It seems that some of the new privacy features in iOS 14 are already having their intended effect, as at least one popular app developer has just had its privacy-invasive behaviour called out in the first developer beta of iOS 14.
Among a plethora of new privacy features that will be landing in iOS 14 such as more limited photo access and approximate location sharing, the new version of iOS will also let you know when apps attempt to surreptitiously read the data on your clipboard — and it turns out that this is something that many apps have been doing for a while now.
To be fair, there are some legitimate reasons for apps to scan your clipboard when you open them; apps like Pinterest and Pocket, for instance, have long been able to detect URLs on your clipboard and automatically offer to save them to your library. However, as researchers recently discovered, dozens of other apps have been doing this more secretively and for less appropriate reasons, in a list ranging from controversial apps like TikTok to seemingly innocuous apps like ABC News and The Weather Network, and even games like Fruit Ninja and Bejeweled.
Of course, the whole point of a system clipboard is that it’s supposed to be able to work between apps, but the catch here is that iOS apps have been allowed for far too long to read what’s on your clipboard without providing any kind of user feedback. This is why some apps, like 1Password, take explicit steps to clear anything that they place on the clipboard.
iOS 14 Draws the Line
With iOS 14, however, Apple has decided that this free ride for apps is over, and that you, the user, deserve to know when an app is scanning whatever you may have placed on your clipboard from another app. The result is that in iOS 14, you’ll now get a prominent banner notification that lets you know that this is happening every time the app reads your clipboard behind your back, even going so far as to point out where the original data on the clipboard came from.
From the report earlier this year, we already knew that TikTok was one of the culprits, but iOS 14 has proven exactly how extensive this behaviour is on the part of the app, with developers installing iOS 14 noticing almost immediately that TikTok was not only spying on their clipboard, but was doing so repeatedly and persistently — after almost every keystroke, in fact.
For its part, TikTok claims that it’s not doing anything nefarious with users’ clipboard data, and that this is simply part of a feature intended solely to prevent “repetitive, spammy behaviour.” In a statement to The Telegraph, however, the company also indicated that it would be removing the feature, since of course it has no way to prevent the new iOS 14 notifications from appearing, which will not only alarm users, but would also quickly become annoying due to their frequency; developers have found that the iOS 14 notifications pop up every few keystrokes, which to be fair is exactly what they should be doing if an app is reading the clipboard that incessantly.
TikTok says it’s already submitted an updated version of the app to the App Store to remove the anti-spam feature “to eliminate any potential confusion,” although it stopped short of commenting on whether it would be removing the feature from Android devices, which of course don’t have the same kind of stringent privacy features that Apple is more focused on.
To be clear, TikTok is far from alone in its reading of the clipboard behind the scenes, and we suspect that this behaviour is going to be revealed in many other apps even before iOS 14 gets released to the public this fall, although hopefully some may learn from developers’ experiences with TikTok and be more proactive about removing the feature before they get publicly called out by Apple’s new iOS 14 privacy notifications.