This looks really promising, hope all goes great! My only concern is reading that you do collect crash reports despite being privacy-focused. How much information is there to identify the picture/video taken or the device/person?
1. They're using the crash reports provided through App Store Connect. These are stack traces with no personally identifying information. You can enable/disable these under Settings > Privacy & Security > Share With App Developers.
2. They're using a third-party crash reporter. Under the covers these are often based on PLCrashReporter or KSCrash. A few such as Firebase (previously Crashlytics) implement their own exception handlers/stack unwinders. These are typically anonymized, but at this point it's the app (or the crash reporting SDK it includes) to decide exactly what to report. Most apps will try hard to avoid PII because that's easier than dealing with GDPR, CCPA, ATT disclosures, etc.
> As soon as the crash reports come in
This leads me to believe it's (1) since third-party crash reporters usually send in the crash reports as soon as the app has restarted, while Apple delays crash reports in App Store Connect. In which case the app itself isn't collecting anything: it's iOS and you choose to opt-in when you first setup the device.
Their privacy manifest shows that they do not collect any data. So they are either not using Firebase or similar for crash analytics, or their privacy manifest is inaccurate and should be reported.
We must specify that we're collecting diagnostics (apart from the ones Apple collects on our behalf for opt-in users) even if they aren't attached to PII or user identifiers. So if they're doing this honestly, it indicates they are relying on Apple's opt-in crash analytics exclusively.
In my experience at least 80-90% of users are NOT opted in to sharing usage analytics with Apple, so they won't receive most crash reports unless they're collecting them through an undisclosed backdoor.
js2|1 year ago
1. They're using the crash reports provided through App Store Connect. These are stack traces with no personally identifying information. You can enable/disable these under Settings > Privacy & Security > Share With App Developers.
2. They're using a third-party crash reporter. Under the covers these are often based on PLCrashReporter or KSCrash. A few such as Firebase (previously Crashlytics) implement their own exception handlers/stack unwinders. These are typically anonymized, but at this point it's the app (or the crash reporting SDK it includes) to decide exactly what to report. Most apps will try hard to avoid PII because that's easier than dealing with GDPR, CCPA, ATT disclosures, etc.
> As soon as the crash reports come in
This leads me to believe it's (1) since third-party crash reporters usually send in the crash reports as soon as the app has restarted, while Apple delays crash reports in App Store Connect. In which case the app itself isn't collecting anything: it's iOS and you choose to opt-in when you first setup the device.
sandofsky|1 year ago
wahnfrieden|1 year ago
We must specify that we're collecting diagnostics (apart from the ones Apple collects on our behalf for opt-in users) even if they aren't attached to PII or user identifiers. So if they're doing this honestly, it indicates they are relying on Apple's opt-in crash analytics exclusively.
In my experience at least 80-90% of users are NOT opted in to sharing usage analytics with Apple, so they won't receive most crash reports unless they're collecting them through an undisclosed backdoor.