managing-mobile-app-consent
Installation
SKILL.md
Managing Mobile App Consent
Overview
Mobile applications present unique consent challenges: platform-level permission systems (Apple ATT, Android runtime permissions), advertising identifiers (IDFA/GAID), SDK-level data collection by third-party libraries, and limited screen real estate for consent interfaces. Compliance requires coordination between GDPR/ePrivacy requirements and platform-specific privacy frameworks.
Apple App Tracking Transparency (ATT) Framework
Requirements (iOS 14.5+, enforced April 2021)
Apple's ATT framework requires apps to request user permission before tracking across apps and websites owned by other companies. Key aspects:
- NSUserTrackingUsageDescription: Apps must include a purpose string in Info.plist explaining why tracking is needed.
- ATTrackingManager.requestTrackingAuthorization(): Must be called before accessing IDFA or performing tracking.
- IDFA Access: The Identifier for Advertisers (IDFA) returns all zeros unless the user grants ATT permission.
- Tracking Definition: Apple defines "tracking" as linking user/device data from your app with data from other companies' apps/websites for advertising or sharing with data brokers.