[PATCH damus v1] Fill up missing Privacy report information for App submission

[Daniel D’Aquino]

This commit adds missing privacy report information for both damus and
the notification extension.

It details the reason we use
- File timestamps
- UserDefaults

The reason codes were taken from Apple's documentation: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api

Testing
--------

PASS

Damus: this commit
Steps:
1. Build app for archival
2. Access the local archive and perform a secondary click
3. Click on "Generate Privacy Report"
4. Open the privacy report PDF. It should show no errors. PASS

Closes: https://github.com/damus-io/damus/issues/2184
Signed-off-by: Daniel D’Aquino <dan...@daquino.me>
---
.../PrivacyInfo.xcprivacy | 27 +++++++++++++++++++
PrivacyInfo.xcprivacy | 27 +++++++++++++++++++
damus.xcodeproj/project.pbxproj | 8 ++++++
3 files changed, 62 insertions(+)
create mode 100644 DamusNotificationService/PrivacyInfo.xcprivacy
create mode 100644 PrivacyInfo.xcprivacy

diff --git a/DamusNotificationService/PrivacyInfo.xcprivacy b/DamusNotificationService/PrivacyInfo.xcprivacy
new file mode 100644
index 00000000..9860341d
--- /dev/null
+++ b/DamusNotificationService/PrivacyInfo.xcprivacy
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+ <key>NSPrivacyCollectedDataTypes</key>
+ <array/>
+ <key>NSPrivacyAccessedAPITypes</key>
+ <array>
+ <dict>
+ <key>NSPrivacyAccessedAPIType</key>
+ <string>NSPrivacyAccessedAPICategoryUserDefaults</string>
+ <key>NSPrivacyAccessedAPITypeReasons</key>
+ <array>
+ <string>1C8F.1</string>
+ </array>
+ </dict>
+ <dict>
+ <key>NSPrivacyAccessedAPIType</key>
+ <string>File Timestamp</string>
+ <key>NSPrivacyAccessedAPITypeReasons</key>
+ <array>
+ <string>C617.1</string>
+ </array>
+ </dict>
+ </array>
+</dict>
+</plist>
diff --git a/PrivacyInfo.xcprivacy b/PrivacyInfo.xcprivacy
new file mode 100644
index 00000000..9860341d
--- /dev/null
+++ b/PrivacyInfo.xcprivacy
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+ <key>NSPrivacyCollectedDataTypes</key>
+ <array/>
+ <key>NSPrivacyAccessedAPITypes</key>
+ <array>
+ <dict>
+ <key>NSPrivacyAccessedAPIType</key>
+ <string>NSPrivacyAccessedAPICategoryUserDefaults</string>
+ <key>NSPrivacyAccessedAPITypeReasons</key>
+ <array>
+ <string>1C8F.1</string>
+ </array>
+ </dict>
+ <dict>
+ <key>NSPrivacyAccessedAPIType</key>
+ <string>File Timestamp</string>
+ <key>NSPrivacyAccessedAPITypeReasons</key>
+ <array>
+ <string>C617.1</string>
+ </array>
+ </dict>
+ </array>
+</dict>
+</plist>
diff --git a/damus.xcodeproj/project.pbxproj b/damus.xcodeproj/project.pbxproj
index e027c3be..8c485ae3 100644
--- a/damus.xcodeproj/project.pbxproj
+++ b/damus.xcodeproj/project.pbxproj
@@ -639,6 +639,8 @@
D7EDED332B12ACAE0018B19C /* DamusUserDefaults.swift in Sources */ = {isa = PBXBuildFile; fileRef = D7EDED322B12ACAE0018B19C /* DamusUserDefaults.swift */; };
D7EDED342B12ACAE0018B19C /* DamusUserDefaults.swift in Sources */ = {isa = PBXBuildFile; fileRef = D7EDED322B12ACAE0018B19C /* DamusUserDefaults.swift */; };
D7FB10A72B0C371A00FA8D42 /* Log.swift in Sources */ = {isa = PBXBuildFile; fileRef = 4C2B10272A7B0F5C008AA43E /* Log.swift */; };
