Apple rejecting apps that collect data for 'device fingerprinting'

Posted:
in iOS edited April 2021
As part of previously announced plans to safeguard the App Store and users of its various platforms, Apple this week began to reject apps and app updates crafted with third-party SDKs integrating "device fingerprinting" data collection techniques.

App Tracking Transparency


A number of developers are noting the change in policy, which is related to Apple's upcoming App Tracking Transparency safety measures set for release alongside iOS 14.5. As Forbes reports, Radish Fiction, Heetch, an app from InnoGames, and apps relying on an SDK from Adjust are among the recent rejections.

"Our app just got rejected by Apple's app reviewer, blaming the MMP SDK for building a fingerprint ID," Aude Boscher, a growth marketing product manager at Heetch, said in an industry Slack channel. "I saw other people complaining ... so it might soon come up for you as well!"

Apple is informing developers of rejected apps that their software contains tools to track users, a practice that runs afoul of App Store Guidelines governing data privacy.

"Your app uses algorithmically converted device and usage data to create a unique identifier in order to track the user," the message reads. "The device information collected by your app may include some of the following: NSLocaleAlternateQuotationBeginDelimiterKey, NSTimeZone, NSLocaleGroupingSeparator, NSLocaleDecimalSeparator ..."

Further, marketing analyst Eric Seufert called attention to what appears to be a crackdown on apps that integrate an SDK from Adjust. A version of the third-party tool collects data for device fingerprinting, or probabilistic attribution, which is a method of identifying and tracking devices by aggregating data points like software version, time since last update, time since last restart, and charge level, among others. Device fingerprinting can be used as an alternative to IDFA, an advertising identification method that Apple seeks to limit with ATT.

Adjust claims more than 50,000 apps use its SDKs, potentially putting thousands of iOS updates at risk of rejection. As noted by Forbes, however, Adjust in the last 14 hours updated its SDK to strike intrusive code, likely bringing the software in line with Apple's regulations.

Apple will enact ATT policies with the launch of iOS 14.5. Importantly, IDFA tracking will be strictly opt in on a per-app basis, meaning users need to expressly grant permission to track when an app first launches.
«1

Comments

  • Reply 1 of 22
    Good. I have no sympathy for developers who use shady tactics like this. 
    lkruppmac_dogchasmpulseimagesbaconstangrusswkillroyPetrolDaveaderutter45Cowdin
  • Reply 2 of 22
    mac_dogmac_dog Posts: 1,069member
    Reminds me that Facebook now has to come up with a new method of making revenue instead of kicking back and letting their users do the work for them. 
    chasmpulseimagesbaconstangkillroyiqatedojas99watto_cobra
  • Reply 3 of 22
    chasmchasm Posts: 3,275member
    Another reason to buy Apple!
    pulseimagesbaconstangrusswkillroyaderutteriqatedo45CowdinEsquireCatsjas99radarthekat
  • Reply 4 of 22
    lkrupplkrupp Posts: 10,557member
    Good. I have no sympathy for developers who use shady tactics like this. 
    Yeah, but here comes another lawsuit from those shady developers. 
  • Reply 5 of 22
    CheeseFreezeCheeseFreeze Posts: 1,247member
    It’s a tough balance. Apple here is doing this for consumer privacy reasons, however on a corporate level it’s also a strategy to weaken competition or at least influence them heavily out of self-interest. It’s a slippery slope.
     
    And it’s also one more example of how they are using their market dominance to decide what is acceptable and not (hence anti-trust cases).
    Lastly, Apple has proven to be hypocrites themselves when dealing with China and Russia where they gladly bend their own rules and values to sell more products and services. They want to have it both ways.

    So although I like what they do out of personal interest (consumer privacy), on a corporate level I am concerned about this behavior, because there is more to it than we consumers realize.
    edited April 2021
  • Reply 6 of 22
    It’s a tough balance. Apple here is doing this for consumer privacy reasons, however on a corporate level it’s also a strategy to weaken competition or at least influence them heavily out of self-interest. It’s a slippery slope.
     
    And it’s also one more example of how they are using their market dominance to decide what is acceptable and not (hence anti-trust cases).
    Lastly, Apple has proven to be hypocrites themselves when dealing with China and Russia where they gladly bend their own rules and values to sell more products and services. They want to have it both ways.

