Hacker News new | past | comments | ask | show | jobs | submit login

Does Apple have any way to verify it’s actually a full delete, and do they do so?

There is public evidence that a lot of apps lie on their privacy labels and they seem to get away with it.




> Does Apple have any way to verify it’s actually a full delete, and do they do so?

The guidelines do state that it should be a full delete. In my experience, Apple has never checked or asked to verify if a user account was fully deleted on apps I've worked on, which involve PHI. It's been a part of HIPAA compliance for our apps since the beginning (and we do actually fat delete, FWIW). It's a relatively new requirement from Apple's end, though. The deadline was actually extended from January 31st 2022 to now June 30th 2022. Enforcement or stringency on Apple's part could change around then, but I don't see Apple having the resources or willpower to do much of an increase here.

Full guidelines are here: https://developer.apple.com/news/?id=i71db0mv


I assume Apple verifies everything on the phone is removed so no cookies left behind for next app or reinstall.


I thought we were talking about server-side account delete?


It’s both. I suspect most of their focus is on data retention; regardless of where it happens.

Most times, that’s usually a server, of some kind, but it could also be something like an iCloud data account, I guess; which would be a challenge, as the data could be in many places.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: