Mastodawn

@stroughtonsmith I’d love to think this through. What would it look like? (Did you have suggestions in the radar?) Just what the app accesses at runtime? Or maybe including server side handling of user-provided data?AI tools in code writing? (debugging?) Sentiment analysis of AppStore reviews?

It feels like it could be valuable to people, but I’m having trouble distilling the fields. With Xcode adding code assistants, and on-device AI used by Apple frameworks, it feels easy to get tripped up.

@stroughtonsmith similar things have been true with the privacy labels if you use third party frameworks, so that isn’t new, but this one would touch much more on Apple-provided tools, and things that may occur far from the developer. I can say “the app doesn’t collect information” with some certainty, but a label like “will never use collected information in creepy ways” would be much harder to work with. Thinking through an AI label feels more often like the latter.

@cocoaphony Apple's nutrition labels aren't statically analyzed, they are effectively a mission statement, a promise, from the developer

@cocoaphony I gave these potential examples which kinda follow the privacy questionnaire

@stroughtonsmith if the assets were ever touched by Photoshop, I’d feel uncomfortable asserting that no AI was ever involved. If I used any open source library, I’d feel really uncomfortable asserting that there was no AI-generated code in the product. If those shouldn’t to be flagged, I’d want a lot of text explaining what I should and shouldn’t consider “AI” for this.

Back to the idea that I can definitely say I don’t collect your name, and can (and intend to) fix it if I accidentally do.

@cocoaphony I think you're overthinking it. It's a statement of intent. Did you intentionally use any of these things, yes or no. Just like the privacy stuff. You can't audit your entire supply chain, nor does it make sense to do so. If you're on the fence, then you say 'yes'

@stroughtonsmith OK; I'd want that to be clear. Because that absolutely is not how several teams I've been on treat privacy labels. We perform audits and consult lawyers about them. ("Audit your entire supply chain" used to be my entire job when I worked in InfoSec.)

IMO, "a statement of intent" isn't really useful as a formal privacy label. If that's the goal, I'd just make your statement of intent (which I think would be a fine thing to do). More like "all natural" or maybe "organic."

@cocoaphony and for sure, I think the answer there is very different for a large corporation and an indie developer

@stroughtonsmith Absolutely, but we use the same labels. Which is why I think a better approach would be along the lines of "certified organic" where indy devs (not just iPhone-related) band together to certify things outside of Apple. Or even something lighter, like a standardized statement of intent that indies would attest to. But once Apple does it, it has to be something lawyers could reasonably sign-off on, or even the most well-intentioned team is stuck, and it undermines the label.

@cocoaphony the privacy label is mandatory, but I think the accessibility label is optional. Perhaps the AI one should be optional too. It's as much marketing as it is anything

@stroughtonsmith I've been on big-company teams who have successfully used "it will improve our privacy label" to drive privacy improvements in the apps. Big companies are not monolithic data-vacuums, and the privacy labels have mattered. Mostly at the margins, but they've mattered.

@stroughtonsmith I think it’s more than that, having had the discussions on team about “do we know that’s true?” And working to be able to ensure it was explicitly so we could honestly (rather than aspirationally) apply the label.

But even so, what would the label say in that case? What would we be aspiring to? (With the expectation that where we fail, we would be transparent and work to resolve it?)

Jeff Feb 13

@stroughtonsmith With Ai being baked into the OS itself, though, what good would this be on an app by app basis?