    So although I like what they do out of personal interest (consumer privacy), on a corporate level I am concerned about this behavior, because there is more to it than we consumers realize.
    I'm wary of this ideas that 'there is more to it than we consumers realise'. Apple have a proven track record of making decisions that benefit users, sometimes these don't benefit them (Siri being not so great), and sometimes the benefit isn't clear to the lay user - giving up floppy disks, CD, firewire, moving to usb-c, keeping Lighting connectors... . I hear a lot the argument that there must be something going on, but in 45 years this just hasn't been shown to be true. This simply isn't the case for other big tech firms.

    The China/Russia argument is not as simple as that. You can't make change unless you are in the game, to simply not work with the Chinese or Russians would not benefit anyone. Apple also has to abide by US law, which not everyone agrees with either!

    It shouldn't be their place to push the privacy drive, but in the absence of governments that understand the issue, let alone that are willing to challenge 'big tech', this is really the only option. Watch how many states will be lobbied to fight on the behalf of other big tech companies to challenge these 'pro-consumer laws', instead of embracing and regulating effectively in line with what we know is a better way.  
    larryjw45CowdinStrangeDaysEsquireCatsjas99radarthekatwatto_cobra
  • Reply 7 of 22
    ppietrappietra Posts: 288member
    This a very good thing indeed!
    However I am concerned about Apple’s own advertising practices, and I hope they have changed them. AppStore activity should not be used for ads in Apple News, it gives an unfair advantage, and it could be interpreted as tracking in third-party apps since it also follows in-app purchases. Also hope they actually stoped doing some of the (stupid) things that were removed from a previous Apple Advertising & Privacy agreement.
    watto_cobra
  • Reply 8 of 22
    A simple solution to this issue... if consumers/ developers don’t like it.. STFU and move to Android !! But they won’t, because they want the ‘reach’ Apple has to consumers... they just want it for free !!
    jas99watto_cobra
  • Reply 9 of 22
    frantisekfrantisek Posts: 756member
    This has two sides. One is privacy and second is money. If apps can not use this revenue source, they will have to switch add based model or to paid or subscription model that we all love so much. There is potential revenue increase for Apple.
    Stealing power from Facebook or Google is something nobody will complain of course.
    We will see how this will transform digital world. Constant changes Apple is doing in system makes very difficult to keep freeware apps compatible.. I think Apple think there should not be free apps. That you deserve money for your good work. If I am wrong they could/should make software fund to support good freeware.
  • Reply 10 of 22
    qwerty52qwerty52 Posts: 367member
    It’s a tough balance. Apple here is doing this for consumer privacy reasons, however on a corporate level it’s also a strategy to weaken competition or at least influence them heavily out of self-interest. It’s a slippery slope.
     
    And it’s also one more example of how they are using their market dominance to decide what is acceptable and not (hence anti-trust cases).
    Lastly, Apple has proven to be hypocrites themselves when dealing with China and Russia where they gladly bend their own rules and values to sell more products and services. They want to have it both ways.

    So although I like what they do out of personal interest (consumer privacy), on a corporate level I am concerned about this behavior, because there is more to it than we consumers realize.

    If you don’t have a problem with apps that are tracking you and are gathering your data, go then buy an Android, but don’t tell me, that this is 
    normal and I should be happy when someone is making money out of selling my privacy data without my permission.
    45CowdinStrangeDaysjas99radarthekatwatto_cobraDogperson
  • Reply 11 of 22
    dewmedewme Posts: 5,335member
    This kind of thing is going to be a constant struggle because there are always services on computers that rely on the absolute uniqueness of the machine to ensure things that are targeted to the machine, and you, get properly routed to you. Things like cookies are essentially breadcrumb trails left by apps to allow them to record details about your access to websites on your machine. Eliminating them is easy, but it really just moves part of the tracking burden from your machine to the server side. As long as an app’s or website’s interaction with your machine has access to machine specific data they’ll be able to track you by storing information about each interaction on their servers. To fix this concern there needs to be something in the middle that allows you to maintain the machine uniqueness needed for routing while not allowing the tracking server to see who your machine really is at the machine unique level.
    watto_cobra
  • Reply 12 of 22
    lkrupplkrupp Posts: 10,557member
    It’s a tough balance. Apple here is doing this for consumer privacy reasons, however on a corporate level it’s also a strategy to weaken competition or at least influence them heavily out of self-interest. It’s a slippery slope.
     
