For years, functionality on iOS and Android has allowed applications to obtain clipboard content automatically, for example, to detect links to save or package tracking numbers. Now, why does a timer app need to copy the clipboard? With iOS 14, the iPhone sneaks whenever an app accesses the clipboard. In just four days, he has brought colors to dozens of apps.
With the arrival of iOS 14 last Monday, Apple incorporated a small feature that was not even hyped during the presentation. This is a pop-up message that appears at the top of the screen whenever the clipboard content is pasted from one place to another. ‘X has pasted from Y’ is the message, where X is the app we are in, and Y, where the pasted content comes from.
Voluntary or not, Apple has managed to bring to light the practices of some developers with this new feature. The first iOS users who have installed the iOS 14 beta have come across many applications that access their clipboard as soon as they open the app. In addition, some get it with each new letter written, as is the case with TikTok.
Accessing the clipboard automatically when opening the app is a well-known practice used by apps such as calendar apps. These apps copy the clipboard, and if they detect a date, they show a warning to create an event with that date. Something similar happens, for example, with link saving apps like Pocket, which automatically detect links and allow you to save them. The problem comes when this is done by apps that do not even have functions to create content within the app, such as an app that shows a timer to do intermittent fasting.
One of the apps that have made the most noise in this regard is TikTok, for the fact of copying the clipboard with absolutely any press of a letter. As TikTok has told Telegraph, this function is intended to detect repetitive SPAM behaviors. They announce that they will remove the feature in a future update of the app. If they also delete it on Android, they have not commented on anything.
But TikTok is nowhere near the only one. A video by developer Ryan Jones shows how all kinds of apps access the clipboard as soon as they are opened. We find weather apps like AccuWeather, newspaper apps like NYT or WSJ, stores like AliExpress, or the Chrome browser, among others.
Is this a serious problem? While the content we copy to the clipboard is generally “harmless,” there are also cases where it is compromised or private information. For example, we can copy a password or email, also photos, or bank details.
Just in March of this year, an investigation came to light that demonstrated how many apps used this technique to extract information without the user being aware of it. Either way, it remains to be seen what each of the developers who collect the clipboard say. TikTok, for example, has explained that it is to detect users who do SPAM, there are many other uses that can be given to this function and are appropriate for each type of app.
There is currently no way to prevent this with privacy permissions as there are for apps to access location, contacts, or photos. Should Apple implement similar permission to access the clipboard? I’m not sure, an excess of permissions makes the user sick of them, and we saw it last year with macOS Catalina. Instead, it could, for example, let certain apps declare that the content they have is sensitive and therefore, cannot be copied without the user’s permission. For example, for password managers, this way automatically everything copied from there can not be seen without the permission of the user. We will see how it evolves in the coming months; for now, iOS 14 has just a few days.