Just to add some balance to the conversation; this silliness isn't limited to Apple; we've had Play Store reject our app several times for doing something it literally doesn't do; they required us to add a data-protection policy to explain why we did it, and wouldn't accept that it (our app) literally doesn't (the app connects to a self-hosted server the user runs themselves, so it can easily be checked). In the end, we gave up and just added the DPP text anyway and it got approved.
Edit to add: This was for an update, over half a decade after release, not the initial release, and nothing had changed in how it functioned in this regard in that time.
In this case, they were correct to request that you add data protection policy. Your app may still process personal data locally and then you're still subject to data protection regulations.
You're going to have to cite a data protection authority case for me to believe that.
Edit: no, the more I think about it the more this interpretation is completely nuts. It implies that every single software vendor needs to secure consent from every single end user of software they ship through any client.
e.g. if SAP provide CRM software to Contoso, and Jim is a customer of Contoso, even though all the data is processed on Contoso premises, SAP still need to be in communication with Jim?
Well, certainly don't rely on forums to get your legal info. Feel free to consult someone versed with data protection regulations in countries where your app is available.
It doesn't, at least not under GDPR and not in that scenario. Contoso is a "[personal] data controller" and SAP is a "data processor". Contoso has a legal responsibility for all personal data and for all its vendors.
Contrary to a popular opinion, GDPR is fairly logical and close to common sense.
It gets murkier with "joint data processing" (a cursed cop-out for scenarios like Facebook acting both as a data processor for a website's ad tracking and as a data controller for its own ad tracking at the same time), but the scenario you described is not that.
No, it's true. On-device actions count in the eyes of the law. "This app processes the user's data on-device, does not allow other apps to access the data, and optionally copies it to a server that the user provides" is a description.
Righy, isny it easy to understand, esepcially if your app allows http?
The data protection policy would explicitly state such a exposure.
"No ezposure" is a state.
Any app that allows a user to put in a endpoint that transfers the user data should have a data policy, since a malactor could convince the user to change thta endpoint, leading to a breach.
IMO it is benign. Real-world apps don't get much better than that.
For example, allowing the user to access the data is a feature, not a bug, and if you allow the user access to the data, then a blackhat can persuade the user to access and forward the data. This isn't a matter of HTTP or no HTTP, the user's data access is tightly bound to user's risk of social engineering.
Being benign doesn't make the policy self-evident. Google's rule is that you have to state your policy, you're not allowed to argue that users should understand any policy as being self-evident. IMO that's good of Google, because the cost for nice apps like this is so minor: Having to write a one- or two-sentence policy.
Suppose there's an app, Niceapp, that keeps all data on device, and you want to attack it and exfiltrate its data. ① You install it, find out that it stores the data in /sdcard/Pictures/Niceapp, or some other world-readable directory. ② You write your own app with file system and network access permissions. You can find many suitable apps on github that you can rename and prettify. ③ You social-engineer users to install your app, which is then free to read the Niceapp data and exfiltrate them.
The attack works because the unstated policy leaves users (and possibly also the Niceapp developers) open to make inaccurate assumptions.
No. Data processor has a special meaning (at least under GDPR) and requires you to be a separate entity from the data controller (article 4(8) of GDPR). Just because you process data, will not make you a data processor.
A software developer is neither a controller, nor a data processor per se, but the question is why the software processes any personal data.
If there is no third person on whose behalf you process data, you might still easily be a data controller and all the privacy related obligations primarily rest on this role.
Controllership does not depend on sending any data to remote locations/other apps outside the phone etc., but more on whether there is any personal data processed in the app at all and if there is, the reason for that processing. If you're not processing any personal data, you'll not be a controller, but if you do, you'll be unlikely to be able to skip this responsibility altogether. Considering you'll be the only one knowing exactly what your software can and cannot do with what kind of personal data, you'd better at least explain that to the user. Surely, developers of some software (e.g. compilers) will never be data controllers even if the software can compile software to process personal data... But for many frontend software, like apps, there is no such easy way out unless not processing any personal data at all, including usage data, which is also not an easy thing to do.
But that doesn't mean you can just skip the obligation towards the store manageer who says you HAVE to provide a privacy policy even if you don't process any personal data.
Similarly, processing for "purely personal or household activity", even by automated means is outside the scope of GDPR in EU, but that will not save you from the privacy policy obligation towards Apple or whomever.
If you have tge user enter a arbitrary endpoint, you are explicitly shipping user data off tge device and a foreign actor could use your app to maliciously MITM that arbitrary endpoint.
It doesnt mattet if you good faith assume he user of your app is smart wnough to keep the app and that endpoint secure, you are providing a meansnto exfiltrate your app data
Yes, unless someone spells out to you that they're the data controller and taking legal responsibility (think Google Analytics)
I know that's the opposite of what they led with, I'm not trying to be cheeky. It's just shorter if you invert the premise and avoid technicalities.
