Apple Sets Privacy Rules for Third-Party Access to Live Activities and Notifications - MacRumorsOpen MenuShow RoundupsShow Forums menuVisit ForumsOpen Sidebar
Skip to Content

Apple Sets Privacy Rules for Third-Party Access to Live Activities and Notifications

by

As part of its interoperability compliance in the EU, Apple has been working on changes to iOS that allow AirPods-like pairing and notification forwarding for third-party wearables on iPhone. In the iOS 26.5 beta released on Monday, Apple added Live Activities forwarding, and the company has now revised its Developer Program License Agreement with new rules on how the forwarding features should be accessed.

apple lock security bug vulnerability fix privacy
In a new section titled "3.3.3 (J), Accessory Notifications Framework and Accessory Live Activities Framework," Apple says that third parties "may not use Forwarding Information for advertising, profiling, training models, or monitoring location." It also states that they "may not disseminate the Forwarding Information to any other Application, or any other device besides Your Authorized Target Accessory."

The new section goes on to state that developers can't store forwarded notification data on servers, in the cloud, or on any remote device, and the data can only be decrypted on the accessory itself, not on a server or anywhere else along the way.

Besides formatting adjustments, the forwarded information can't be altered in any way that changes its meaning, while the accessory that receives the notification can't share that data or its encryption keys with any other device, including the user's own iPhone. In other words, the data must be locked to the device it was sent to.

Even if a developer's app doesn't use these frameworks at all, Apple says it reserves the right to forward that app's notifications to a third-party accessory if the user enables it.

Last September, Apple complained that its obligations under the EU's Digital Markets Act (DMA) would cause feature rollout delays in the bloc, but it also warned of new privacy and security threats. Apple based these threats on companies' submitted requests, which included the complete content of a user's notifications, as well as the full history of Wi-Fi networks a user has joined.

Apple said it had explained the risks of such requests to the European Commission, but the concerns had not been accepted as valid reasons to turn them down. The new developer rules appear to be Apple's best effort to mitigate the risks regardless.

Taken together, they make it clear that Apple wants no tracking, no profiling, no cloud copies, and no sharing between devices, with developers bearing full responsibility for their app's compliance with the new rules.

Tag: European Union

Top Rated Comments

Rafagon Avatar
Rafagon
22 hours ago at 07:31 am
No wonder Apple is so behind on the promised AI upgrades to Siri. They're busy catering to all the EU's ********.
Score: 4 Votes (Like | Disagree)
J
jimscard
18 hours ago at 10:58 am

No wonder Apple is so behind on the promised AI upgrades to Siri. They're busy catering to all the EU's ********.
I've been saying that for a long time -- Apple can't say it outloud, but you know that the EU has randomly added about 20% in additional scope to iOS/iPadOS 18 and 26 with all their demands. That has to come from somewhere - not to mention that addressing their demands, especially alternative marketplaces also added whole new attack trees and tons of attack surface, since the mitigations provided by app store review can't be assumed there.
Score: 2 Votes (Like | Disagree)
G
gregmancuso
1 day ago at 05:18 am
This will never fly. The EU won't be able to help them selves and will have to slap Apple on trying to be the adult in the room. How on earth could they allow Apple to implement a feature that responsibly allows for increased interoperability while maintaining privacy and security. But at the expense enforcing basic adult responsibilities on those consumers, "such as not stealing user data" and "you, mr. 3rd-party, are responsible for compliance".

/s, obviously
Score: 2 Votes (Like | Disagree)
S
svish
16 hours ago at 01:32 pm
Good to know. Looks like privacy will still be maintained while these changes are implemented.
Score: 1 Votes (Like | Disagree)
J
jimscard
18 hours ago at 10:56 am

As part of its interoperability compliance ('https://www.macrumors.com/2025/12/22/ios-26-3-dma-airpods-pairing/') in the EU, Apple has been working on changes to iOS that allow AirPods-like pairing and notification forwarding for third-party wearables on iPhone. In the iOS 26.5 beta released on Monday, Apple added Live Activities forwarding ('https://developer.apple.com/documentation/AccessoryLiveActivities'), and the company has now revised its Developer Program License Agreement ('https://developer.apple.com/support/terms/apple-developer-program-license-agreement/') with new rules on how the forwarding features should be accessed.



In a new section titled "3.3.3 (J), Accessory Notifications Framework and Accessory Live Activities Framework," Apple says that third parties "may not use Forwarding Information for advertising, profiling, training models, or monitoring location." It also states that they "may not disseminate the Forwarding Information to any other Application, or any other device besides Your Authorized Target Accessory."

The new section goes on to state that developers can't store forwarded notification data on servers, in the cloud, or on any remote device, and the data can only be decrypted on the accessory itself, not on a server or anywhere else along the way.

Besides formatting adjustments, the forwarded information can't be altered in any way that changes its meaning, while the accessory that receives the notification can't share that data or its encryption keys with any other device, including the user's own iPhone. In other words, the data must be locked to the device it was sent to.

Even if a developer's app doesn't use these frameworks at all, Apple says it reserves the right to forward that app's notifications to a third-party accessory if the user enables it.

Last September, Apple complained ('https://www.apple.com/newsroom/2025/09/the-digital-markets-acts-impacts-on-eu-users/') that its obligations under the EU's Digital Markets Act (DMA) would cause feature rollout delays in the bloc, but it also warned of new privacy and security threats. Apple based these threats on companies' submitted requests, which included the complete content of a user's notifications, as well as the full history of Wi-Fi networks a user has joined.

Apple said it had explained the risks of such requests to the European Commission, but the concerns had not been accepted as valid reasons to turn them down. The new developer rules appear to be Apple's best effort to mitigate the risks regardless.

Taken together, they make it clear that Apple wants no tracking, no profiling, no cloud copies, and no sharing between devices, with developers bearing full responsibility for their app's compliance with the new rules.

Article Link: Apple Sets Privacy Rules for Third-Party Access to Live Activities and Notifications ('https://www.macrumors.com/2026/03/31/apple-sets-privacy-rules-live-activities-alerts/')
At least Apple is protecting users' privacyt when their own governments refuse to..
Score: 1 Votes (Like | Disagree)
S
steviewondercansee
1 day ago at 05:29 am
Nobody wants this. It's so stupid.
Score: 1 Votes (Like | Disagree)
Read All Comments
Related Apple News: Iphone | Iphone | Ipad | Travel | Local News