Children's app was rejected on the App Store, reporting Guideline 1.3 - Safety - Kids Category.

YangChenDong9213 commented 2 days ago

Description

Our Children's app only has a React Native framework and JavaScript code. It was rejected in the App Store review, with the report showing Guideline 1.3 - Safety - Kids Category. Could the React Native framework be using the App Tracking Transparency framework?Below is the content of the report from the App Store review team: Guideline 1.3 - Safety - Kids Category

We noticed that your Kids Category app includes analytics, advertising and collects, transmits, or has the ability to share personal information or device information with third parties. Specifically:

Your app implements the App Tracking Transparency framework, which is used when apps collect data about users and share it with third-parties for tracking purposes. Since Kids Category apps are not allowed to collect, transmit or share identifiable information with third-parties, you should not implement App Tracking Transparency in your app.

Next Steps

To resolve this issue, please remove this functionality or revise your app so that no personally identifiable information or device information is sent to third parties.

Resources

Learn more about our policies for Kids Category apps in App Review Guideline 1.3.

https://developer.apple.com/app-store/review/guidelines/#kids-category/

Steps to reproduce

None

React Native Version

0.75.4

Affected Platforms

Runtime - iOS

Output of `npx react-native info`

info Fetching system and libraries information...
System:
  OS: macOS 14.5
  CPU: (8) arm64 Apple M2
  Memory: 122.25 MB / 16.00 GB
  Shell:
    version: "5.9"
    path: /bin/zsh
Binaries:
  Node:
    version: 18.20.4
    path: /opt/homebrew/bin/node
  Yarn:
    version: 1.22.19
    path: /opt/homebrew/bin/yarn
  npm:
    version: 10.7.0
    path: /opt/homebrew/bin/npm
  Watchman: Not Found
Managers:
  CocoaPods:
    version: 1.15.2
    path: /Users/simper/.rvm/gems/ruby-2.7.7/bin/pod
SDKs:
  iOS SDK:
    Platforms:
      - DriverKit 23.4
      - iOS 17.4
      - macOS 14.4
      - tvOS 17.4
      - visionOS 1.1
      - watchOS 10.4
  Android SDK: Not Found
IDEs:
  Android Studio: 2022.3 AI-223.8836.35.2231.11005911
  Xcode:
    version: 15.3/15E204a
    path: /usr/bin/xcodebuild
Languages:
  Java:
    version: 11.0.18
    path: /usr/bin/javac
  Ruby:
    version: 2.7.7
    path: /Users/simper/.rvm/rubies/ruby-2.7.7/bin/ruby
npmPackages:
  "@react-native-community/cli": Not Found
  react:
    installed: 18.3.1
    wanted: 18.3.1
  react-native:
    installed: 0.75.4
    wanted: 0.75.4
  react-native-macos: Not Found
npmGlobalPackages:
  "*react-native*": Not Found
Android:
  hermesEnabled: true
  newArchEnabled: false
iOS:
  hermesEnabled: true
  newArchEnabled: false

info React Native v0.76.0 is now available (your project is running on v0.75.4).
info Changelog: https://github.com/facebook/react-native/releases/tag/v0.76.0
info Diff: https://react-native-community.github.io/upgrade-helper/?from=0.75.4&to=0.76.0
info For more info, check out "https://reactnative.dev/docs/upgrading?os=macos".

Stacktrace or Logs

None

Reproducer

None

Screenshots and Videos

react-native-bot commented 2 days ago

:warning:	Missing Reproducible Example
:information_source:	We could not detect a reproducible example in your issue report. Please provide either: If your bug is UI related: a Snack If your bug is build/update related: use our Reproducer Template. A reproducer needs to be in a GitHub repository under your username.

react-native-bot commented 2 days ago

:warning:	Missing Reproducible Example
:information_source:	We could not detect a reproducible example in your issue report. Please provide either: If your bug is UI related: a Snack If your bug is build/update related: use our Reproducer Template

iamvirul commented 2 days ago

App Store rejection of your children’s app due to Guideline 1.3 may stem from the app inadvertently using or referencing the App Tracking Transparency (ATT) framework. This framework is generally used to ask users for permission to track their data across apps and websites, which is typically not allowed for apps in the Kids Category due to stricter privacy requirements.

In a React Native app, ATT would not be enabled by default, but certain third-party libraries (especially those for analytics, ads, or in-app purchases) might be pulling it in indirectly. Here’s a checklist to help troubleshoot and potentially resolve this:

Check Dependencies: Review your package.json file for libraries related to analytics, ads, or in-app purchases. Common ones include Firebase Analytics, AdMob, or similar services, which could trigger ATT indirectly.
Examine Native Code (if any): Check both your AppDelegate.m (iOS) and Podfile for any mention of AppTrackingTransparency. Even if not explicitly implemented in JavaScript, ATT can sometimes be included if native code dependencies require it.
Remove or Replace Tracking-Related Libraries: If ATT is brought in by a specific library, try replacing it with one that complies with Apple’s Kids Category guidelines or does not require ATT.
Disable Automatic Tracking and Data Sharing: For libraries like Firebase, set tracking and data sharing options to a minimum and avoid collecting identifiable information. You may also need to consult the documentation of these libraries to disable ATT-related calls explicitly.
Update the App Store Submission: Once you make these changes, mention in your App Store submission notes that your app does not collect any personally identifiable information, does not implement ATT, and complies with all Kids Category requirements.

By making these adjustments, you should align the app’s privacy and tracking setup with Apple’s requirements for the Kids Category, which should help you pass the review.

cipolleschi commented 1 day ago

Hi @YangChenDong9213, I'm sorry to hear about the rejection.

React Native is not using the App Tracking Transparency framework. Following the Apple official doc page: https://developer.apple.com/documentation/apptrackingtransparency?language=objc

I looked for:

presence of NSUserTrackingUsageDescription => we don't have any in React Native nor in the template
usage of requestTrackingAuthorizationWithCompletionHandler: method => we don't have any in React Native nor in the template.

I'm a bit puzzled by this rejection, because you are showing us that you don't have any dependency that might make use of it. Also, the "privacy tracking enabled" in the PrivacyInfo.plist file is set to NO, so it is definitely turned off.

I can see that you have 2 PrivacyInfo.plist file, though. Can you:

check that both have the same content, and
remove one of the two from Xcode?

I believe that this duplication might tilt Apple static analysis tools, and their failure is reported like this.

Let me know how it goes!

YangChenDong9213 commented 1 day ago

Hi @cipolleschi, Thank you very much for your thorough response. I appreciate your time in helping me troubleshoot this issue. I checked the two PrivacyInfo.plist files, and it turns out they are indeed duplicates of the same file, likely due to an Xcode bug.

facebook / react-native