In general, on HN, I see people struggling to wrap their mind around that everyone who takes in data has to take it seriously, at least, that's how the app stores view it.
As the app developer you clearly control the means of processing, you are the data controller. You may have opted for “offline processing” which simplifies your compliance, but it is still processing under your control (and subject to change in future updates, which needs to come with a change to your data processing policy with informed user consent).
It is certainly not processing under your control. You don't do anything with the data - none of your computers are involved, you never see or read or copy anyone's data whatsoever. The data subject is processing their own data, using a tool they perhaps don't understand (if the source code is unavailable, for example). The user is at liberty to start or stop the processing at any time.
I don't even think this would apply in the pathological case where a bug in the app causes the personal data to be leaked. You didn't leak it, the user did.
You would think for a 30% cut of all your [insert eStore name]-related business, it would include at least basic developer support explaining their decisions.
Product opportunity: Apple Store platinum plan for just 60% of your revenue. State of the art AI account managers will be happy to answer all of your questions.
Google and Apple should not control what happens on mobile. They're too big and they've monopolized computing as a platform.
Why do these companies get to say what you do with your camera, how you order food, or who you date? Their App Store dictatorship lets them control all of this.
The DOJ needs to mandate web installs for both platforms. Sandboxing, permissions dialogues, behavioural heuristics, and signature detection are all we need to keep us safe. The App Store concept is just a grift to earn Apple and Google margin on all transactions.
Google (knowingly?) benefits from the current posture of defaults.
You can't one click install a web app, nor is it the expected user behavior.
The "might be harmful" and buried system dialogues mean that 0.001% of users will ever do this. It's completely unviable.
In a sense this might be worse behavior. Google gets to skirt regulatory scrutiny, yet functionally enables zero companies and users to leverage this path.
>Why do these companies get to say what you do with your camera, how you order food, or who you date? Their App Store dictatorship lets them control all of this.
Can you share some examples of when this happened to you?
The app store controls what food ordering and dating apps are allowed to exist. So it's not a "to this person specifically" situation, but certain things don't make it to the market.
(personally I'm in the middle on this: some quality control is valuable, and probably essential for anything with access to user data or payment services. But the store is also anti-competitive.)
> Moreover, what if I don't want Google or Apple to know about my {Islamic LGBT app, Chinese Democracy app, etc.} ?
I admit that I don't know about Apple's ecosystem, but if you don't want Google to know about your Islamic LGBT app, you don't have to tell them. Android users can download your app off your personally-owned .com and install it to their phone no problem.
Here to see all the creative justifications for why Apple is correct, and it's actually the app developer's fault for not clearly stating why an app that users explicitly downloaded to take photos takes photos. It's for the users' own protection of course.
Even after all these years the reality distortion field is strong as ever. Meanwhile if Google had done this people would already be outside their HQ with pitchforks and calling for the government to break up their evil monopoly.
This is a strange narrative to me. Google and other companies have done crappy things without people calling for a break up of the company. It’s possible you are in your reality distortion field. An anti-Apple one.
I don’t know anything about this particular case but there is a gray area when it comes to what an owner of a platform should/shouldn’t be allowed to do. I hope the EU cracks down hard on both Apple and Google. Both of these platforms have become essential to modern life in many ways and as such a case can be made for strict government oversight of them.
Nobody seems to be suggesting it is any better when Google does it; but on Android (if you ignore the efforts that Google has gone to to make the experience be limited) one can at least avoid the AppStore altogether, while still installing and running various things on device.
> This is a strange narrative to me. Google and other companies have done crappy things without people calling for a break up of the company.
Just a minor nitpick/correction here but there are multiple ongoing anti-trust suits that Google is getting killed on that very likely will lead to the breakup of some of its company's products, so that may be where the comment you are replying to is coming from.
It’s still a lame review of social media commentary and not a novel take
A cherry picked measure of some rando who thinks Apple is taking money off the table that would be ours if not for Apple; free the market from this Kraken!
More banal free market retail capitalism demands from the IT crowd who would be Tim Cook themselves.
When someone here defines novel mathematical axioms, humanity will have reason to be impressed. Iterating inside the same old knowledge bubble and skill set is uninspiring; the demand to create an economic brand and build a flock of sycophants is sad old roleplay
I think Apple rightly gets the most criticism since their marketing is among mind-control levels and they are fine with doing unethical things (Lying in ads, using fake customers to pretend to have popularity, astroturfing/upvote farms to control narratives, making people status insecure)
Once you realize how dirty Apple's marketing is, its quite off-putting. I have a similar aversion to Samsung, Nintendo, Disney.
Maybe Google does mind control, but I didn't catch them. Apple, Samsung, Nintendo, Disney, these companies have no qualms making you feel pain to get a sale.
