TikTok ‘did not store’ iPhone clipboard data

The social media platform TikTok told the BBC that it did not receive or store data from Apple’s iPhone clipboards.

In a developer review of the latest update of the phone’s operating system, iOS 14, users are notified whenever an application accesses the device’s clipboard.

TikTok was one of 53 applications that security researchers had previously flagged as seeking regular access to the clipboard.

TikTok said it introduced the measure to prevent people from sending spam to the platform by copying and pasting the same content.

The platform, owned by Chinese company Bytedance, also said it had disabled the feature through an automatic application update launched on June 27.

It was never activated on Android devices, he added.

“After the beta of iOS14 on June 22, users saw notifications while using several popular apps,” he said in a statement.

“For TikTok, this was triggered by a feature designed to identify repetitive and spammy behaviors. We sent an updated version of the app to the App Store, removing the anti-spam feature to eliminate any possible confusion.”

Jeremy Burge, founder of Emojipedia, shared the video of Apple’s new notification on Twitter.

“TikTok takes the contents of my clipboard every 1-3 keys pressed,” he wrote.

“IOS 14 is being displayed with the new collage notification.”

‘Quietly readable’

The news had alarmed privacy advocates.

“People should be aware that on mobile devices, to try to help, they can do things that are a little bit unexpected,” said Professor Alan Woodward, a cybersecurity expert at the University of Surrey.

“It is not ideal, but in this case there is no evidence that the data was sent to any place other than the telephone. There is no reason to be alarmed.”

There are legitimate reasons why applications require access to the clipboard – the 9to5 Mac website noted in February that the clipboard was “designed to be silently readable by any application”.

To share a website address with a messaging platform, for example, or to obtain a password from a password manager and paste it into a password protected service, the clipboard must be accessible,

In a survey published in March, Talal Haj Bakry and Tommy Mysk identified dozens of applications that they said accessed the clipboard.

Apple told them at the time that it did not believe there was a problem with the vulnerability – but its new iOS update now warns iPhone users when that happens.

The pair identified several news channels, games and social media / messaging platforms that sought data from the clipboard.

They included Reuters, New York Times, Russia Today, Fruit Ninja, Player Unknown battlegrounds, Plants vs Zombies, TikTok, Viber and Weibo.

They noted that it was not clear what the applications did with the data.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.