# Guideline 5.2.x - Legal: Missing Export Compliance Declaration

**Guideline:** 5.2.x · **Store:** Apple App Store · **Risk:** low · **Difficulty:** easy

Canonical URL: https://appstorereject.com/rejections/apple/5/guideline-52x-legal-missing-export-compliance-declaration

## Description

Your Info.plist is missing the ITSAppUsesNonExemptEncryption key. Without it, every TestFlight and App Store upload triggers a manual export compliance prompt, slowing down your release process.

## Resolution steps

1. **Determine your encryption usage** — If your app only uses standard HTTPS (URLSession, Alamofire, fetch) and no custom encryption, you qualify for the exemption.

2. **Add the key to Info.plist** — Add `ITSAppUsesNonExemptEncryption` with value `NO` (boolean false) to your Info.plist. This tells Apple your app uses only exempt encryption and skips the manual compliance prompt on each upload.

3. **If you use custom encryption** — If your app uses CryptoKit with non-standard algorithms, OpenSSL, libsodium, or custom AES/RSA implementations, set the value to `YES`. You will need to obtain an Encryption Registration Number (ERN) from the US Bureau of Industry and Security and provide it in App Store Connect.

4. **For Expo/React Native** — Add to `app.json` under `expo.ios.infoPlist`: `"ITSAppUsesNonExemptEncryption": false`. For bare RN, add directly to `ios/<AppName>/Info.plist`.

5. **Verify on next upload** — After adding the key, archive and upload. The export compliance prompt should no longer appear.

**Prevention:**
- Add this key to Info.plist in every new iOS project
- Include it in your project template or boilerplate

---
*Machine-readable source: https://api.appstorereject.com/api/rejections/detail?slug=guideline-52x-legal-missing-export-compliance-declaration*