Senior Content Marketing Manager II
February 18, 2022•7 min read
In 2021, Apple updated its App Store Review Guidelines, stating that apps allowing for account creation must also allow users to delete their accounts from within the app.
The original deadline for in-app account deletion was January 31, 2022, but Apple has extended the deadline to June 30, 2022. Despite that extension, the requirement itself remains unchanged.
“If your app doesn’t include significant account-based features, let people use it without a login. If your app supports account creation, you must also offer account deletion within the app.” - Apple App Store Review Guidelines
Unlike most regulatory regimes which allow companies to use manual processes (like forcing consumers to send a deletion request via email), Apple’s new requirement puts the onus on developers.
In the deadline extension announcement, Apple included additional guidelines outlining what developers should consider when building their in-app account deletion functionality, stating:
Apple’s original memo on the policy change also reminds app owners to use this deadline to ensure that in-app privacy policies clearly explain, “what data your app collects, how it collects that data, all uses of that data, your data retention/deletion policies, and more…”
The new deadline for the in-app deletion requirement is June 30, 2022, and with only a few months left before the deadline, many popular iOS apps still don’t have the required functionality.
Before the deadline, many iOS questioned whether or not the requirement would be enforced. But in the months since the mandate went into effect, it's become clear that Apple has started rejecting apps that aren't in compliance.
In one viral TikTok video, an entrepreneur shared that his app had been rejected from the iOS App Store and walked viewers through his approach to adding an in-app deletion feature.
There has also been a significant traffic increase for the search query: we noticed that your app supports account creation but does not include an option to initiate account deletion. This indicates that app rejection isn't limited to a few offenders, Apple is rejecting apps en masse when they don't meet the deletion requirement.
If your organization relies on in-app traffic and associated revenue, don't risk a roadblock when their app’s next update is up for review. If you don't offer account deletion in your iOS app, it's time to put your mobile development and engineering teams to work.
Their workflow will depend on what, if any, deletion workflows already exist in your app.
If your app doesn’t require account creation, this update is no cause for concern. However, if your app does require account creation, you must ensure users can complete full account deletion from within the app.
This emphasis on an end-to-end in-app mechanism represents another shift from the original guidance, in which Apple stated that:
“…all apps that allow for account creation must also allow users to initiate deletion of their account from within the app.” (our emphasis added)
This statement led to speculation that, if developers provided a way to initiate account deletion within the app, they wouldn’t necessarily need to provide a mechanism for full deletion. However, it’s since been made clear that the focus must be on building out a full in-app account deletion flow.
Apple also noted in it’s original guidance that for those apps requiring account creation, developers should take a data minimization approach and evaluate if a login is even necessary. For some, removing account creation functionality could be the best option.
Alternatively, if you’re using a privacy infrastructure platform like Transcend that encodes and automates this process throughout your tech stack, you’re in a strong position already.
For those who don’t have an automated in-app account deletion workflow in place, the work needs to start now.
Under the original guidance, where it seemed like deletion initiation may be enough, manual workflows could have been an effective stop gap measure–a user initiates deletion within the app and then an internal team manually fulfills the request.
However, with the latest clarification, it’s clear that manual workflows are incompatible with an end-to-end in-app deletion process.
There’s some conjecture as to whether Apple’s guidance refers to merely automating account deletion to your main authentication/user database, or to the complete deletion of an account holder’s personal data i.e. closer to how GDPR and CCPA define deletion.
Our recommendation is to choose the latter path for two reasons. For one, it ensures you’re building for the widest possible compliance scenario. Remember, outside GDPR and CCPA, there are over 15 state privacy laws being considered in 2022, with three (California, Colorado, and Virginia) coming into full force in 2023.
More importantly, it shows respect for your user’s data agency. At the end of the day, it’s reasonable for your account holders to expect that when they hit delete, they mean delete — and a marketing email the next day could very well destroy any hope of a user returning in the future.
If you have programmatic deletion workflows already in place, that don’t involve humans completing manual steps, you’re more than halfway there in terms of complying with Apple’s requirement. Your attention then turns to integrating that flow into your in-app surface.