This is news to me regarding the level of shittiness of Apple's marketing. Do you have any sources? If not that is OK. I don't think it's outside the realm of feasibility that this is so. It's not an extraordinary claim. Apple executives have the aura of "good guys" but that is merely a public facing facade.
Nope, not seeing anyone defending Apple on this (at least in the top hundred or so comments at time of writing). Even if you can find one, the posts ITT remarking on how common ridiculous Apple defenses are likely outnumber the actual comments defensive of Apple. Y’all may want to adjust your priors.
I agree Apple is a monopoly and their software grip should be loosened. However, in this particular case, I think Apple is correct.
The intended functionality of the App, no matter how obvious it may seem, needs to be documented to users IMO. Yes it's a camera app - yes it takes pictures. However, users should understand WHEN and under what conditions the app takes pictures.
Saying "this app takes photos" is really not enough. Does it take photos while I sleep?
That might sound ridiculous but remember the plethora of apps that take location data when they don't explicitly need it at that moment.
I’m coming fresh off weeks of app rejections that turned out to be I included the word “review” in the description of my app on the Google Play Store, and best I can tell was an automated rejection based on keyword matching and entirely unhelpful to explanatory text, so let us not pretend Google is running a tighter ship here.
I suspect this is in no small part because many people here’s livelihoods are dependent or intertwined with said Corps, whether directly or indirectly. It’s very difficult to separate that innate bias.
I don’t agree with the gp comment’s sentiment though, plenty of people here and elsewhere go hard to bat for google, although admittedly lately that’s increasingly difficult to do with a straight face.
I've found out even seasoned (but more often junior) devs and other folks have trouble accepting that their job is just another cog in some corporate machine where their added value or morality of job is often sorta grey area, without clarity even on the shade of it.
It can be banking, it can be ad business, or any other morally questionable endeavors, its the same story. Don't blame them per se, they don't know better and life would look suddenly pretty bleak with cold hard look in the mirror. Maybe the only clear failure IMHO is to not have something much more important defining who you are to yourself, your self-worth to say. Because then this becomes rather unimportant aspect of your existence and the need for elaborate invention of new convenient truths is much lower.
> I've found out even seasoned (but more often junior) devs and other folks have trouble accepting that their job is just another cog in some corporate machine where their added value or morality of job is often sorta grey area, without clarity even on the shade of it.
This was/is very difficult for me. I am about a decade into my career and 15 years into when I first started seriously messing around with tech - in those days, ~2010, tech was seen as the future to the planet and that message very much was pitched all around silicon valley and trickled into my coursework. The massive disillusionment I felt right out of school was a really hard hit and caused a bit of depression. I wasn't changing the world, I wasn't even doing anything remotely useful for a company that also wasn't doing anything remotely useful and I think that's been the case for most of my career, outside of the occasional instances where I do consulting (which I find rewarding actually).
But such is life, outside of tech as well. I take pride now in my work, not whatever I think I am contributing to society. If my work is doing something ultimately pointless or supporting something that is morally or ethically gray, I take pride in ignoring that (because I have no control over it) and doing it as best as I can and that has helped a lot. Some may judge me harshly for that, but I don't care, it is really one of the only sane ways to cope - rather than conjuring insane justifications for why things are the way they are (which suck).
I’ve never understood why one would take time out of their lives, go to an online forum, and simp for a trillion dollar corporation or a billionaire. What are they getting out of it? MegaCorp isn’t going to give you a coupon for defending their honor online. Their CEO isn’t going to come to your birthday party. Their PR team isn’t going to send you a nice letter on parchment thanking you. What does one get out of putting finger to keyboard in defense of a megacorp? You see it all the time on HN and it is bizarre.
Because sometimes people are being wrong on the internet and given the entire point of this site is discussion, well, what else would you expect.
Nobody is simping for anything. Taken at face value, folks just have an opinion that is different than your and they are expressing it on a site designed explicitly to express such things. And that is just fine.
Who knows maybe they have a point that you never considered. Why else would you visit the comments here? Just to get a pat on the back that every person on the planet thinks exactly like you do?
Here’s my creative justification: there’s a policy that works for 99% of apps, and in this case requires Halide to fill two sentences of text in to comply with. The alternative would be more mad.
You understand that this is an entirely separate argument about an entirely separate issue right? Even if Apple did do that, presumably it wouldn’t change their process for listing things on their curated App Store.
The fact that Apple's app store is the ONLY place for third party software means that the issue of app store listing policies and the inability to load unapproved software are deeply linked, and effectively the same issue.
If Apple allowed me to load software from third parties directly, like I do on my computer, I wouldn't care what the App store policies were, much like I don't care what the MacOS app store policies are.
With however many hundreds of thousands (or millions?) of apps in the store, the reason for why is quite obvious. Apple doesn’t need to have AI models that try to figure out what permissions an app would need. Nor do they need to hire people to do that manually.
Instead, they can make app developers fulfill whatever criteria they want. It’s their platform after all.
