Apple's new App Store rule makes it easy to delete accounts and data

App Store
x

App Store

Highlights

Along with the requirement that apps offering paid online group services use Apple's in-app payments.

During its WWDC 2021 event, Apple laid out a series of policy changes for the App Store, tightening the rules for everything from bounty hunting to whether or not Roblox is a game. Now, with the WWDC 2022 event set to kick off on June 6, Apple is reminding developers that it's ready to activate some previously delayed policy updates.

Two changes to the App Store rules that Apple is confirming will take effect on June 30: a requirement that apps that offer paid online group services use its in-app payment system, and a requirement that developers offer easy account deletions (including stored personal data) within any app that allows users to create an account.

The policy on group online services (such as classes and events) was not part of the WWDC 2021 change set; it actually predates that, but Apple has delayed its app three times. The first delay came in the year 2020 after Facebook complained it would unfairly affect vulnerable small businesses, then another delay came in the spring of 2021. It was set to finally go into effect last January, along with the policy on allowing users to initiate account deletion from within an application.

But on January 22, Apple pushed back the deadline for both changes a few more months to June 30, saying it would give developers more time to update their apps, and we don't expect to see any more delays now that Apple has sent out reminders. One is a note about the account deletion requirement, which you can read below, but both policies are mentioned on the next developer changes page.

Apple account deletion requirements:

The account deletion option should be easy to find in your app.

If your app offers Sign in with Apple, you'll need to use the Sign in with Apple REST API to revoke user tokens when deleting an account.

It's insufficient to only provide the ability to temporarily disable or deactivate an account. People should be able to delete the account along with their personal data.

Apps in highly-regulated industries may provide additional customer service flows to confirm and facilitate the account deletion process.

Follow applicable legal requirements for storing and retaining user account information, and for handling account deletion. This includes complying with local laws in different countries or regions. As always, check with your legal counsel.

Show Full Article
Print Article
Next Story
More Stories
ADVERTISEMENT
ADVERTISEMENTS