What is the difference between a Privacy Nutrition Label and a Privacy Manifest?

The Privacy Nutrition Label is the user-facing summary on the App Store, generated from your App Privacy answers in App Store Connect. A Privacy Manifest is a PrivacyInfo.xcprivacy file inside your binary or inside a third-party SDK that lists the data types collected, the reasons, and any required-reason API calls. Xcode merges all manifests into one report, which is what Apple uses to verify your declared label.

Can a third-party SDK like Firebase or Facebook break my Privacy Nutrition Label?

Yes, very easily. Apple treats data collected by integrated SDKs as data your app collects. If Firebase Analytics ships device identifiers and you marked Identifiers as Not Collected, the label is wrong even if your own code touches nothing. Apple publishes a list of SDKs that must ship a Privacy Manifest. Firebase, Facebook SDK, OneSignal, and the major Flutter and React Native plugins are all on it.

Does Guideline 5.1.2 only apply to lying on the label, or also to a missing privacy policy?

Guideline 5.1.2 covers data use and sharing without permission, including missing App Tracking Transparency prompts and incomplete third-party disclosures. The privacy policy requirement sits in Guideline 5.1.1, which requires a link in App Store Connect and a clear policy in the app. In practice many rejections cite 5.1.1 and 5.1.2 together because the policy, the label, and the binary all have to agree.

If my Privacy Nutrition Label is wrong, can I just update the answers in App Store Connect?

Yes for the label itself. Apple states you can update your answers in App Store Connect at any time without submitting a new build. The catch is that the label is supposed to match a real binary, so changing the answers without changing the underlying SDK behaviour usually only resets the clock until the next reviewer or external researcher looks at the build. Fix the data flow first, then update the answers.

Will the FTC come after me for a false privacy label, or only Apple?

Both layers exist. Apple can reject an update or pull the app under Guideline 5.1.2 and the Developer Program License Agreement. Independent of Apple, the U.S. Federal Trade Commission and state regulators can act on the same false statement as a deceptive trade practice, especially if the app is consumer-facing or handles health or financial data. The risk surface is wider than App Store Connect alone.

What happens if I lie on the App Store Privacy Nutrition Labels?

Name: PTKD
Availability: InStock

If you submitted an iOS build with an App Privacy answer set that does not match what your code actually does, you are looking at a small audit risk and a real long-term enforcement risk. The App Store Privacy Nutrition Label is not a marketing field. It is a sworn statement that Apple compares against your binary, your third-party SDKs, and any external complaint that reaches them. The penalties are concrete, even if the enforcement cadence is not.

Short answer

Apple states that you are responsible for keeping your App Privacy responses in App Store Connect accurate and up to date, per Apple's App Privacy Details documentation. If the disclosure is wrong, Apple has publicly committed to rejecting future updates, and in some cases removing the app from the App Store. A wrong label also exposes the developer to FTC enforcement under U.S. deceptive trade practice law, regardless of what Apple decides to do. The fix is to align the binary, the Privacy Manifest, and the App Store Connect answers before the next submission, not after.

What you should know

Apple's exact wording is binding, even when enforcement is uneven: "You're responsible for keeping your responses accurate and up to date" per App Privacy Details.
The Privacy Manifest is the compare-against file. Since Apple's third-party SDK requirements took effect, Xcode merges PrivacyInfo.xcprivacy files from your app and every listed SDK into one report submitted with the build.
Guideline 5.1.2 is the rejection code Apple uses when label, policy, and binary disagree, per the App Review Guidelines section on Data Use and Sharing.
Third-party SDK data counts as your data. Apple treats anything Firebase, Facebook SDK, OneSignal, or RevenueCat collects as collection by your app.
The label can be updated without a new build, but the underlying truth has to match. Changing answers without changing data flows resets the clock, not the risk.
Independent research has found widespread inaccuracy. A 2021 Washington Post review found more than half of sampled labels were inaccurate or misleading, which is partly why the Privacy Manifest requirement now exists.

How does Apple actually check whether my Privacy Nutrition Label is true?

The honest answer is that Apple uses three layers, and none of them is a full forensic analysis of every build. At submission time, App Review compares your App Privacy answers in App Store Connect against the Privacy Manifest report that Xcode produces from your binary and all included SDKs. The report aggregates every declared data type, every required-reason API call, and every tracking domain in one place. If you declared no identifiers but the merged manifest lists Facebook SDK's IDFA usage, the mismatch is visible to the reviewer with no extra tooling.