This is just some dumb random app reviewer as the creator of Halide said themselves.
It’s like going to the DMV, the type of people who work at those human facing administrative jobs often don’t care about doing their job well, they just blindly check boxes and exploit their small of amount of power to avoid any personal responsibility.
I'm the Halide cofounder who shared the silly rejection that blew up. I'm knee deep in our iPhone 16 update and tired, so I don't feel like engaging the discourse that comes up over and over around the App Store. Instead I'll just paste the follow-up I just posted to Reddit:
Hey everyone. Apple followed up with us to confirm this was a reviewer goof. Normally, they don't sweat that description when it's obvious it's a camera app. They're stricter on apps that don't really need camera access. This was human error, there's no need for us to change the description, so we're all good.
I once had a very frustrating battle with a new reviewer who told me my utilitarian app did not offer an "innovative experience" and wasn't "interactive" enough.
So I had to add a completely useless feature where a user could partition their database by marking some items as "favorites" and have a separate "favorite" view.
This was then approved, with the assertion that "it's now the magical kind of experience users expect from the App Store."
I'm pretty invested in an Apple ecosystem for some very specific software, but that was nearly enough to make me ragequit (unfortunately, the specific software is not something I could develop/imitate under Linux without a huge financial investment).
Well first, read my post. I'm not talking about Macs.
I think this is a cultural divide for young developers, because older developers wouldn't think twice about my comment, but clearly it's an unpopular opinion.
In carpentry, your hammer doesn't tell you what you can and cannot fasten.
No commercial, professional engineering tools require features for consumers, like favoriting items, for them to be distributed.
If that's lost on you, then I have no idea what you think a professional tool is, but there's no world I operate in where you and I share the same idea of it.
The most bizarre App Store rejection I’ve seen was for a TV app which was rejected by Play for ‘Policy Violation’ without much explanation… After several rounds of resubmissions and emails it turned out the problem was some channels on it were in 4:3 (not widescreen). Google required we add a ‘warning’ to the App Store description that it contains 4:3 content!
Remember when MS was sued by the DoJ for bundling IE? And they didn't even block Netscape or put onerous requirements on third party software developers? What a different time.
It's a comment on their monopoly position and how they can make it difficult at any point for a third party to run their business/app. Apple doesn't need to jump through these hurdles, but they can be placed in front of anyone else randomly, disrupting their business and income and at the very least, creating a worse user experience for those apps.
The article states that the alert had to be changed from:
"The camera will be used to take photographs"
to
"The camera will be used to take photographs for the app that you just downloaded to take photographs for."
"Spotify, why would you like to play audio? Please notify the users that you are using the speakers to play the audio for the app they just downloaded to play audio."
If they make using third party apps a little more scary, a little more dense, consistently, people will slowly gravitate to Apple's first party apps. You can see a similar pattern for MacOS where more and more restrictions are added to opening apps downloaded from outside the App Store.
Maybe for Apple - but there's crap running on my lineage phone I've not had the courage to look up. I just generally hope the firewall is working and only the apps I actually want to connect to the internet are able to do so.
And I suppose CPA exists to help understand tax laws, and there is always a possibility to sue the government if you don't agree with them on how the law works.
Whereas with app store reviews, it's a black box with no option other than trial and error to figure out what to do.
That is a terrible reason to request camera access. It is just restating the access request and it should be rejected. Why will photographs be taken? Because it is a camera/photography application and will only take photographs on explicit user request.
But as you just downloaded a camera app that you want to use to take pictures, that description is actually already beyond what could reasonably be expected.
In my job capacity, I give status updates about many unrelated projects.
If I am not explaining full context in a seemingly simple update or question, I will get my hand slapped. And if I tell my boss to “read” it’s going to go worse.
I would have removed the risk of removal by simply prefacing the app is a professional camera app and taking photos is the primary user function.
And not just a lesson for here but also in life: One-liners are fun to say, but people generally don’t like being on the receiving end of them.
Doesn't Apple try to justify their 30% revenue cut by saying they offer unparalleled curation services in their app store?
This is an example of such an unparalleled curation service. The app makers are just lucky enough to be popular (and even promoted by another arm of Apple) or they'd still be out of the app store.
It shouldn't be the developer's burden to ensure that the reviewer is operating above the reading level of a toddler. I am sorry that your boss apparently cannot, but that's not justification for all industries to operate that way. The purpose of a camera app is to take photographs. A user who downloads a camera app probably wants to use it to take photographs. This is something a child can understand. If I have to hold the reviewer's hand and explain what a camera is, I severely question whether that reviewer is qualified to be doing that job.
In my painful and long experience, that mindset just doesn't work if you're trying to become a more effective communicator and save yourself time in the long run.
The text is not for the reviewer, it's for the user of the app.
Imagine the ridiculous level of explanatory humdrum apps would need to conjure if they were to explain themselves to uninterested people pressed for time like that reviewer you described?
Welcome to Halide. This is Halide. Halide needs camera access to take photographs. You can take photos of anything. Anything at all. The only limit is yourself. Anything is possible in Halide. You can do anything with Halide. The infinite is possible in Halide. The unattainable is unknown in Halide. Welcome.
I use it for lots of things that aren’t photography, scanning QR codes, AR uses like seeing how a piece of furniture will look in my house, identifying stars.
How is scanning a QR code photography? Photography is "writing with light"; the key property is that of making a lasting record of a transient handful of photons. When scanning a QR code, the imaging is incidental, but more importantly no record of the "light" is made. If scanning a QR code is photography, so is sitting on the porch reading a book...
Like photometry, and spectroscopy, and videography, and camera obscura, and a hundred other things. A camera is a tool for redirecting photons to create an image of a scene on a 2D plane. So many more things than just creating durable images by recording the spatial distribution of light on a plane (photography) are possible with such a tool.
Really needs to be regulated with some kind of oversight for this kind of silliness, and even better, needs a way for users to sideload when they choose to accept the risk and let devs sell direct. I side with Epic on that one.
I don't even like the term "sideload" honestly. It implies that Apple reasonably has any say over the software installed on a computer they don't own, and by "sideloading" you are circumventing that. They have no meaningful say. Exercising power over a computer they don't own is simply malware, and would be illegal if it were not for the associated branding.
People should be able to control computers they own. Simple as that.
Except that there’s no way for you to boot the machine on anything other than Apple’s approved firmware. You don’t have the keys, you don’t have ownership. (Not commenting on whether I agree or not, just the facts.)
State coercion? You mean do I think that legal fictional entities (corporations) that exist by virtue of rules and laws, and benefits from the protection of those rules and laws, should also have to be subject to restrictions imposed by those rules and laws? Hell, we even forced Microsoft to offer third party browsers from their competitors at one point.
Yes, I do think that is a good idea.
We use state coercion to force Apple to not design products that burst into flames, to repair or replace products that the courts have deemed to be defective, we have even forced apple to use USB-C connectors, or as you say, to "misdesign" their products.
Apple can and has used the App store to hurt consumers and competitors. The terms and conditions aren't static, so what I agreed to when I bought my phone isn't the same as the current policy. I absolutely think that the state should "coerce" them to "misdesign" their software by removing an artificial limitation and to allow apps sourced from different servers than their own when it harms consumers and restricts competition.
I think the harm to consumers would be greater if iOS were forced to adopt the "1998 Linux box" software distribution model. The danger is prominent apps ditching the app store in favour of their own distribution solutions. This is, in fact, exactly what Epic intended when it launched its lawfare to force apple to misdesign its products.
The forced misdesign also increases cost (inevitably passed onto the consumers) as Apple is forced to either develop separate solutions for every relevant jurisdiction, or universally apply the most restrictive misdesign dictates.
I don't know what you mean by "1998 linux box" sotware distribution.
I'm typing this on MacOS, which can install software from any source, including the app store. It works fine for all of my purposes, and any purpose I can imagine. I have never worried that Apple will suddenly get into a disagreement with an App maker and disable my ability to buy their software.
> The forced misdesign also increases cost (inevitably passed onto the consumers) as Apple is forced to either develop separate solutions for every relevant jurisdiction, or universally apply the most restrictive misdesign dictates.
They already have to design solutions for their app store for every jurisdiction, tax compliance and payment for just the app store probably has a team devoted to it. If a Brazilian court orders apple to stop distributing Twitter in Brazil, they will absolutely comply. I'm not asking for them to 'misdesign' anything. I'm asking for it to be possible to run a package downloaded from anywhere. I'm not asking them to distribute it via their store.
If I could install whatever app I wanted on an iPhone, I would definitely try one out and very likely switch to using it over Android.
I actually did have an iPod Touch back in the early days of iOS, but it did not play well with my non-mac desktop, so I sold it and haven't owned an Apple device since then. But I am totally willing to give them another chance.
But to answer your question- because free markets require regulation to keep them free. If Google and Apple are allowed to have an unregulated duopoly, they will abuse that position to force out competitors and prevent new ones from entering the market.
I own a Mac Book Air from mid-2012. I run nixos on it. It does what I tell it to. When it dies, I will have to figure out if I will have the same control on the next one I buy - if not, I won't buy it. It's not a theoretical argument.
Yes, and the process made public and transparent, especially for gatekeepers. This kind of mistakes happen both ways - legitimate apps have a hard time publishing updates and malicious apps get through and are made available to users.
If anything, government regulation would make the App Store submission process even more onerous. Instead of new hire apple/google contractors you’ll be getting cranky government staff who probably have less agency than the former contractors ever had.
I guess the reviewer might not be familiar with the name, but after seeing what the app is for, it should be obvious. Unfortunately it seems the reviewer didn't have the competence to reach the second part.
