Apple Tells App Developers to Disclose or Remove Screen Recording Code

Apple is telling app developers to either remove or properly disclose to users their use of code that allows them to record the way a user interacts with their iPhone apps—or face removal from the app store.

• By Jessica Davis
• Feb 11, 2019

Apple is telling app developers to either remove or properly disclose to users their use of code that allows them to record the way a user interacts with their iPhone apps—or face removal from the app store, TechCrunch reports.

The news follows a TechCrunch investigation that found major companies were using a third-party analytics tool to record users’ every tap and swipe within the app. They found that none of the apps they tested asked permission from users and none of the companies disclosed in their privacy policies that a user’s app activity would be recorded.

Sensitive data is supposed to be masked, but TC reports that data like passport information and credit card numbers was leaking.

Glassbox is a cross-platform analytics tool specializing in session replay technology. It lets companies integrate its screen recording tech into their apps to replay the way a user interacts with the app, but Glassbox “doesn’t enforce its customers” to disclose in their privacy policies that they use the screen recording tool.

However, Apple specifically bans apps that covertly collect user data without permission.

In an email, an Apple spokesperson said, “Protecting user privacy is paramount in the Apple ecosystem. Our App Store Review Guidelines require that apps request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity.”

“We have notified the developers that are in violation of these strict privacy terms and guidelines, and will take immediate action if necessary,” the spokesperson said.

TechCrunch heard from multiple app developers who had been notified by Apple that their apps were breaking Apple’s app store guidelines.

At least one app developer was told by Apple to remove code that recorded activity in the app, via an email that said, “Your app uses analytics software to collect and send user or device data to a third party without the user’s consent. Apps must request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity.”

The developer was given less than a day to remove the code and resubmit their app or else face removal from the app store, according to the email.

Glassbox can also be used by Android app developers, but Google has not commented on whether it would also ban the screen recording code.