Today Apple once again updated the App Store Review Guidelines. It’s been 6 months since the last update, and the recent iOS 9.3 release added several new developer APIs; so this update was not unexpected.
Most significant is perhaps the new section 10.8 that states apps using background location services must provide a reason for doing so. What Apple considers a fair reason is not really clear although the HIG is mentioned.
Another significant addition is the new section 30 about the Apple Music API that was introduced in iOS 9.3. As described in the iOS 9.3 release note the new API allows 3rd party apps to add music to a user’s Apple Music library and play it.
The update did also include some minor additions mentioning new Apple products such as CareKit and Apple Music in various sections. Additions are highlighted in green below.
Apps using background location services must provide a reason that clarifies the purpose of the use, using mechanisms described in the Human Interface Guidelines
8. Content and Intellectual Property Rights
Apps that include the ability to save or download music or video content from third party sources (e.g. Apple Music, YouTube, SoundCloud, Vimeo, etc) without explicit authorization from those sources will be rejected
10. User interface
Apps displaying Activity rings may not modify the rings or the data they represent
11. Purchasing and currencies
Apps that use IAP to purchase access to built-in capabilities provided by iOS, watchOS, and tvOS, such as the camera or the gyroscope, or Apple-branded peripherals, such as Apple Pencil or Apple Keyboard, or Apple services, such as Apple Music access or iCloud storage, will be rejected
27. HealthKit, CareKit, and Human Subject Research
Apps using the HealthKit frameworkor CareKit frameworks or conducting human subject research for health purposes, such as through the use of ResearchKit, must comply with applicable law for each Territory in which the App is made available, as well as Sections 3.3.28 and 3.3.39 of the iOS Developer Program License Agreement
Apps that write false or inaccurate data into HealthKit or CareKit will be rejected
Apps may not use or disclose to third parties user data gathered from the HealthKit APIor CareKit APIs or from health-related human subject research for advertising or other use-based data mining purposes other than improving health, or for the purpose of health research
Apps that share user data acquired via the HealthKit APIor CareKit APIs with third parties without user consent will be rejected
Apps using the HealthKit frameworkor CareKit frameworks must indicate integration with the Health app in their marketing text and must clearly identify the HealthKit and CareKit functionality in the app’s user interface
30. Apple Music API
Apps using the Apple Music API that trigger playback without explicit user action will be rejected
Apps using the Apple Music API must expose and respect standard media controls such as “play,” pause,” and “skip”
Apps using the Apple Music API may not require payment or otherwise monetize access to the Apple Music service (eg. in-app purchase, advertising, requesting user info)