My app was rejected for about 1 week because some home screen widgets I have advertised don’t show up on their simulator. This is a known bug with the iOS simulator and the widgets show up after killing the app and opening it again. I explained this and they ignored it and continued rejecting it. After I pushed a new build which targeted ios 18 (and did not fix the issue they were claiming was there), they accepted it within minutes.
If it were just some random app, even something obvious like a camera app, I could be a little forgiving. Maybe the reviewer hadn’t heard of it. Maybe it wasn’t immediately obvious that it was a camera app.
But the app was featured in the Glowtime event just weeks ago. The app has won an Apple Design Award. It has been in the App Store for, what, seven years? Of all the apps to reject, the reviewer sure made a poor choice.
App Store reviewers need to get their acts together. Last week our app was rejected for submitting it for iOS 18, then they accepted it right away after realizing their mistake. Very weird.
Ive worked as a mobile app dev consultant since before the iPhone and have submitted nearly a 100 apps over the years. I always warn clients that when submitting an app you are at the mercy of the reviewer and their knowledge of Apple HCI guidelines, which is a lengthy tome of a document... I have had all manor of rejections for weird reasons, but have also had rejections where I just resubmit with no change or justification and get approved. I have also never had to specifically justify camera use and trust me, I have clients build some stupid ass apps that use the camera. This was random and probably the result of poor internal communication.
Apple previously published extensive Human Interface Design guidelines that were too-notch. For a generation of computing they really raised the bar on usability and improved experience. (Recently all of computer usability has gone far downhill, IMHO, especially starting with all the flat interfaces, and the penchant for mystery meat icons everywhere, but I digress from my main point...)
If Apple is going to have strict usability requirements on the clarity of the permissions requests, that has the potential to be a good thing. But that requires establishing guidelines, and publishing them, and being clear about what in the prompt does not meet the guidelines.
> Update: Halide’s Sebastiaan de Wish says the company received a call from Apple informing them that this was a mistake. Halide can now resubmit to the App Store “without any changes required.”
That was my first thought as well, "The camera will be used to take photographs" seem pointless, if it's a camera app it's obvious if it's not it does not help the reviewer.
I’m guessing reviewers have very limited time for each review. I don’t know what the internal process looks like, but I’m guessing an automatically generated screen listing the app’s permission requests, the justifications for each and other stuff? I would be surprised if there would be time for them to actually use any of the apps that they review or if they even have a phone to try apps on.
This seems exactly the kind of result I would expect from LLM automation. I would never trust any system that used LLM output without human review. Actually, I don’t think I would trust any system that used LLM output even with human review.
I ship 50+ app updates per year on the Apple App Store including updates for a top 10 ranked app. This kind of thing happens more often than less. It mainly hurts timed promotions or marketing efforts that the rest of the company has planned for.
Last month our app was rejected for not working on the iPad Air. This rejection came in at 2 am in the morning on a weekend. App was never supported for iPad. My company panicked but I realized what was happening and just sent it for review again and it was accepted after 15 hours.
But the damage was done and iOS platform missed the marketing launch. Android made it through.
It’s a mess because the review is almost always disproportionate to the changes you might have done in a update. That update was a simple content change and there was no reason to assume it would be blocked. But there is never any guarantee. Sometimes they will say you can’t say iOS 18 in your release notes. :) it’s dumb so be warned, set the right expectation to the rest of the organization.
Even ChatGPT can give me better worded version in 5 seconds
“Halide needs access to your camera to capture photos and videos with advanced controls for pro-level photography.”
For user facing text I tend to always try a LLM version, just because the results are so middle of the road, which is exactly what I want in a case like this.
That's not very readable and way too many words. Reads like a marketing copy. The purpose of the sentence isn't apparent; a person who struggles with English could be confused what advanced controls or pro photography even have to do with camera permissions.
The reality of the situation is that the camera app needs camera permissions because it's a camera app. It's for taking photos, you know.
But that's not really precise. Halide needs access to the camera to take any pictures at all, whether there are advanced controls or not, and for crappy or pro-level photography.
In other words, "camera app needs access to the camera."
“Needs access to the camera” is inherent in the modal popping up in the first place.
Explain why you need it and what you’ll use it for.
“Halide needs access to the camera to capture the photos you take.”
Capture photos, that’s obvious. Will only be used when _I_ choose to take photos. That’s good to know!
Contrast with something like “App needs access to capture the photos you take as well as perform periodic background captures and image recognition to provide feedback to our advertising partners.”… Wait, what?!
Still silly, but I don’t think there’s no room for more precision and clarity here. The prompt Halide is using doesn’t actually say they’re _not_ doing the second one.
The thing is. I like apps needing to display and even better request permissions for resources like the camera, files and clipboard.
But that should be the limit. What I don’t want is somebody, anybody other than my self deciding if an application actually needs those permission.
