As title, i tried to get tracking domain by Network instruments, but it shows Call os_log APIs on a logging handle network instruments. Anyone know how can i log the domain. Thanks

Step follow: Open your project in Xcode. Choose Product > Archive. Xcode creates the archive and reveals it in the organizer Control-click the archive in the organizer and choose Generate Privacy Report Choose a location to save the privacy report When I open the privacy report file, I can't see the content. Could you help me resolve this issue?

Hello, I am trying to develop an app , using Flutter. My app has its own database which it contains the customer info such as name, address and phone number. I need to get the caller's phone number then I use the phone number and search in my database and if the phone# exist in our DB , I extract customer info and show it on pop up screen. How can I get the phone number of the person who is calling? i tried this, it didnt work: let networkInfo = CTTelephonyNetworkInfo() guard let carrier = networkInfo.serviceSubscriberCellularProviders?.first?.value else { return nil } return carrier.mobileNetworkCode Is there any way to get caller's number while he/she is calling? Thanks P.

Hello, my dear colleages. I'm a new ios developer (actually I'm sr. android dev), so this is my first publishing in app store. I have create an app with memes, where users can create memes, share it and judge. I have already tearm of uses, privacy policy, registration and report (because I want to create a stable product), but apple has own opinion: Require that users agree to terms (EULA) and these terms must make it clear that there is no tolerance for objectionable content or abusive users - okay, I will add EULA to my links, but it already contains the rules of creating content A method for filtering objectionable content - blocking happens automatically by user reports. I explained it to the reviewer, but he ignored it and repeated this mark (all marks) again. By user reports the memes with 10 or more marks will be hidden for content delivery. What does he want else? How can the filters resolve it or content already hidden? What actually should I do and these "filters"? A mechanism for users to flag objectionable content - The same. What else does he want? A mechanism for users to block abusive users - This is jsut ridiculous! Users can not write each other and can not communicate with each other. They can only create and judge memes. I'm not sure that reviewer really was looking my app. Maybe 30 seconds? So, how can I follow to his marks if he doesn't listen and doesn't check? Use fake feature? That's shame! The developer must act on objectionable content reports within 24 hours by removing the content and ejecting the user who provided the offending content - The same. The blocking happens automatically. We don't have moderators and can control this process manually (only 2 members in the team). I really don't understand why apple make my life harder)) Google and Huawui have already published app in the internal testing without wrong useless marks. As I know this situation is normal behaviour for apple. Anyway I want to resolve this "marks" and finish the publish process - users are waiting for. Please guys, help me to do it correct - I don't have experience with apple support and it looks for me like a circus! P.S. Links to the terms of uses and privacy policy available on the register screen

I just submitted a build to TestFlight this morning that should have set off the same alarms as last week, but it didn't. We received no emails complaining about "ITMS-91053" violations like happened on this branch before. We've been working hard to figure out how to meet your new privacy requirements, and it's been quite frustrating. I thought I finally fixed it yesterday, but today I wanted to run a sanity test. I went back and created a build that should fail, but now that one is apparently fine as well. I'm at a complete loss.

I receive this from apple on review , what I suppose to change Guideline 5.1.2 - Legal - Privacy - Data Use and Sharing The app privacy information you provided in App Store Connect indicates you collect data in order to track the user, including Browsing History, Other Diagnostic Data, Crash Data, Performance Data, Name, Search History, Physical Address, Customer Support, and Other Data Types. However, you do not use App Tracking Transparency to request the user's permission before tracking their activity. Apps need to receive the user’s permission through the AppTrackingTransparency framework before collecting data used to track them. This requirement protects the privacy of users. Next Steps Here are two ways to resolve this issue: If you do not currently track, or decide to stop tracking, update your app privacy information in App Store Connect. You must have the Account Holder or Admin role to update app privacy information. If you track users, you must implement App Tracking Transparency and request permission before collecting data used to track. When you resubmit, indicate in the Review Notes where the permission request is located.

Because the latest privacy manifest file requires inclusion for submissions after May 1st, based on the document: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files I have two questions regarding the NSPrivacyTrackingDomains field: In my app, NSPrivacyTrackingDomains and regular user login registration data loading use the same second-level domain "myapp.com". If "tracking.myapp.com" is specified in NSPrivacyTrackingDomains but the user does not grant tracking permission to the App Tracking Transparency framework, can the app still access the network through third-level domains such as "login.myapp.com" or "data.myapp.com"? At the bottom of the document, there is a note: "You only need to supply NSPrivacyAccessedAPITypes for apps and third-party SDKs on iOS, iPadOS, tvOS, visionOS, and watchOS." Does this mean that NSPrivacyTrackingDomains and NSPrivacyTracking properties do not need to be filled out as of May 1st? Will there be any issues if they are not filled out? Eagerly awaiting your response! Thanks!!!

Existing external libraries are distributed in the form of framework files. However, if the company providing the library delays the Privacy Manifest registration patch, how can I handle this situation? Am I just keep getting my app rejected? In an app that uses a specific commit in open source branch, what should I do if the Privacy Manifest is registered only in the latest version of that version? For various reasons, including functional stability, the open source cannot be updated to the latest version.

