Though Apple mentioned on the App Store Connect announcement page that the new European Union General Data Protection Regulation (GDPR) did not influence this policy change, the amendments appear to reflect GDPR requirements.
The GDPR is legislation drawn up to protect private personal data and started to be enforced on May 25, 2018. The law covers all organisations that do business in Europe or with European residents.
- There must be a list of third parties with whom the collected data is shared. The list should include advertising networks, analytics tools, and third-party SDKs if used
- The third parties are required to adhere to the new policy as well
- The app must provide users with access to data retention and deletion policies, including the information users need in case they want to revoke their consent or request the removal of their data.
The announcement about these changes was made just a few weeks prior to the yearly Apple iPhone announcements. Most likely, there will be other changes made to ensure compliance with GDPR.