    And it’s also one more example of how they are using their market dominance to decide what is acceptable and not (hence anti-trust cases).
    Lastly, Apple has proven to be hypocrites themselves when dealing with China and Russia where they gladly bend their own rules and values to sell more products and services. They want to have it both ways.

    So although I like what they do out of personal interest (consumer privacy), on a corporate level I am concerned about this behavior, because there is more to it than we consumers realize.
    Blathering nonsense with a knee-jerk reaction implying evildoing on Apple’s part yet again. This policy is intended to stifle competition under the guise of user privacy? Right, Apple should allow these developer thieves to do what they please to get your data? Because that is exactly what you are implying! You can’t have it both ways, protect privacy yet with evil intentions. Baloney on your entire post.
    edited April 2021 45Cowdinqwerty52StrangeDaysjas99radarthekatRayz2016watto_cobra
  • Reply 13 of 22
    larryjwlarryjw Posts: 1,031member
    dewme said:
    This kind of thing is going to be a constant struggle because there are always services on computers that rely on the absolute uniqueness of the machine to ensure things that are targeted to the machine, and you, get properly routed to you. Things like cookies are essentially breadcrumb trails left by apps to allow them to record details about your access to websites on your machine. Eliminating them is easy, but it really just moves part of the tracking burden from your machine to the server side. As long as an app’s or website’s interaction with your machine has access to machine specific data they’ll be able to track you by storing information about each interaction on their servers. To fix this concern there needs to be something in the middle that allows you to maintain the machine uniqueness needed for routing while not allowing the tracking server to see who your machine really is at the machine unique level.
    There is a middle ground. It's called "logging in". If you log in, being voluntary, the server then know you and can maintain the information about you. Then, its up to them and you what information about you you are willing to share. 

    If you don't log in, they shouldn't know anything about you. Certainly technically, the site needs to know about your device, but that can be abstracted also. 
    StrangeDayswatto_cobra
  • Reply 14 of 22
    dewmedewme Posts: 5,335member
    larryjw said:
    dewme said:
    This kind of thing is going to be a constant struggle because there are always services on computers that rely on the absolute uniqueness of the machine to ensure things that are targeted to the machine, and you, get properly routed to you. Things like cookies are essentially breadcrumb trails left by apps to allow them to record details about your access to websites on your machine. Eliminating them is easy, but it really just moves part of the tracking burden from your machine to the server side. As long as an app’s or website’s interaction with your machine has access to machine specific data they’ll be able to track you by storing information about each interaction on their servers. To fix this concern there needs to be something in the middle that allows you to maintain the machine uniqueness needed for routing while not allowing the tracking server to see who your machine really is at the machine unique level.
    There is a middle ground. It's called "logging in". If you log in, being voluntary, the server then know you and can maintain the information about you. Then, its up to them and you what information about you you are willing to share. 

    If you don't log in, they shouldn't know anything about you. Certainly technically, the site needs to know about your device, but that can be abstracted also. 
    Yes of course. All this stuff is kind of funny for me at some level because I helped develop a customer loyalty service more than 25 years ago and we ran into all of these privacy roadblocks- outside of the US. Ran into similar issues with data sovereignty with cloud services a few years later. What’s funny, in a sad sort of way, is that most of the issues were never solved, systems got deployed and everyone just kicked the can down the road.  
    watto_cobra
  • Reply 15 of 22

    And it’s also one more example of how they are using their market dominance to decide what is acceptable and not (hence anti-trust cases).
    Well, considering Android has 70%+ market share of the mobile space, I am am always amused when these "market dominance" comments appear.  But, it certainly looks good in a rant.
    StrangeDaysjas99radarthekatRayz2016watto_cobra
  • Reply 16 of 22
    StrangeDaysStrangeDays Posts: 12,844member
    It’s a tough balance. Apple here is doing this for consumer privacy reasons, however on a corporate level it’s also a strategy to weaken competition or at least influence them heavily out of self-interest. It’s a slippery slope.
     
    And it’s also one more example of how they are using their market dominance to decide what is acceptable and not (hence anti-trust cases).
    Lastly, Apple has proven to be hypocrites themselves when dealing with China and Russia where they gladly bend their own rules and values to sell more products and services. They want to have it both ways.

