April 19, 2016
New Apple Music API section, CareKit and other updates
Today Apple once again updated the App Store Review Guidelines. It’s been 6 months since the last update, and the recent iOS 9.3 release added several new developer APIs; so this update was not unexpected.
Most significant is perhaps the new section 10.8 that states apps using background location services must provide a reason for doing so. What Apple considers a fair reason is not really clear although the HIG is mentioned.
Another significant addition is the new section 30 about the Apple Music API that was introduced in iOS 9.3. As described in the iOS 9.3 release note the new API allows 3rd party apps to add music to a user’s Apple Music library and play it.
The update did also include some minor additions mentioning new Apple products such as CareKit and Apple Music in various sections. Additions are highlighted in green below.
4. Location
-
4.5
Apps using background location services must provide a reason that clarifies the purpose of the use, using mechanisms described in the Human Interface Guidelines
8. Content and Intellectual Property Rights
-
8.6
Apps that include the ability to save or download music or video content from third party sources (e.g. Apple Music, YouTube, SoundCloud, Vimeo, etc) without explicit authorization from those sources will be rejected
10. User interface
-
10.8
Apps displaying Activity rings may not modify the rings or the data they represent
11. Purchasing and currencies
-
11.8
Apps that use IAP to purchase access to built-in capabilities provided by iOS, watchOS, and tvOS, such as the camera or the gyroscope, or Apple-branded peripherals, such as Apple Pencil or Apple Keyboard, or Apple services, such as Apple Music access or iCloud storage, will be rejected
25. Extensions
-
25.7
Apps offering Keyboard extensions must provide keyboard functionality (e.g. typed characters), have a primary category of Utilities and a privacy policy or they will be rejected
27. HealthKit, CareKit, and Human Subject Research
-
27.1
Apps using the HealthKit frameworkor CareKit frameworks or conducting human subject research for health purposes, such as through the use of ResearchKit, must comply with applicable law for each Territory in which the App is made available, as well as Sections 3.3.28 and 3.3.39 of the iOS Developer Program License Agreement
-
27.2
Apps that write false or inaccurate data into HealthKit or CareKit will be rejected
-
27.4
Apps may not use or disclose to third parties user data gathered from the HealthKit APIor CareKit APIs or from health-related human subject research for advertising or other use-based data mining purposes other than improving health, or for the purpose of health research
-
27.5
Apps that share user data acquired via the HealthKit APIor CareKit APIs with third parties without user consent will be rejected
-
27.6
Apps using the HealthKit frameworkor CareKit frameworks must indicate integration with the Health app in their marketing text and must clearly identify the HealthKit and CareKit functionality in the app’s user interface
-
27.7
Apps using the HealthKit frameworkor CareKit frameworks or conducting human subject research must provide a privacy policy or they will be rejected
30. Apple Music API
-
30.1
Apps using the Apple Music API that trigger playback without explicit user action will be rejected
-
30.2
Apps using the Apple Music API must expose and respect standard media controls such as “play,” pause,” and “skip”
-
30.3
Apps using the Apple Music API may not require payment or otherwise monetize access to the Apple Music service (eg. in-app purchase, advertising, requesting user info)