App Store warning for Privacy Manifest

[Ayush Vaish]

I recently submitted some iOS apps to the App Store, which incorporate Admob SDK 11.2.0 (there is no other third party SDK being used).

The following warnings were received for each app via email from the App Store - 

Although submission for App Store review was successful, you may want to correct the following issues in your next submission for App Store review. Once you've corrected the issues, upload a new binary to App Store Connect.

ITMS-91053: Missing API declaration - Your app’s code in the “******” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryDiskSpace. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

ITMS-91053: Missing API declaration - Your app’s code in the “********” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryUserDefaults. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

I can see the PrivacyInfo.xcprivacy in both the GoogleMobileAds.xcframework and the UserMessagingPlatform.xcframework. And it contains the keys pertaining to the above warnings. So I can't figure out why the warnings were generated.

Also - when I generate the app archive in Xcode (for submission) then right clicking on the archive and selecting "Generate Privacy Report" gives a popup saying "The archive does not contain any PrivacyInfo.xcprivacy" files. This is weird because both the xcframeworks have been imported into the project and linked against the target. 

(I also submitted a similar app which does not incorporate Admob SDK. There were no warnings received for this app).

All the apps have been approved for release but I'm guessing this will not be the case after 1st May.

Please help. 

[Mobile Ads SDK Forum Advisor]

Hello,

Thank you for your inquiry. We are aware of the warnings that occur when uploading an app binary to the App Store. We have raised this issue with Apple. At this time, see our Data disclosure doc to stay up to date on any further developments related to privacy manifests. 

Thanks,
Justin

ref:!00D1U01174p.!5004Q02s0CEa:ref

[Ayush Vaish]

Thanks. I will keep checking the page for updates.

Meanwhile, just an observation on this issue - 

After adding Admob SDK 11.2.0 and archiving the project in XCode, then right clicking on the archive and selecting "Generate Privacy Report" gives an alert saying  "The archive does not contain any PrivacyInfo.xcprivacy" files.

This appears to happen only for the Admob SDK. (I do not use Cocoapods or SPM to integrate Admob. I manually downloaded the SDK and added the files and the required linker flags as described in the integration guide). 

As a test, I incorporated FMDB and copied its PrivacyInfo.xcprivacy file into the app bundle. This generates the privacy report in Xcode with no issues. 

Regards,

[Mobile Ads SDK Forum Advisor]

Hello,

Did you Embed & Sign the frameworks? That should resolve the issue you are seeing. 

[Ayush Vaish]

Thanks. I selected the "Embed & Sign" option in Targets->General->Frameworks and Libraries ...  (it was previously set to "Do not Embed") and now the Privacy Report is being generated with no issues. 

Regards,

[Pablo Muina]

Hey
We are still getting this warning. We are using cocoapods to integrate AdMob. Are there any news on this issue?

Thanks

[Jamie]

I am fairly sure that the GoogleMobileAds framework is using some of the disk space APIs internally and not for any of the reasons that we can legitimately declare under NSPrivacyAccessedAPITypeReasons.

The recent Firebase Crashlytics 10.22.0 release: "removed calls to statfs in the Crashlytics SDK to comply with Apple Privacy Manifests. This change removes support for collecting Disk Space Free in Crashlytics reports" & we need something similar from the GoogleMobileAds team.

Would be good if someone internally can confirm they are aware of this and have roadmapped a release with this resolved before the 1st May deadline imposed by Apple?

Thanks.