The second layer is update time. When you push a new build, Apple re-runs the same comparison. This is when most label rejections actually appear, because developers often add an analytics SDK between releases and forget to update the App Privacy answers. The reviewer reads the Manifest delta, flags the new data type, and rejects under Guideline 5.1.2 until the App Store Connect answers catch up.

The third layer is audit, triggered by user reports through the App Store complaint flow, by App Tracking Transparency violation reports, by press coverage, or by researcher tooling. Apple has stated that apps which fail to disclose privacy information accurately may have future updates rejected, or in some cases be removed. That language sits inside Apple's User Privacy and Data Use page and the App Privacy Details page, and it has been used to justify both quiet rejections and occasional public removals.

What rejection language should I expect for a false Privacy Nutrition Label?

The rejection almost always cites Guideline 5.1.2 (Data Use and Sharing), often paired with 5.1.1 (Privacy Policies) when the in-app policy text also disagrees. The reviewer's message names the specific data category they believe is collected but undeclared, such as Identifiers, Usage Data, or Diagnostics, and asks for an updated label or a justification.

The table below maps the most common mismatch patterns to the rejection language and the safer pattern that has cleared review in recent submissions.

Mismatch pattern	Typical rejection language	Safer pattern
Firebase Analytics included, Usage Data marked Not Collected	"Your app's privacy practices do not match the privacy information you provided in App Store Connect" under 5.1.2	Declare Usage Data and Identifiers for the Firebase categories, link Firebase as a third-party partner
Facebook SDK included, no Tracking declared	"We noticed that your app uses an SDK that includes tracking functionality" under 5.1.2	Declare Tracking, ship the App Tracking Transparency prompt, declare data types Facebook receives
RevenueCat or Stripe integrated, Purchases marked Not Collected	"Your label does not reflect the purchase data your app shares with a third-party partner"	Declare Purchases linked to identity for analytics, not linked when used only for receipt validation
OneSignal push tokens, Identifiers not declared	"User or device identifiers are collected but not declared" under 5.1.2	Declare Device ID under Identifiers, with App Functionality as the purpose, no Tracking
HealthKit read access, Health & Fitness marked Not Collected	"Health data appears to be collected and is not disclosed" under 5.1.2 and the HealthKit guidelines	Declare Health and Fitness data, link the privacy policy section that covers it

The pattern across all five rows is that the rejection is not about whether the underlying behaviour is acceptable. It is about whether the label agrees with the binary. Most teams could keep the same integrations and pass review with the correct answers selected.

What does the Privacy Manifest actually compare against my label?

A Privacy Manifest is a PrivacyInfo.xcprivacy file shipped inside an app bundle or an SDK. It declares which data categories the code collects, why the code uses each required-reason API (such as file timestamp APIs, UserDefaults, or system boot time), and which tracking domains the code contacts. Apple introduced the format at WWDC23, alongside SDK signatures, and it became enforced for the listed third-party SDKs through the third-party SDK requirements page.

The list of SDKs that must ship a Privacy Manifest is long, but the high-traffic entries are the ones most apps include: Firebase, Facebook SDK (FBSDKCoreKit, FBSDKLoginKit), OneSignal, Google Sign-In, Lottie, AFNetworking, Alamofire, the React Native runtime, the Flutter engine, geolocator_apple, and path_provider. If any of these are in your project, Xcode pulls in their Privacy Manifests automatically. When you archive and upload, Xcode generates a merged report. That report is the document Apple compares against your App Privacy answers.

In practice, this means a false Privacy Nutrition Label is no longer hard to detect. The reviewer does not have to inspect your code. They just open the merged manifest report and look at the rows. If a row says "Device ID collected by Firebase" and your label says "No identifiers collected," the case is made.

For builders who want an external automated read of their build before submission, PTKD.com is one of the platforms focused specifically on pre-submission scanning aligned with OWASP MASVS for no-code and vibe-coded apps, including a comparison between the declared App Privacy answers and the data flows that the binary actually shows. That kind of external check is one way to catch the Firebase or Facebook mismatch before App Review does.

What does Apple actually do if I lie on the label?

Apple's published consequence ladder, paraphrased from the App Privacy Details and User Privacy and Data Use pages, has four rungs.