+ D7FB14222BE5970000398331 /* PrivacyInfo.xcprivacy in Resources */ = {isa = PBXBuildFile; fileRef = D7FB14212BE5970000398331 /* PrivacyInfo.xcprivacy */; };
+ D7FB14252BE5A9A800398331 /* PrivacyInfo.xcprivacy in Resources */ = {isa = PBXBuildFile; fileRef = D7FB14242BE5A9A800398331 /* PrivacyInfo.xcprivacy */; };
D7FD12262BD345A700CF195B /* FirstAidSettingsView.swift in Sources */ = {isa = PBXBuildFile; fileRef = D7FD12252BD345A700CF195B /* FirstAidSettingsView.swift */; };
D7FF94002AC7AC5300FD969D /* RelayURL.swift in Sources */ = {isa = PBXBuildFile; fileRef = D7FF93FF2AC7AC5200FD969D /* RelayURL.swift */; };
E02429952B7E97740088B16C /* CameraController.swift in Sources */ = {isa = PBXBuildFile; fileRef = E02429942B7E97740088B16C /* CameraController.swift */; };
@@ -1434,6 +1436,8 @@
D7EDED202B117DCA0018B19C /* SequenceUtils.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SequenceUtils.swift; sourceTree = "<group>"; };
D7EDED2D2B128E8A0018B19C /* CollectionExtension.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CollectionExtension.swift; sourceTree = "<group>"; };
D7EDED322B12ACAE0018B19C /* DamusUserDefaults.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DamusUserDefaults.swift; sourceTree = "<group>"; };
+ D7FB14212BE5970000398331 /* PrivacyInfo.xcprivacy */ = {isa = PBXFileReference; lastKnownFileType = text.xml; path = PrivacyInfo.xcprivacy; sourceTree = "<group>"; };
+ D7FB14242BE5A9A800398331 /* PrivacyInfo.xcprivacy */ = {isa = PBXFileReference; lastKnownFileType = text.xml; path = PrivacyInfo.xcprivacy; sourceTree = "<group>"; };
D7FD12252BD345A700CF195B /* FirstAidSettingsView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = FirstAidSettingsView.swift; sourceTree = "<group>"; };
D7FF93FF2AC7AC5200FD969D /* RelayURL.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = RelayURL.swift; sourceTree = "<group>"; };
E02429942B7E97740088B16C /* CameraController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CameraController.swift; sourceTree = "<group>"; };
@@ -2451,6 +2455,7 @@
4CE6DEDA27F7A08100C66700 = {
isa = PBXGroup;
children = (
+ D7FB14212BE5970000398331 /* PrivacyInfo.xcprivacy */,
4C32B9362A9AD44700DC3548 /* flatbuffers */,
4C9054862A6AEB4500811EEC /* nostrdb */,
4C19AE4A2A5CEF7C00C90DB7 /* nostrscript */,
@@ -2756,6 +2761,7 @@
D79C4C182AFEB061003A41B4 /* Info.plist */,
D70A3B162B02DCE5008BD568 /* NotificationFormatter.swift */,
D74AAFC42B1538DE006CF0F4 /* NotificationExtensionState.swift */,
+ D7FB14242BE5A9A800398331 /* PrivacyInfo.xcprivacy */,
);
path = DamusNotificationService;
sourceTree = "<group>";
@@ -2984,6 +2990,7 @@
buildActionMask = 2147483647;
files = (
4C1D4FB42A7967990024F453 /* build-git-hash.txt in Resources */,
+ D7FB14222BE5970000398331 /* PrivacyInfo.xcprivacy in Resources */,
3ACB685F297633BC00C46468 /* Localizable.strings in Resources */,
4CE6DEEE27F7A08200C66700 /* Preview Assets.xcassets in Resources */,
3ACB685C297633BC00C46468 /* InfoPlist.strings in Resources */,
@@ -3017,6 +3024,7 @@
isa = PBXResourcesBuildPhase;
buildActionMask = 2147483647;
files = (
+ D7FB14252BE5A9A800398331 /* PrivacyInfo.xcprivacy in Resources */,
);
runOnlyForDeploymentPostprocessing = 0;
};

