Apple has tightened its App Review Guidelines with a clear directive: apps must clearly disclose when personal data will be shared with third-party AI services and obtain explicit permission before doing so. The update reinforces the company’s privacy stance as it prepares a major AI upgrade to Siri slated for 2026, which is expected to let the assistant take actions across apps and, according to reports, leverage Google’s Gemini technology behind the scenes.
Previously, Apple’s rule 5.1.2(i) already required apps to get user consent before using, transmitting, or sharing personal data, aligning the App Store with regulations like the EU’s GDPR and California’s CCPA. The revised language now specifically calls out AI companies, stating that developers must “clearly disclose where personal data will be shared with third parties, including with third-party AI, and obtain explicit permission before doing so.” Noncompliant apps can still face removal from the App Store.
This update matters for any app that uses AI systems to collect, process, or analyze user information for personalization, recommendations, or features. It’s also notable that Apple singled out AI providers, signaling greater scrutiny of how data flows through large language models and other machine learning tools. Enforcement details remain unclear, especially given that “AI” spans a wide range of technologies beyond LLMs.
Thursday’s guideline refresh includes several other changes as well. Apple added support for its new Mini Apps Program and adjusted rules affecting creator apps, loan apps, and more. Crypto exchanges also joined the list of services that operate in highly regulated fields, highlighting Apple’s continued focus on industries with strict compliance needs.
What developers should do now
– Map your data flows to identify any sharing with third-party AI services.
– Update in-app disclosures to explicitly name where and how personal data is shared with AI partners.
– Build clear, opt-in consent prompts and avoid sharing until explicit permission is granted.
– Offer easy ways for users to withdraw consent and delete associated data.
– Review third-party SDKs and AI vendors to ensure they align with your disclosures and user permissions.
– Refresh your privacy policy to reflect any AI-related data processing and retention practices.
What users can expect
– More transparent prompts before any personal data is shared with AI partners.
– Better control over how personal information is used across apps.
– Stronger alignment with global privacy standards on iPhone and iPad.
With a next-generation Siri on the horizon, Apple is drawing a firm line on AI data practices in the App Store. Developers that rely on AI features will need to tighten their disclosures and consent flows, while users should gain clearer choices and protections as AI-powered experiences expand across iOS.
