina anyone?

Apple users will now be able to know exactly what data is being collected and how it’s being used, and how to erase stored data. It’s up to you, the consumer, to ensure you have control over your privacy.

Resources to help your journey:

Apple Privacy Policy regulations for apps

Build a Privacy Policy for iOS Apps

GDPR Assessment

Security tips for developers on how to protect consumer data

Download your Facebook data

Actionable UX audit kit

  • Guide with Checklist
  • UX Audit Template for Figma
  • UX Audit Report Template for Figma
  • Walkthrough Video
By filling out this form you agree to receive our super helpful design newsletter and announcements from the Headway design crew.

Create better products in just 10 minutes per week

Learn how to launch and grow products less chaos.

See what our crew shares inside our private slack channels to stay on top of industry trends.

By filling out this form you agree to receive a super helpful weekly newsletter and announcements from the Headway crew.