Users are increasingly worried about apps using their personal information in ways they may not want. With the release of iOS 14, users will have more insight than ever before into when apps are accessing their personal information. It is now crucial to explain to users why you are using these features and to only do so when the user expects it.
1. No Candid Cameras
Starting in iOS 14, when an app uses the camera or microphone, an indicator light will show up in the status bar letting the user know that they are being recorded. This is the same indicator that you might see on your Macbook when your built-in camera is in use. Additionally, apps that have recently used the camera or microphone will now show up in Control Center so the user can go back and check which app used these features.
Record when initiated by the user
If a user sees the camera or microphone indicator light turn on when they didn’t explicitly ask it to, that’s going to be a red flag and cause you to lose your user’s trust. Only start recording when the user explicitly asks you to and let the user see what’s being recorded. If the camera is in use, they should see a live preview. If audio is being recorded, a waveform or other visual cue will help the user feel in control of what information your app is receiving. These simple design choices will give your users confidence that they know what your app is doing and put them at ease with regards to their privacy.
2. In the General Vicinity
Users will now have the option to only provide your app with an approximate location. This will give you a general idea of where the user is within a few miles. For most apps this will be enough information to enable location-aware features. If your app requires a more precise location you can request access to full accuracy, or consider using the new ability to request temporary access to full accuracy. Temporary access will give you the user’s exact location for the duration of the app session.
Only get precise location when needed
Consider an app that finds nearby store locations and then can also give directions to the selected location. The app can begin by only requesting the user’s approximate location to find what stores are nearby. When a user selects a location and wants directions, the app can then request temporary access to the user’s exact location. Users are much more likely to grant access to their location once they’re using a feature that benefits from having that access. And by only asking for as little information as needed, users will feel comfortable knowing that their privacy is being respected while using your app.
3. Pasteboard Peeking
Another feature iOS 14 surfaces to the user is when an app accesses the pasteboard (any text or photos the user may have copied). In normal situations there is no need for apps to do anything differently. Some apps however, automatically check the pasteboard to offer quicker functionality if it contains something they can use. For example, a podcast app may check the pasteboard for a podcast feed URL and then offer to subscribe to that podcast for the user. Starting in iOS 14, if an app accesses the data in the pasteboard users will get notified that the app just pasted something. This can feel invasive when the user didn’t initiate the action.
Check before accessing
In iOS 14, your app can now check to see if the pasteboard contains a URL or a search term before accessing the pasteboard contents. This check will not present a notification to the user, and you can use it to decide if there is actionable data in the pasteboard. Knowing the pasteboard has something you can use makes it much more reasonable to ask the user if they would like to use the data currently in the pasteboard. Then, when the pasting notification does appear, the user is not caught off guard and knows how their pasteboard data is being used.
4. Disclose Your Tracking
Starting this Fall, when you submit an app to the App Store, Apple will require you to fill out a questionnaire listing all the information your app collects that is linked to a user’s identity and also what information is used to track a user across other apps and websites. This will be displayed alongside your app in the App Store. Additionally, you will now need to ask users for permission to track them across apps and websites or use the device’s advertising identifier. That’s a lot to take in, so let’s break it down.
Data linked to an identity
If your app collects identifiable information and stores it, then that is considered data linked to an identity. For example, if your app has a user profile and that profile has a location, then you would need to disclose that as data linked to an identity. If you get a user’s location to display nearby stores and don’t store that location anywhere, then you wouldn’t need to disclose that.
Data used to track
If your app collects any data that is then shared with other apps or websites in order to identify a user on other services, that is considered data used to track. This is usually needed for services like analytics and advertising. It is important to note that if you use a third party analytics library (like Firebase) or an ad serving network (like AdMob) then you must be able to disclose the tracking information they collect. Failure to do so correctly may result in Apple removing your app from the App Store.
Asking for permission to track
In addition to disclosing what data you track, you must also prompt the user and ask them for permission to track them across apps and websites. This will be required if your app does things like display personalized ads or send up information to an ad delivery network. There is however, an exception. If your app uses tracking information solely for security purposes, then the user prompt will not be required.
Trust is Earned
Developing trust with your users is essential for app adoption and retention. With increasing reports about apps silently collecting large amounts of data, users are easily spooked by apps accessing personal information at unexpected times or without explanation. You can avoid scaring off a potential user by being transparent and explicitly letting the user know why your app needs their personal information.
Demonstrate respect to your user’s privacy by only asking for personal information when needed. This is their device and your app is a guest. Don’t barge in with a cacophony of permission prompts on first launch. Take it slow and they’ll tell you when they’re ready by activating a feature that requires personal information. And if they choose to grant limited access or even deny access to their personal information, make sure that your app responds gracefully and continues to offer as much functionality as possible.