WE need an alternative to walled garden app stores. It can be fine that a curated store exist that does these things. But they need to live side by side with stores or catalogs that do less and more.
It’s an uphill battle because Apple and Google both know that it will be a loss of revenue for them. What is silly though is they could make the App Store have sub app stores curated by different entities (or not at all) and solve all this and keep revenue. But they won’t.
Given how that reads, I'd think listing any single specific reason a user would want to take photos with this app instead of the default camera app would have worked fine.
Personally, I don't even think this is sillyness. yes it should be strict to release apps and you should be accountable and have to explain why you need access to specific permissions on the app stores.
The age of open permissions is should be long over.
I'm sick over overreaching app permissions wasting my battery trying to collect more data on me. If you want more data, provide more value.
But it's a camera app. Of course it needs the camera.
It's not overreaching app permission, it's been rejected because the text "The camera will be used to take photographs" wasn't considered a good enough explanation for the permission.
If you cant sufficiently explain why your app needs the permissions it does thats on you and the submitter needs to take accountability here. Resubmit with a better explanation.
I get that the app store is strict. But its strict for a reason. Apple or the app store isn't out to get your app or you.
All right, mister smarty pants. Let's hear it then: What is a better explanation than "this app need camera permissions, because it takes photos, because it is a fucking camera app"?
Halide is a professional-grade camera application that offers advanced photography features such as manual controls, RAW and ProRAW capture, live histograms, focus peaking, depth capture, macro photography, augmented reality overlays, adaptive gesture controls, exposure tools like zebra stripes, and advanced video recording options. In order to provide these functionalities, these require camera permissions to access and control the device's camera hardware in real-time. Each feature relies on direct interaction with the camera to adjust settings, analyze live image data, and offer immediate feedback, making camera access essential for the app to function as intended and enhance the overall user experience.
moral of the story. spend 3 extra minutes writing something out and save yourself from a headache.
why are we assuming every person that reviews apps knows what ur app does? with submissions like this the explain it like im 5 approach is necessary.
I agree that permission requests should include sufficient context -- but I think that paragraph is way too long for the purpose. People do not read unexpected dialog text. I'd save that for the App Store description, when people are more receptive to detail.
For the permission request, I'd condense your paragraph into a sentence or two.
It's not unusual to download an app, but not launch it immediately. Demanding that the user remember your App Store description is unfair. It's your baby, not theirs.
They might not launch your app for hours or days after downloading. And Apple, reasonably I think, wants developers to try harder to accommodate user's realities.
There's strict, and there's kafkaian. It's not as if the reason why a camera app would require the camera is pretty obscure, especially if neither the app nor the permission text changed that much between reviews.
Apple's process is correct here, in my opinion. They (rightfully) require that an app declare why it needs access to resources/data, and they verify (rightfully) that it is meaningful and does not use circular logic ("The camera will be used to take photographs"). Remember, this is not only for users, it is also for reviewers - to keep out apps that unnecessarily access things (that many users don't have the energy to think about, and will just tap "allow" in the permissions spam they will come to expect from every app if this policy was not enforced).
Given the enormous volume of app submissions and the large number of points each app must be reviewed on, it might be unrealistic to require that reviewers always use the full context of the app when reviewing each individual component - the person reviewing the message might not even know what the app is! And they shouldn't have to! The message should be self-explanatory. The app needs access to the camera because it is a photography app, not because it takes photos.
I applaud Apple's thoroughness on this topic. It's much better than the opposite problem, which is what plagues virtually 100% of other software platforms historically, and I'm disheartened for software as a whole that some people (especially HN users, who should be more thoughtful) can't see beyond the petty "it must be mindless Apple defenders" catch-all, or the "rejection reasons are sometimes non-specific" problem, (the latter of which I am assuming on good faith is a real problem, though I've never personally encountered it).
> the person reviewing the message might not even know what the app is!
Sorry, you have gone too far here. If the reviewer doesn't know what the app is, they aren't reviewing the app at all. Knowing that a photography app takes photographs is the absolute bare minimum of context that is required to even begin to meaningfully review it.
You're right, they're not reviewing the app, they're reviewing the rationale for access! Separation was the point of my suggestion. It is probably not even true in the first place - it was only a conjecture. But if they did do that, it would have ups and downs. I could see a rationale that intentionally separating certain review duties from the context of the app could actually help to enforce objectivity. I tend to agree that it would probably be more bad than good, though.
I'm totally on board with the idea that permission requests should include complete context, separated from any product description written in the App Store.
For example, there's the case where you download an app today, and don't get around to trying it for hours or days or longer. Curt "duh-style" permissions requests are user-hostile.
Apple insists that developers "try harder". In almost all cases, this is the right choice for the user.
Sometimes it's hilariously wrong, of course! There are humans in the review loop, and I've been on the wrong side of some epic ridiculousness. But on the whole, they're usually more frequently right than wrong. I'll take it.
