TikTok ‘didn’t store’ iPhone clipboard data

TikTok logo

Copyright of the image
Getty

Social media platform TikTok told the BBC that it had not received or archived any data from the Apple iPhone clipboard.

In a developer trial version of the phone’s latest operating system update, iOS 14, users are notified whenever an app accesses the phone’s clipboard.

TikTok was one of 53 apps that security researchers had previously reported as a regular user looking for clipboard access.

TikTok claimed to have introduced the move to prevent people from spamming the platform by copying and pasting the same content.

The platform, owned by the Chinese company Bytedance, also said it had disabled the function through an automatic app update sent on June 27.

It has never been enabled on Android devices, he added.

“Following the beta version of iOS14 on June 22, users viewed notifications while using a number of popular apps,” read a note.

“For TikTok, this was triggered by a feature designed to identify repetitive and spam behavior. We sent an updated version of the app to the App Store by removing the antispam feature to eliminate any potential confusion.”

Jeremy Burge, the founder of Emojipedia, shared the video of Apple’s new notification on Twitter.

“TikTok is grabbing the contents of my clipboard every 1-3 keystrokes,” he wrote.

“iOS 14 is making fun of us with the new paste notification.”

‘Silently readable’

The news had alarmed privacy activists.

“People should be aware that on mobile devices, in order to try to be useful, they can do slightly unexpected things,” said Prof Alan Woodward, cyber security expert at Surrey University.

“It’s not ideal, but in this case there is no evidence that it is sending data anywhere else than on the phone. There is no reason to be alarmed.”

There are legitimate reasons why apps require clipboard access – the 9to5 Mac website noticed in February that the clipboard is “designed to be silently readable by any app.”

To share a website address with a messaging platform, for example, or to take a password from a password manager and paste it into a password-protected service, the clipboard must be accessible,

In research published in March, Talal Haj Bakry and Tommy Mysk identified dozens of apps that claimed to have access to the clipboard.

At the moment Apple has told them it didn’t believe there was a problem with the vulnerability, but its new iOS update now warns iPhone users when it happens.

The couple identified various news channels, games and social media / messaging platforms that were looking for data on the clipboard.

They included Reuters, the New York Times, Russia Today, Fruit Ninja, Player Unknown’s Battlegrounds, Plants vs Zombies, TikTok, Viber and Weibo.

They noticed that it was not clear what the apps did with the data.

Leave comment

Your email address will not be published. Required fields are marked with *.