Skip to Main Content
Services Talent Knowledge
Site Search
Menu

Alert

Our attorneys stay on top of changes in legislation, agency regulations, case law, and industry trends—then craft timely legal alerts to keep clients up to date on legal developments important to their business.

December 21, 2020

New Privacy Labels for Apps: Impact on App Terms and Launch

On December 14, 2020, Apple rolled out its new privacy label initiative, displaying “nutrition labels” for mobile apps in the App Store. For all new apps and app updates, Apple now requires app developers to provide detailed information about the data their apps collect and how that data is used. With this information, Apple generates a privacy label for each app in the App Store. To avoid delays in the app approval process, developers should create data maps to ensure they provide accurate information for the labels, and developers should review their privacy policy and app license agreements for consistency with the applicable privacy label.

Privacy Label Screen

Apple’s privacy label screen provides the key privacy information related to an app. This information is displayed on a screen in the app’s product listing. The screen has tabs that explain the different types of data collected.

Approval Process

For each new app and app update submitted to Apple, Apple will evaluate the privacy information provided by the developer. In its review, Apple may take into account the privacy policy and app license agreement posted at the website associated with the app. If Apple identifies inaccuracies or inconsistencies between the privacy information received for the label and the privacy information at the website, Apple could issue a decline.

Data Mapping

To avoid app declines and approval delays, developers should create data maps for their apps. For each category of data, the developer should map how the app collects, uses, and distributes the data. This will help ensure the information provided to Apple is accurate.

App License Agreement and Privacy Policy

Apple does not require developers to provide an app license agreement, sometimes referred to as app terms, license terms, or end user license agreement (EULA). However, launching an app without an app license agreement can present substantial legal risk. For example, without an app license agreement, the app owner can lose the ability to enforce certain copyrights against would-be infringers, and the app owner can be exposed to liability (possibly unlimited) for claims related to app defects or wrongdoing by users. For these reasons, many owners require users to accept an app license agreement before using the app.

Apple does require developers to provide an online privacy policy associated with their app. The privacy label screen displays a link to the owner’s privacy policy. Typically, the owner’s privacy policy applies to the website and all of the owner’s products and services, including the owner’s apps. In this case, the owner should consider adding a section in its privacy policy regarding app privacy. This section should explain that, for any particular app, the related app license agreement provides the specific information and terms regarding any data the app collects, uses, or distributes.

In addition, owners should review the provisions of their app license agreements and revise them to avoid any inconsistency with the information submitted for the privacy label. For example, the privacy label information may indicate that all data is only processed on the mobile device and not sent to a server. To the contrary, the app license agreement may imply the app can send the data to servers. If this is not how the app actually works, the owner should have the app license agreement revised for consistency.  

Disclosure to Apple

  • Data Categories. When submitting an app or app update to Apple, the developer must disclose whether the app collects the following categories of user-related data: contact information, health and fitness information, financial information, location, sensitive information, contacts, user content, browsing history, search history, identifiers, purchases, usage data, diagnostics, and other data.
  • Purpose Categories. For each of these categories of data, the developer must identify the purpose for collecting the data, selecting from the following categories: third-party advertising, developer’s advertising or marketing, analytics, product personalization, app functionality, and other purposes.
  • Linked to User. In addition, for each category of data, the developer must identify whether the data is linked to the user’s identity. This generally involves determining whether this data contains personally identifiable information.
  • Tracking. Furthermore, for each category of data related to a particular user or device, the developer must indicate whether the collected data is used with data from a third party or whether the collected data is shared with a data broker.
  • Exceptions and Examples. Apple provides a set of exceptions to its disclosure requirements, such as exceptions related to certain types of contact us forms, financially regulated data, health research data, and de-identified data. Apple also provides helpful examples of scenarios that do and do not require disclosure. For further information about Apple’s rules, see Apple’s app privacy details.

To avoid app approval delays in the wake of Apple’s new privacy labelling, developers should obtain a full understanding of their apps’ data usage, and they should update their privacy policy and app license agreements to be consistent with the applicable privacy label. Barclay Damon provides counseling and drafting with respect to app license agreements, privacy terms, privacy policies, cookie policies, cookie banners, terms of use, and other app-related and web-related terms. The information provided in this alert includes a summary of Apple’s rules. For the details and actual terms of Apple’s rules, please see the link above.  

If you have any questions regarding the content of this alert, please contact Renato Smith, partner, at rsmith@barclaydamon.com, or another member of the firm’s Corporate or Branding, Trademarks & Copyrights Practice Areas.

Subscribe

Click here to sign up for alerts, blog posts, and firm news.

Featured Media

Alerts

RAPID Action: NYS Office of Energy Renewable Energy Siting and Transmission Announces Draft Regulations for New Transmission Siting Framework

Alerts

NYSDEC Issues Draft Freshwater Wetlands General Permit

Alerts

USPTO Updates Audit Program

Alerts

NYS DOL Publishes Long-Awaited FAQs on Paid Prenatal Leave Law

Alerts

Update on Massachusetts Pay Transparency Law Disclosures and EEO Reporting Requirements in 2025

Alerts

Massachusetts Employers Required to Provide Job Applicants Notice That Use of a Lie Detector Test Is Unlawful

This site uses cookies to give you the best experience possible on our site and in some cases direct advertisements to you based upon your use of our site.

By clicking [I agree], you are agreeing to our use of cookies. For information on what cookies we use and how to manage our use of cookies, please visit our Privacy Statement.

I AgreeOpt-Out