base-commit: 669a313f92a01594437fe67a8c62ec35888b9280
--
2.44.0

[William Casarin]

On Sat, May 04, 2024 at 01:28:06AM GMT, Daniel D’Aquino wrote:
>This commit adds missing privacy report information for both damus and
>the notification extension.
>
>It details the reason we use
>- File timestamps
>- UserDefaults
>
>The reason codes were taken from Apple's documentation: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api
>
>Testing
>--------
>
>PASS
>
>Damus: this commit
>Steps:
>1. Build app for archival
>2. Access the local archive and perform a secondary click
>3. Click on "Generate Privacy Report"
>4. Open the privacy report PDF. It should show no errors. PASS
>
>Closes: https://github.com/damus-io/damus/issues/2184
>Signed-off-by: Daniel D’Aquino <dan...@daquino.me>
>---

still not sure what its about but ok! lol

Reviewed-by: William Casarin <jb...@jb55.com>

[Daniel D'Aquino]

On May 4, 2024, at 09:21, William Casarin <jb...@jb55.com> wrote:

On Sat, May 04, 2024 at 01:28:06AM GMT, Daniel D’Aquino wrote:

This commit adds missing privacy report information for both damus and
the notification extension.

It details the reason we use
- File timestamps
- UserDefaults

The reason codes were taken from Apple's documentation: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api

Testing
--------

PASS

Damus: this commit
Steps:
1. Build app for archival
2. Access the local archive and perform a secondary click
3. Click on "Generate Privacy Report"
4. Open the privacy report PDF. It should show no errors. PASS

Closes: https://github.com/damus-io/damus/issues/2184
Signed-off-by: Daniel D’Aquino <dan...@daquino.me>
---

still not sure what its about but ok! lol

LOL this is just a metadata file that tells Apple why we are using those APIs (e.g. Whether an app uses UserDefaults to simply store user data, or to do some kind of creepy tracking).

Apparently we can also use this file to define a "privacy nutrition label” (That label we see on the App Store summarizing what kinds of data are collected and for what)

Apple is trying to gradually enforce usage of these privacy manifest files.

Reviewed-by: William Casarin <jb...@jb55.com>

Thanks! Pushed to d4f041aeadd021cc4cc165e226af195c57c834dd on the 1.8 release branch, and merged it up to `master`

I will put some comments on the plist code to help you understand what each piece means:

.../PrivacyInfo.xcprivacy                     | 27 +++++++++++++++++++
PrivacyInfo.xcprivacy                         | 27 +++++++++++++++++++
damus.xcodeproj/project.pbxproj               |  8 ++++++
3 files changed, 62 insertions(+)
create mode 100644 DamusNotificationService/PrivacyInfo.xcprivacy
create mode 100644 PrivacyInfo.xcprivacy

diff --git a/DamusNotificationService/PrivacyInfo.xcprivacy b/DamusNotificationService/PrivacyInfo.xcprivacy
new file mode 100644
index 00000000..9860341d
--- /dev/null
+++ b/DamusNotificationService/PrivacyInfo.xcprivacy

Privacy manifest for the notification extension

@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+ <key>NSPrivacyCollectedDataTypes</key>
+ <array/>

The two lines above define the Privacy nutrition label for the notification extension (It’s an empty array because we don’t really collect data there)

In other words: "No data collected"

+ <key>NSPrivacyAccessedAPITypes</key>

We will start defining reasons for using specific APIs

+ <array>
+ <dict>
+ <key>NSPrivacyAccessedAPIType</key>
+ <string>NSPrivacyAccessedAPICategoryUserDefaults</string>

“Why are we using UserDefaults?"

+ <key>NSPrivacyAccessedAPITypeReasons</key>
+ <array>
+ <string>1C8F.1</string>

For reason "1C8F.1”: 

“(…)to access user defaults to read and write information that is only accessible to the apps, app extensions, and App Clips that are members of the same App Group as the app itself. (…)"

+ </array>
+ </dict>
+ <dict>
+ <key>NSPrivacyAccessedAPIType</key>
+ <string>File Timestamp</string>

“Why are we accessing file timestamps?” (We need this because of our `statfs` calls from `mdb`)

+ <key>NSPrivacyAccessedAPITypeReasons</key>
+ <array>
+ <string>C617.1</string>

For reason "C617.1”:

 “(…) to access the timestamps, size, or other metadata of files inside the app container, app group container, or the app’s CloudKit container (…)"

+ </array>
+ </dict>
+ </array>
+</dict>
+</plist>
diff --git a/PrivacyInfo.xcprivacy b/PrivacyInfo.xcprivacy
new file mode 100644
index 00000000..9860341d
--- /dev/null
+++ b/PrivacyInfo.xcprivacy

Now we do the same for the Damus App itself

@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+ <key>NSPrivacyCollectedDataTypes</key>
+ <array/>

"No data collected"

+ <key>NSPrivacyAccessedAPITypes</key>
+ <array>
+ <dict>
+ <key>NSPrivacyAccessedAPIType</key>
+ <string>NSPrivacyAccessedAPICategoryUserDefaults</string>
+ <key>NSPrivacyAccessedAPITypeReasons</key>
+ <array>
+ <string>1C8F.1</string>

We use UserDefaults to access data within an app or app group. (i.e. we are not using that to track people)

+ </array>
+ </dict>
+ <dict>
+ <key>NSPrivacyAccessedAPIType</key>
+ <string>File Timestamp</string>
+ <key>NSPrivacyAccessedAPITypeReasons</key>
+ <array>
+ <string>C617.1</string>

We access file timestamps (fstat) inside the app or group container only. (i.e. we are not using that to track people)

—
2.44.0

I hope this clarifies things!

[William Casarin]

On Mon, May 06, 2024 at 06:48:57PM GMT, Daniel D'Aquino wrote:
>I hope this clarifies things!

Interesting, good to know!