Developers gain new SDK tools for Privacy Label generation and security checks

Posted:
in General Discussion
Apple is creating new tools around third-party SDK use to simplify developer software pipelines, like Privacy Label generation.

A Privacy Label for TikTok
A Privacy Label for TikTok

When developers build their apps, they often use third-party SDKs to implement different features. These can add up quickly and cause some difficulties when tracking down privacy implications for each one or for when it's time to update a specific SDK.

In one part of Apple's WWDC State of the Union address, details were shared targeting third-party SDKs and developer tools around them. Apple introduced two new tools that help both users and developers.

The first tool lets developers create a privacy manifest that details all of the privacy practices of their used third-party SDKs. It is produced in a single standard format that makes it easier for developers to determine what should be displayed on a Privacy Label for the App Store.

Also, developers that wish to use third-party APIs that are known for fingerprinting users will have to provide a reason. Apps must accurately describe their intended use and can only use the API for that reason within the app.

The second tool is signatures for SDKs. This enables developers to confirm that an SDK update or file they are downloading belongs to the same developer as the original SDK.

The goal of these tools is to ensure both developers and users understand the privacy implications of apps and prevent malicious SDKs from being used. Apple sees this as a win-win for developers and users.

Read on AppleInsider

Comments

  • Reply 1 of 2
    When are we going to see blocking of access to trackers by apps, like we have in Safari?
  • Reply 2 of 2

    This is such a neat development from Apple! Simplifying the creation of Privacy Labels and improving security checks will surely streamline the developer experience. I'm particularly excited about the privacy manifest tool, which should make it much easier to keep track of third-party SDKs' privacy practices. And the new security check for SDK updates adds another layer of safety to the process.

    If you want to delve deeper into these new tools, I'd recommend checking out the Platforms State of the Union from WWDC23. It gives a thorough overview of all the new goodies Apple has in store for developers. 

Sign In or Register to comment.