What are Privacy Manifests? 

Privacy manifests, unveiled as part of Apple's iOS 17 privacy updates at WWDC23, serve as property lists that detail the specific types of data collected by apps and their third-party SDKs, along with the APIs required for these purposes. Each type of data and API used must have a justified reason and be documented in the privacy manifest file bundled with the app or SDK. This documentation allows app developers to generate accurate Privacy Nutrition Labels. 

It is emphasized that these privacy manifest files are crucial for developers to clearly understand how third-party SDKs utilize APIs and manage data collection.

What are Privacy Nutrition Labels?

Privacy Nutrition Labels clearly outline an app's privacy practices, increasing transparency and enhancing users' understanding of how their data is collected and used. This format helps end users know precisely what types of data the app collects and the reasons behind these data collection efforts.

What is a required reason API?

Required reason APIs were developed to enhance user experience while addressing privacy concerns, specifically to avoid misuse such as device or user fingerprinting. 

These APIs, including NSFileSystemFreeSize which checks for available disk space, are organized into categories with specific, approved reasons for their use. This organization ensures that they contribute positively to user experiences without breaching privacy. They are categorized based on their functionalities and the types of information they handle, aligning with Apple’s predefined list of topics.

How do Privacy Manifests work?

Normally, the whole process will look like this:

1. Apple's Xcode aggregates privacy manifests created by apps and SDKs when you are building your app to submit to the App Store. Xcode then sends this to the developers.
2. The developers are able to use this information to accurately and precisely generate a Privacy Report.

3. The Privacy Report, organized in a similar way to Privacy Nutrition Labels, is available to the developers on their devices.

Privacy Manifests and Airbridge

As mentioned above, Privacy Manifests enable app developers to document the types of data collected both directly through their app and indirectly via third-party dependencies, like third-party SDKs integrated within the app. A Mobile Measurement Partner like Airbridge also has its own SDK for tracking and collecting data, which can all be included in Privacy Manifests. 

That is why Airbridge has created a Privacy Manifest for the Airbridge SDK. App developers and third-party SDK developers are strongly encouraged to adopt Privacy Manifests. While this adoption is generally optional, it becomes mandatory if your app utilizes a privacy-impacting SDK. If you're an Airbridge user, you can adopt Privacy Manifests with a simple SDK update.

Visit the Airbridge blog to get updated on the latest industry news or experience this smoothened process of working with Privacy Manifest with Airbridge experts by booking a demo.