Changes to Apple App Store bring Seasonal Good Cheer but also Data Privacy Challenges for SME App Developers

Over the next couple of months, Apple will be introducing some significant changes to its App Store that will affect its app developers, namely that:

  • It will be revamping its commission structure by slashing its commission rates for its smaller app developers (to encourage smaller businesses in a time of “unprecedented global economic challenge”); and
  • It will be strengthening its privacy requirements by requiring app developers to set out a detailed description (akin to that of a “food nutritional label”) on each app's product page.

With both of these topics in mind, what steps should app developers be considering in light of these changes? Commission Rate Changes (Effective from 1 January 2021)From 1 January 2021, app developers that earned $1m (£830,000) or less per year, from paid app sales and in-app purchases on the App Store, will be charged 15% commission (as opposed to Apple's standard rate of 30%). The lower rate will also apply to any new app developers entering the market, until such time as they reach the $1m threshold. This news is sure to be welcomed by many SME developers. New Privacy Rules (Effective from 8 December 2020) However, before any celebrations can begin in light of the reduced commission rate, it is important that app developers are focused on ensuring their compliance with Apple's new privacy requirements. These requirements will apply to all app developers (regardless of their revenue).The new privacy requirements came into force on 8 December 2020 and require developers to include a 'nutrition label' (i.e. a 'privacy label') on all new apps and any updates to their app(s).The new privacy label should set out a detailed summary as to what the app developer (i.e. the data controller) and its third party partners are doing with a user's personal data. It should, for example, include descriptions of what types of personal data are collected and handled (including how location data is managed).Apple currently requires app developers to include links to their long form privacy policies (a requirement which still remains under the new rules). However, Apple is acutely aware of the fact that the majority of its app users are unlikely to spend time reading the complex terms and conditions and policies. As such, the idea of a privacy label makes important information relating to a user's privacy much more accessible. The privacy changes proposed by Apple once again shine a light on the fact that transparency, accessibility and reputation in relation to data protection is crucial.

Practical Considerations

Here are some practical considerations for app developers to consider in light of these changes:

  • You will need to comply with Apple's new privacy rules (starting 8 December 2020) by providing users with a 'privacy label' whenever you upload a new app to the App Store, or update any of your existing apps. In order to do this, you need to fill out a questionnaire presented in App Store Connect;
  • You will need to know what types of data you and/or your third party partners collect via your app before answering the questions - “collect” refers to transmitting data off the device in a way that allows you and/or your third party partners to access it for a period longer than what is necessary to service the transmitted request in real time, and “third party partners” includes analytics tools, advertising networks, third-party SDKs, or other external vendors whose code you have added to your app. Apple will then generate a privacy label to be used;
  • Developers need to ensure that their answers to Apple's questionnaire match and align with what is set out in their long form privacy policy - any inconsistency could be considered as 'deceptive trade practice';
  • To do this, it would be sensible to have your operational teams and legal counsel review and complete the questionnaire together and review your long form privacy policy (as this will reduce the risk of any misalignment);
  • In addition to the requirement to understand the type of data that your third party partners collect, there is also a need to be clear on how your third party partners use such data;
  • Developers will also need to set out whether the location data they collect is course or precise; and
  • Finally, the good news, is that if your app earned $1m or less during 2020, Apple will only be charging 15% commission.

The Apple websites contains detailed information on the privacy changes, a link to which is here. Please get in contact with the GDPR and data team if you would like to discuss the above further.


The content of this page is a summary of the law in force at the date of publication and is not exhaustive, nor does it contain definitive advice. Specialist legal advice should be sought in relation to any queries that may arise.

Get in touch

Contact us today

Whatever your legal needs, our wide ranging expertise is here to support you and your business, so let’s start your legal journey today and get you in touch with the right lawyer to get you started.


Get in touch

For general enquiries, please complete this form and we will direct your message to the most appropriate person.