Hi, thanks for posting this — I've been hitting the exact same wall. I'm building a screen time management app and spent considerable time trying to persist per-app usage data from the DeviceActivityReportExtension to the App Group container. I exhaustively tested every storage mechanism available: Core Data, JSON files, UserDefaults (App Group suite), Keychain, raw POSIX syscalls, SQLite, iCloud KV, and NSUbiquitousKeyValueStore. All fail with permission errors — the extension is completely write-locked at the kernel level (POSIX errno 1 / EPERM). I also confirmed the DeviceActivityMonitor extension has the same restriction. So I'm very interested in your finding that the host app can reconstruct raw activity data from the report. Could you share more about the technique you used? Specifically: How does your host app access the data from the report extension? Is it through the rendered view hierarchy, some callback mechanism, or something else entirely? Are you able to get per-app bundle identifiers and durations, or just category-level data? Does the data survive across app launches (i.e., can you persist it from the main app side)? Given that Apple Security confirmed this is expected behavior, it would be great to understand the intended data flow so we can build on it confidently rather than relying on something that might get patched. Thanks in advance.