Privacy Settings in iOS 10Jul 4, 2016 · 2 minute read
It has long been the case with iOS that if you want to access a user’s private data you need to first ask the user for permission. In iOS 10 Apple is extending the scope of these privacy controls by including access to the user’s music library as well as new in iOS 10 features such as Siri and Speech Recognition.
A significant change in iOS 10 is that you must declare ahead of time any access to private data or your App will crash. The fix is quick but easy to overlook if the usage is not a major feature of an App so here is your reminder if you are planning an iOS 10 migration.
Don’t Forget Your Purpose Strings
Once you link with iOS 10 you must declare access to any user private data types. You do this by adding a usage key to your app’s
Info.plist together with a purpose string. The list of frameworks that count as private data is a long one:
Contacts, Calendar, Reminders, Photos, Bluetooth Sharing, Microphone, Camera, Location, Health, HomeKit, Media Library, Motion, CallKit, Speech Recognition, SiriKit, TV Provider.
If you are using one of these frameworks and fail to declare the usage your app will crash when it first makes the access. The crash log helpfully tells you which key you are missing. For example, this is the result of accessing the camera without adding the key to
This app has crashed because it attempted to access privacy-sensitive data without a usage description. The app’s Info.plist must contain an NSCameraUsageDescription key with a string value explaining to the user how the app uses this data.
To avoid the crash we need to add the suggested key to ‘Info.plist’ (Xcode 8 already contains the full list of possible keys):
The system shows the purpose string when asking the user to allow access (so you may want to localize it):
Note that at the time of writing (iOS 10 Beta 1) I am not seeing consistent behaviour. For example, accessing location services without a purpose string did not seem to cause an App crash as it did with the camera. I would not rely on this though. The direction from Apple is clear. If you access private data declare your intentions up front or expect your App to crash.