    So although I like what they do out of personal interest (consumer privacy), on a corporate level I am concerned about this behavior, because there is more to it than we consumers realize.
    No, it's not. That's just your unfounded opinion. Companies like Facebook that sell access to your data don't compete in the hardware or services realm that Apple generates its revenue from. Apple is adding these features because we're the customers (not the product) and we find value in these features.

    As for Russia, what are you on about? Per local law Apple has to present users w/ a list of optional downloads from the App Store. Cite your claim that this is a privacy violation, please.

    Nice handwringing tho. Add some teeth gnashing and you're set.
    edited April 2021 jas99qwerty52radarthekatRayz2016watto_cobra
  • Reply 17 of 22
    EsquireCatsEsquireCats Posts: 1,268member
    No this doesn’t stop developers from monetising their free apps with targeted ads (this fundamentally misunderstands the current absurd reach of tracking.)  It’s also not a “slippery slope”, or other conspiracy theories that try to paint this as some secretive way apple is going to benefit behind the scenes.
    There’s being pragmatically cynical and clever and then there is being a stupid conspiracy nut. 
    lkruppjas99watto_cobra
  • Reply 18 of 22
    radarthekatradarthekat Posts: 3,842moderator
    It’s a tough balance. Apple here is doing this for consumer privacy reasons, however on a corporate level it’s also a strategy to weaken competition or at least influence them heavily out of self-interest. It’s a slippery slope.
     
    And it’s also one more example of how they are using their market dominance to decide what is acceptable and not (hence anti-trust cases).
    Lastly, Apple has proven to be hypocrites themselves when dealing with China and Russia where they gladly bend their own rules and values to sell more products and services. They want to have it both ways.

    So although I like what they do out of personal interest (consumer privacy), on a corporate level I am concerned about this behavior, because there is more to it than we consumers realize.
    What you call hypocritical can be easily aligned with a privacy-focused philosophy.  Apple has stated in the past that the company would rather engage rather than boycott; they feel that’s a better way to influence outcomes.  So what if their operating rule is, do as much as possible to protect privacy under the law.  That’s a pretty good rule, if you ask me. 

    But I guess some folks want to task Apple with reforming through boycott the laws enacted around the world with which they disagree.  But by this thinking the makers of climbing ropes should pull out of China because their products ‘might’ be used to hang dissidents.  Yes? 


    edited April 2021 watto_cobraqwerty52
  • Reply 19 of 22
    radarthekatradarthekat Posts: 3,842moderator
    frantisek said:
    This has two sides. One is privacy and second is money. If apps can not use this revenue source, they will have to switch add based model or to paid or subscription model that we all love so much. There is potential revenue increase for Apple.
    Stealing power from Facebook or Google is something nobody will complain of course.
    We will see how this will transform digital world. Constant changes Apple is doing in system makes very difficult to keep freeware apps compatible.. I think Apple think there should not be free apps. That you deserve money for your good work. If I am wrong they could/should make software fund to support good freeware.
    I don’t understand.  Are you saying you can’t provide free apps in the App Store?  My bank and brokerage both do.  The maker of the two drones I own offer free apps to fly those drones.  My Bluetooth speaker maker offers a free app.  There’s free apps in abundance.  From those who offer products and services outside the app and don’t try to bury me in advertisements or in-app purchases.  

    If you’re talking about apps that do bury us in ads and in-app purchases, those are not free apps.  
    edited April 2021 watto_cobraqwerty52
  • Reply 20 of 22
    nicholfdnicholfd Posts: 824member
    frantisek said:
    This has two sides. One is privacy and second is money. If apps can not use this revenue source, they will have to switch add based model or to paid or subscription model that we all love so much. There is potential revenue increase for Apple.
    Stealing power from Facebook or Google is something nobody will complain of course.
    We will see how this will transform digital world. Constant changes Apple is doing in system makes very difficult to keep freeware apps compatible.. I think Apple think there should not be free apps. That you deserve money for your good work. If I am wrong they could/should make software fund to support good freeware.
    Yeah - lets develop the platform, develop the development tools & develop the store, and then PAY you to develop apps - WTF?

    NO - if it's worth buying, then people will buy it.  if not, then find a different outlet or career.
    watto_cobra
Sign In or Register to comment.