iOS 10 Now Requires User Permission to Access Media Library

by

Apple implemented privacy safeguards on iOS long ago so that when an app requests access to your contacts, calendars, photos, or location, a dialog box pops up asking for express user permission. On iOS 9 and previous software versions, however, that safeguard did not extend to a device's media library.

iOS_10_privacy_media_library
Apple developer Ben Dodson addressed the privacy concern in a blog post in January:

I discovered that there is no privacy prompt when a developer tries to access your library. In fact, they can access all of your music data […] This process happens completely silently and in my tests I was able to loop through a library of 10,000 songs, put all the metadata in a JSON file, and upload it to a server in under 2 seconds!

Apple acknowledged the issue earlier this year, and it has now introduced a new Cocoa key called NSAppleMusicUsageDescription that developers are required to use in all apps which access the media library on iOS 10 or later. This change ensures that users have to grant express permission for an app to access the music library.

NSAppleMusicUsageDescription (String - iOS). This key lets you describe the reason your app accesses the user’s media library. When the system prompts the user to allow access, the value that you provide for this key is displayed as part of the alert.

To protect user privacy, an iOS app linked on or after iOS 10.0, and which accesses the media library, must statically declare the intent to do so. Include the NSAppleMusicUsageDescription key in your app’s Info.plist file and provide a purpose string for this key. If your app attempts to access the media library without a corresponding purpose string, your app exits.

The new requirement will prevent third-party developers from being able to access a user's media library and send data on what's included back to a server without user-granted permission. This includes changes to the media library, which could have been analyzed for advertising or tracking purposes.

Apps that have requested access to your media library are listed in Settings > Privacy > Media Library.

Apple previewed iOS 10 on Monday during its WWDC 2016 keynote, and it has seeded the first beta to developers. A public beta will launch in July ahead of an official release in the fall. iOS 10 is compatible with most iOS 9 devices, excluding the iPhone 4s, iPad 2 and 3, original iPad mini, and fifth-generation iPod touch.

(Thanks, Steve Moser!)

Tag: Apple Music Guide
Related Forum: iOS 10

Popular Stories

iPhone SE 4 Vertical Camera Feature

iPhone SE 4 Rumored to Use Same Rear Chassis as iPhone 16

Friday July 19, 2024 7:16 am PDT by
Apple will adopt the same rear chassis manufacturing process for the iPhone SE 4 that it is using for the upcoming standard iPhone 16, claims a new rumor coming out of China. According to the Weibo-based leaker "Fixed Focus Digital," the backplate manufacturing process for the iPhone SE 4 is "exactly the same" as the standard model in Apple's upcoming iPhone 16 lineup, which is expected to...
Read Full Article136 comments
iPhone 16 Pro Sizes Feature

iPhone 16 Series Is Just Two Months Away: Everything We Know

Monday July 15, 2024 4:44 am PDT by
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Read Full Article129 comments
bsod

Crowdstrike Says Global IT Outage Impacting Windows PCs, But Mac and Linux Hosts Not Affected

Friday July 19, 2024 3:12 am PDT by
A widespread system failure is currently affecting numerous Windows devices globally, causing critical boot failures across various industries, including banks, rail networks, airlines, retailers, broadcasters, healthcare, and many more sectors. The issue, manifesting as a Blue Screen of Death (BSOD), is preventing computers from starting up properly and forcing them into continuous recovery...
Read Full Article493 comments
iphone 14 lineup

Cellebrite Unable to Unlock iPhones on iOS 17.4 or Later, Leak Reveals

Thursday July 18, 2024 4:18 am PDT by
Israel-based mobile forensics company Cellebrite is unable to unlock iPhones running iOS 17.4 or later, according to leaked documents verified by 404 Media. The documents provide a rare glimpse into the capabilities of the company's mobile forensics tools and highlight the ongoing security improvements in Apple's latest devices. The leaked "Cellebrite iOS Support Matrix" obtained by 404 Media...
Read Full Article66 comments
Apple Watch Series 9

2024 Apple Watch Lineup: Key Changes We're Expecting

Tuesday July 16, 2024 7:59 am PDT by
Apple is seemingly planning a rework of the Apple Watch lineup for 2024, according to a range of reports from over the past year. Here's everything we know so far. Apple is expected to continue to offer three different Apple Watch models in five casing sizes, but the various display sizes will allegedly grow by up to 12% and the casings will get taller. Based on all of the latest rumors,...
Read Full Article38 comments
tinypod apple watch

TinyPod Turns Your Apple Watch Into an iPod

Wednesday July 17, 2024 3:18 pm PDT by
If you have an old Apple Watch and you're not sure what to do with it, a new product called TinyPod might be the answer. Priced at $79, the TinyPod is a silicone case with a built-in scroll wheel that houses the Apple Watch chassis. When an Apple Watch is placed inside the TinyPod, the click wheel on the case is able to be used to scroll through the Apple Watch interface. The feature works...
Read Full Article133 comments

Top Rated Comments

dvkid Avatar
dvkid
106 months ago
Not being funny, but what kind of metadata is contained within/linked to a song that would bother me if it was uploaded to somebody elses server?
The most worrisome use for this was the ability to perform a comparison on someones music library and use it as sort of a digital fingerprint to track you across apps in the same way the UDID used to.

For example, if two different apps see the exact same music library on two devices they can reasonably assume that's the same person because of how many points of comparison the music library provides.
Score: 17 Votes (Like | Disagree)
canesalato Avatar
canesalato
106 months ago

=) good old times
Score: 4 Votes (Like | Disagree)
H2SO4 Avatar
H2SO4
106 months ago
Not being funny, but what kind of metadata is contained within/linked to a song that would bother me if it was uploaded to somebody elses server?
Score: 4 Votes (Like | Disagree)
keysofanxiety Avatar
keysofanxiety
106 months ago
Not being funny, but what kind of metadata is contained within/linked to a song that would bother me if it was uploaded to somebody elses server?
Good point. However that would also beg the question why they would need to do it in the first place. So whether or not it's malicious, it's good to know that they can't access it without prompting.
Score: 4 Votes (Like | Disagree)
T-Will Avatar
T-Will
106 months ago
I seriously love Apple's dedication to privacy.
Score: 2 Votes (Like | Disagree)
2457248 Avatar
2457248
106 months ago
good, but still, i believe the majority of people just allow everything on each app because they don't care/bother to read the prompts, and they aren't aware of how these privacy breach can possibly do harm.
Score: 2 Votes (Like | Disagree)
Read All Comments