The first rung is rejection of the current submission under Guideline 5.1.2, with a request to fix the App Privacy answers, the binary, or both. This is the most common outcome, and most teams clear it within one resubmission.

The second rung is rejection of future updates while the current build remains in the store. Apple frames this as: until the label is brought into compliance, no new version will be approved. The live app continues to sell, but bug fixes, security patches, and new features all stall. For a paid app or a subscription business, this is a meaningful penalty.

The third rung is removal from the App Store, used when the misstatement is severe, when the developer ignores requests to fix it, or when an external complaint forces Apple's hand. Apple's wording is that apps may be "removed from the App Store entirely if they don't come into compliance." Removal can be reversed, but the timeline is long.

The fourth rung, rarely cited but available, is termination of the developer account under Section 3.2(f) of the Developer Program License Agreement, which prohibits deceptive practices around the Program and the App Store. Termination is reserved for repeated or deliberate misstatement, but it is the legal hook Apple uses when the pattern crosses from carelessness into fraud.

None of these is automatic. The decision is human, taken by App Review and, for the higher rungs, by Apple's legal and policy teams. The point of the ladder is that the consequence depends on how the misstatement is framed: a one-off mistake usually stops at rung one, a deliberate omission caught in the press can jump to rung three.

Are there penalties outside Apple, beyond App Store rejection?

Yes, and they are often larger. The U.S. Federal Trade Commission treats a false privacy statement as a deceptive trade practice under Section 5 of the FTC Act, regardless of where the statement is published. A Privacy Nutrition Label that misstates data collection meets that definition. State attorneys general in California, New York, Texas, and others apply the same logic under state consumer protection statutes. In the European Union, a false declaration about data processing is a GDPR violation under Article 5(1)(a) on lawfulness, fairness, and transparency, with fines up to 4 percent of global turnover.

Independent research has documented how common false labels are. A 2021 Washington Post audit reviewed dozens of apps and found that more than half of the sampled Privacy Nutrition Labels were inaccurate or misleading, including labels claiming no data collection on apps that were sending device identifiers to Facebook and Google. That report and a follow-up from the Washington-based Tech Transparency Project were part of the pressure that led to the Privacy Manifest requirement, and they are the kind of external evidence that triggers an FTC or state-level inquiry. Apple is not the only audience for the label.

What to watch out for

The most common trap is the one most teams walk into. An SDK is added between releases, the analytics dashboard goes live, and the App Privacy answers stay frozen on the version completed at first submission. Twelve months later, the label still says "No Identifiers Collected" while Mixpanel and Firebase ship an active ID daily. A reviewer working an update may not flag it. A researcher who scans the binary will.

The second trap is the partner-disclosure gap. App Privacy treats data collected by integrated third-party SDKs as your collection. Many teams fill out their own code's behaviour honestly, then forget to add the categories that Facebook, RevenueCat, or OneSignal collect. The Privacy Manifest report will show those entries even if your own code does not.

The third trap is the "Data Not Linked to You" assumption. The label has two columns: data linked to identity and data not linked. "Not linked" requires that the data cannot be tied back to a user, even probabilistically. If your analytics SDK fingerprints device characteristics, the data is effectively linked, regardless of how your code stores it. Picking the looser column on a hunch is the most common reason a label is technically wrong.

A myth worth rejecting outright is the idea that Apple cannot tell when a label is false because the company has no way to inspect a binary. The Privacy Manifest report is exactly that inspection, generated automatically by Xcode at submission. The detection gap from 2021 is mostly closed on the iOS side. On the Android side, Google Play Data Safety uses a different mechanism with its own gaps, but Apple is no longer the easy target for a false label.

Key takeaways

Treat the App Privacy answers in App Store Connect as a binding declaration, not as a marketing field. Apple's stated penalty ladder runs from rejection of the current submission to removal from the store.
Run the Privacy Manifest merged report before submission so the integrated SDKs and your declared label agree. The report is the document App Review compares against, so seeing it first is the cheapest insurance.
Disclose third-party SDK collection as your own. Firebase, Facebook SDK, OneSignal, and RevenueCat all collect data Apple counts toward your label, even if your own code never reads it.
Update the label when behaviour changes, not only at first submission. App Store Connect lets you update answers without a new build, and Apple expects you to use that path.
For teams that prefer an external automated check, scanning the compiled IPA or APK against OWASP MASVS and against the declared label is a discipline some shops outsource to platforms like PTKD.com, alongside their own internal review.