I have developed a framework that uses Alamofire which is included in the list of third-party SDKs that require the Privacy Manifest. https://developer.apple.com/support/third-party-SDK-requirements/ The latest version of Alamofire already includes the PrivacyManifest.xcprivacy file and is visible from my own framework. My question is if it is necessary to add a PrivacyManifest.xcprivacy to my framework in that case and if so, should it be the same as Alamofire's? Wouldn't that be redundant? My framework does not use any API that has to be declared. If another framework were to use my framework that uses Alamofire, should I also create a PrivacyManifest.xcprivacy? Thank you.

Hello, I created my manifest file, added to target and when I send app to review I receive email. I have no idea what is wrong. I tried change localization, modify file and nothing. Still don't work. Xcode version 15.3. localization file and add to target: email: manifest file: Manifest file

我想知道对于5月1日之后，用户如果没有更新app，是否会受到影响？

Hello, What are the guidelines for mergeable libraires regarding privacy data ? In particular where do we put the PrivacyInfo.xcprivacy file in this situation, so as Apple process can scan it when we upload the package of the app. Thank you.

Hello, When you integrate framework linked statically, the usage is that those framework provide a bundle in which they put their PrivacyInfo.xcprivacy file. If you decompress an .ipa file you submit to Apple, you can see this bundle at the root. The problem is that the PrivacyInfo.xcprivacy files inside bundles seem not to be scan by Apple in the privacy process. Thus Apple send us issues about missing privacy. Have you already heard about this problem ? Probably link to what i am saying : Firebase issue #12557 Thank you very much for your feedback !

Hello, Currently, my app only uses web view to load HTML data and external safari web view by link click. I have seen the following developer's details. So if HTML data load on web view needs data collection enabled, then which Types of data need to be added to data collection? Also. if we disable all types of Data collection from privacy. Is apple will allow you to submit the app? or Reject it? Any help will be appreciated. Thanks

I saved the device token in UserDefaults. The information is passed on to the backend server of my app when needed. CA92.1: Declare this reason to access user defaults to read and write information that is only accessible to the app itself. I was thinking about using CA92.1, but that seems to mean reading and writing entirely within the app. 1C8F.1: Declare this reason to access user defaults to read and write information that is only accessible to the apps, app extensions, and App Clips that are members of the same App Group as the app itself. Can I see my app's backend server as belonging to "the apps, app extensions, and App Clips that are members of the same App Group"? Would it be okay to apply 1C8F.1?

When you generate privacy report for your app and meet the following issue, you should check two things. Check if you add your PrivacyInfo.xcprivacy into Target Membership. Check if Installation Directory is /Applications, on my side I can't gererate report if I change it to other path or other name with xcode 15.3(15E204a). It must be /Applications. I know /Applications means LOCAL_APPS_DIR or SYSTEM_APPS_DIR, but I want to use USER_APPS_DIR = $(HOME)/Applications or any path I write into Installation Directory. What should I do to make the generate tool follow my personal Installation Directory? And how to use command line to generate this report?

Can someone please confirm in this case whether I need a privacy manifest in BOTH my app, and the third party SDK. One of the Firebase SDKs we are using uses UserDefaults. As such we are now getting warning emails from Apple about using restricted APIs. Google have said that they will be releasing a privacy manifest that will get rid of this error. However, the app itself does, like most, use UserDefaults itself. With Firebase already declaring the usage of UserDefaults, is it necessary to then re-state it, in a privacy manifest for the app? Or is this simply the third party SDK provider's problem? Thank you

We're distributing an XCFramework to a customer to create their own apps. With the new XCFramework signing requirements, we have a question with regards the way how to implement it. We're using a few of the frameworks on the list https://developer.apple.com/support/third-party-SDK-requirements/ including [AFNetworking], as a dependencies for our framework. We are building those frameworks from source code and not using any binaries provided by any third-party. We also modify the open source code, so that it is different from the original open source code in a way so that it won't lead to runtime conflicts in case the customers is including similar frameworks in their application. We're using those derivatives of the open source frameworks as a statically linked libraries to our SDK. Questions: Do we need to sign the third party frameworks of which we have cloned source code and using it within our SDK Framework? Is it required that the XCFramework built this way is signed when it is delivered to a third party and they use it in their app?

Hello Apple We have read your guide on https://developer.apple.com/documentation/bundleresources/privacy_manifest_files#4284009 and it is unclear how the NSPrivacyTrackingDomains affects WebView functionality of the app. We have WebView based functionality we use for signup/ login of customers in the app and that can potentially track users. It is stated that If the user has not granted tracking permission through the App Tracking Transparency framework, network requests to these domains fail and your app receives an error. However based on our testing the domains listed in NSPrivacyTrackingDomains have no effect on network requests happening in the WebView if the user declines tracking via the App Tracking Transparency prompt. (e.g pages are loaded, network requests to listed tracking domains are happening) Can you confirm it is the case on what should de done about it? Right now we have a custom implementation on our side that passes the result of the App Tracking Transparency prompt to the WebView instructing it weather it can send requests to tracking domains or not.

We received an email from App Store Connect with the subject 'uploaded build for {AppName} has one or more issues' regarding our latest package, {versionNumber}' The email states that we need to add an App Privacy Manifest for our extensions before May 1st, and it specifies which categories need to be added. However, some of the categories mentioned, such as NSPrivacyAccessedAPICategorySystemBootTime, NSPrivacyAccessedAPICategoryFileTimestamp, NSPrivacyAccessedAPICategoryDiskSpace, are not used from our application. Do we still need to add these? If so, under which 'Privacy Accessed API Reasons' code should we add them?