During its annual Worldwide Developers Conference this summer, Apple announced a handful of new consumer-oriented privacy features coming to its software and devices. One feature will require app publishers to disclose information regarding their apps’ data collection and use practices in what some are referring to as a privacy “nutrition label.” Another significant privacy feature will require businesses to assess whether they are “tracking” users of their apps and, if so, obtain opt-in consent from users to continue the practice.

Privacy Nutrition Labels

On November 5, 2020, Apple announced that the privacy nutrition label requirement will apply to new apps and updates submitted on or after December 8, 2020. Starting December 8, all new apps and app updates must include the required privacy information before they can be published in the App Store. For most companies, a member of the product development team will be responsible for providing the required privacy information to Apple when submitting a new app or an app update. Accordingly, businesses and their legal departments should proactively prepare to address the new disclosure obligations and ensure that the information aligns with the organization’s other public disclosures concerning its privacy practices (e.g., online privacy policies). Providing inaccurate information in this context could trigger a violation of the App Store’s terms of use, which could result in suspension or removal of an app or provoke allegations of unfair and deceptive practices under Section 5 of the Federal Trade Commission Act or analogous state laws regarding unfair competition. For more information on state enforcement actions brought against app publishers, see this blog post.

For apps currently available in the App Store, there is no need to provide a new privacy disclosure until developers submit an update to that app. To help companies prepare for these detailed disclosure requirements, Apple has released guidance explaining exactly what information will be required and how to enter that information when submitting a new or updated app.  On November 24, 2020, Apple posted a reminder of the coming changes on its developer website.

User Consent for Tracking

Although initially intended to launch in fall 2020 alongside its iOS 14 operating system, Apple announced in September that it would wait until 2021 to begin requiring apps to obtain opt-in consent from the user in order to track the user or access the device’s advertising identifier. Apple published a letter on November 19, 2020, reaffirming its commitment to implementing these requirements in the future, but there is still no set date for when the requirements will take effect. Information regarding Apple’s current definition of tracking and associated requirements can be found here.