You’ll want to expose an interface that allows your account holders to prove their identity and tap a button or link to initiate their account deletion within your application. Your UX/UI teammates will be able to assist in terms of placement within existing navigation, but the path of least resistance would be to embed the interface you’ve already built in your web application for this same purpose.
When redirecting the user from within your mobile app to such a web view, you will likely want to maintain the session between the mobile app and the web browser. One way to do this would be to use a JWT (JSON Web Token) magic link.
Once the user is logged in on your mobile app, your backend can sign a short-lived JWT that attests to the user’s authenticated session and serve up that JWT to the iOS client.
Going a level deeper, your deletion button or link that initiates account deletion could be implemented as a simple redirect to your web client (for example, to redirect to https://my.company.website.com/account-deletion#JWT). Your browser could then parse out the JWT from the hash URL parameter, verify that it was signed by your backend, and if so, automatically log that user into the web client where they can initiate the account deletion.
Once the deletion is triggered, your chosen workflows can then go to work actioning the deletion across your internal databases and other connected data systems, with a confirmation of deletion sent to the user most likely via email once the job is automatically completed.
Watch out! With a likely increase in deletion request traffic, if you haven’t already enabled in-app deletion, use this moment to make sure your current workflow is checking these two boxes:
If you don’t have a large or established privacy engineering team or are looking for a more efficient approach to privacy code development, then it makes sense to find an engineered data privacy infrastructure partner like Transcend.
We can handle your privacy request fulfillment needs, from iOS in-app account deletion to GDPR compliance, and get you technically ready for any new laws on the horizon — all built on a robust security architecture.
In the case of this specific requirement, a new customer could get set up using our prebuilt workflows and connections and be in a place to hand a link off to your mobile developers in just a couple of hours. This would ensure that when a user submits a deletion request, you’ll be fulfilling their request across your core user database.
Once connected to your app, your users can then securely authenticate as described above, and Transcend can delete data across your data systems via webhook or other integration methods.
It’s very likely that Apple’s requirements will continue to strengthen - evolving from initiating deletion to requiring personal data visibility within an app where an account is created.
With Transcend, you’ll be well equipped to handle any permutations or evolution of the app guidelines here. And it goes beyond app-based deletion.
Partnering with a data privacy infrastructure partner like Transcend means when it comes time to comply with the trio of new U.S. privacy laws in California and Virginia on January 1, 2023, and Colorado on July 1, 2023, you’ll already have a platform in place to seamlessly comply.
Any app in the iOS App Store that offers account creation must provide a way for users to complete account deletion from within the app itself. The technical implications of this change depend on the data deletion workflows you have in place.
Apple’s update is part of a broader change driven by modern privacy laws, and implementing infrastructure to automate data orchestration and deletion will put organizations in a strong position for future data rights compliance.
Transcend is the privacy platform that makes it easy to encode privacy across your tech stack.
Our technology moves companies into the future of data privacy with freed-up resources, enhanced regulatory stances for the laws of today and tomorrow, and stronger relationships with their customers through respectful and compliant data transparency, consent, and control.
Transcend Privacy Requests orchestrates all user information from a company’s databases, SaaS tools, and applications in one powerful system. Plus, their users are confident their preferences are seen, understood, and valued.
Transcend Consent peels away technical complexity and makes user consent all about open and honest communication — the foundation of every healthy relationship. This lightweight bundle goes beyond cookies to ensure nothing is tracked without user consent, plus saves time and resources on configuration, all without sacrificing site performance or UX.
Transcend Data Mapping keeps tabs on all data records, owners, and systems changes, and includes actionable privacy governance like fulfilling privacy requests and auto-generating Records of Processing Activities (ROPA).
Offering account deletion in your app
Deadline for in-app purchase and account deletion requirements extended
Account Deletion within Apps Required Starting January 31
Apple Is Making It Easier to Delete Accounts Attached to Third-Party Apps
Senior Content Marketing Manager II