1 Reply
      Latest reply on Aug 9, 2019 8:02 PM by KMT
      James G Level 1 Level 1 (0 points)

        Hi,

         

        I have a question in regards to iOS privacy setting with camera, location, BLE, and etc in the application's info.plist.

         

        To get to the point, I am building framework for iOS application, and within the framework, there are some features check authorization status of location / BLE / camera, and if the permission is granted, framework's code is invoking iOS APIs requesting location information, to access BLE, and Camera.

         

        The question is, as I'm building framework, and these privacy setting in info.plist is set in the application layer, let's say that app developer don't use those features within my framework invoking location APIs, and/or BLE APIs, and don't declare the privacy consent in their app's info.plist.

         

        In that case, even if the app itself is not explicitly invoking, or using those APIs, and none of their application code uses those feature, because that the app has my framework which contains set of code invoking those APIs, will the app be rejected in the app store review process for not having the privacy consent in info.plist?

         

        By simply having set of code invoking those APIs, should the app have to define the settings? or does the app actually have to invoke and use those APIs?

         

        Thanks,

        • Re: Privacy Setting in info.plist for iOS
          KMT Level 9 Level 9 (14,575 points)

               >will the app be rejected in the app store review process for not having the privacy consent in info.plist?

           

          You do know that app review isn't here and no one here can promise what they will/won't accept/reject, right?

           

          Even if someone told you to go for it, the gate could shut before you had a chance to get near it.

           

          That said, if you're just asking about privacy issues, have you seen that section in the ASRGs? If you're asking just about implementation liability, what do you see as your role? Trying to write a disclaimer to include with the API distribution? Looked over similar examples at github?

           

          Otherwise, asking "should the app have to define the settings?" is pretty broad given that each app presents unique challenges to review, making it more case/by/case, than blanket, I think. If you're asking at that general of a level, the answer is always the same...when in doubt, buy the insurance.