I think for 30% of my revenue I'd expect reviewers to find the time to use the full context of the app. That may not be realistic for every app on the app store, but it is reasonable for apps with tens of thousands of reviews and hundreds of thousands (at least) in revenue.
Maybe if they were consistent... they had an update rejected, which implies that they've passed review before. Doesn't sound "thorough" to me. Plus, reviewers must be able to see the App Store page, right? Halide's has "camera app" and "photography" in the first paragraph of the description. (It literally has "camera" in the title. The icon is an aperture.)
I mean hell that's the root of the problem. It doesn't matter what context you provide or how obvious you make things, you're feeding your app to a black box that gives results seemingly at random. I haven't met a developer that hasn't failed review for arbitrary reasons, including me. Either give me clear guidelines and procedures to follow - and then follow them - or don't lock me out of doing my job.
First, to preface: Believe it or not, I am far from an Apple fanboy. I have never owned an iPhone, Apple Watch, Mac, or MacBook for personal use. I have owned one iPad, which I bought a few years ago. I also like the AirPods. I like (and dislike) a lot of things about Apple's DX, and I dislike (and like) a lot of things about their UX.
That said,
I agree, lack of consistency is frustrating. But there is a big caveat to that opinion. When I experience inconsistent rejection, it has always been due to things that are reasonable to not catch as a reviewer 100% of the time. But personally, I would rather they catch 75% of instances of a problem than give up and let them all through because the inconsistency is frustrating. Of course, I would really like them to get that number to 100%, but I acknowledge that a lot of this stuff is not easily captured at a 100% rate using a tester script, or automatic processing. The key here is of course that you agree with or understand the rule they are enforcing. This is probably where most of the disagreement actually lies, and not so much in the inconsistency. I happen to be the kind of "purist" who would rather things be stricter for developers. I want the UX to be as good as possible, and I want the APIs to continue to improve and to not burden/complicate the platform with a lot of backwards compatibility. This is the opposite of a lot of developers, and I totally understand the other side of that argument.
This is not to say that Apple review is not shitty sometimes. I just happen to think that the one or two biggest things developers complain about seem to not be as clear-cut as developers describe.
Look, I am no happytoexplain but I think your position comes from deep ignorance of how the App Review process works and how it is advertised. You've written a lot of words about how you think someone just gets given the prompt in a vacuum and is supposed to judge that, and then explain why that is actually a good thing. Let me tell you, that is absolutely now how Apple describes the review process. I gave you a short answer because quite frankly this is an easy thing to look up yourself, and I feel like you should have done so before posting your rationale.
They were probably looking for something like: 'The app needs camera permissions so _you_ can take photographs'. 'The camera will be used to take photographs' is not clear that the app might be taking extra photographs that you did not intend.
This rejection seems like a bureaucratization of the app store, which doesn't help with fraudulent applications, clones and other shenanigans. They should address the latter. Whoever is in charge of this process is utterly incompetent.
Hard to have sympathy for anyone choosing this path at this point, over a decade of stories like this and the “quality” of what Apple does let through tells you everything you need to know about their opinion and respect of software.
For the average user, ensuring that unwanted code does not run is the biggest possible feature for any device.
If you don't want that feature, don't buy the device! Or jailbreak it. Or compile your own code and load it.
It is not the 20%-30% of revenue that makes a better ecosystem, it's the vetting process for the software that makes it better. Every vetting process has errors, just as all software has bugs. The end goals of the process and the error rate of the process, and correction procedures of the process, are what makes a better software ecosystem.
Why should i compile or jailbreak. Its my own device, why not have a toggle to allow sideloading like android.
Your average user won't know or even bother to change since as you mentioned they don't want to run unwanted code. Rest of us can run anything on our devices.
> why not have a toggle to allow sideloading like android
Because then your grandmother will turn on that toggle as instructed by the fraud-center in South Asia, install a keylogger watching her banking activity when she sends you that $5 for your birthday, so they can drain that inheritance you were counting on.
See the article right here on HN about Python devs applying for jobs and being prompted to self-pown.
TL;DR:
There are more people susceptible to fraudulent instructions by bad actors than there are people qualified to evaluate consequences of running unvetted code.
A much more robust and free market approach to this would be a great review system and an actually open app store - this vetting process you describe is not at all "better" it incentivizes platforms to 1) kill competition (or any company who refuses to sell out to them during BD negotiations) and 2) encourage/turn a blind eye to the 1000s of currently available scam apps that try to lock people into subscriptions that cannot get cancelled etc.
Examples of both 1) and 2) are plenty, so I guess I just disagree that this vetting process helps anyone but the incumbent gatekeeper-taxers.
Edit to add: This was for an update, over half a decade after release, not the initial release, and nothing had changed in how it functioned in this regard in that time.
Edit 2: Typo + clarification