During its WWDC 2021 event, Apple made several policy changes to the App Store, adjusting rules for everything from bounty hunting to whether or not Roblox is a game. Now, with the WWDC 2022 event set to begin on June 6th, Apple is reminding developers that it is ready to flip the switch on some policy updates that were previously delayed.
Two App Store rule changes that Apple is ratifying will take effect June 30: a requirement that apps offering paid online group services use their own in-app payment system, and a requirement mandating that developers Offer easy account deletion (including stored personal data) within any app that allows users to create an account.
The policy regarding online group services (such as classes and events) was not part of the WWDC 2021 set of changes – it actually preceded that, but Apple has delayed implementing it three times. The first delay came in 2020 when Facebook complained that it would unfairly affect vulnerable small businesses, then another delay occurred in the spring of 2021. This was finally set to take effect last January, along with a policy of allowing users to delete accounts. within an app.
But on January 22, Apple extended the deadline for both changes by a few more months to June 30, saying it would give developers more time to update their apps, and that we expect to see longer delays. Not that Apple has sent a reminder. There is a note about the need to delete an account, which you can read about below, but both policies are mentioned on the Upcoming Changes for Developers page.
Apple account deletion requirements:
It should be easy to find the option to delete the account in your app.
If your app offers Sign In with Apple, you will need to use the Sign In with Apple REST API to revoke the user token when deleting the account.
It is not enough just to provide the ability to temporarily disable or deactivate an account. People should be able to delete the account along with their personal data.
Apps in highly-regulated industries may provide additional customer service flows to confirm and facilitate the account deletion process.
Comply with applicable legal requirements for storing and maintaining user account information, and for handling account deletion. This includes complying with local laws in different countries or regions. As always, contact your legal advisor.