It’s true that iOS 14 will come with plenty of interface changes, giving you a significantly enhanced user experience. However, there are plenty of new features that are seemingly hidden and are surfacing just now. Among those is a set of privacy-related controls and notifications, giving you a greater sense of understanding of what’s happening with your data. Even though iOS 14 is available as a “developer preview” only, these new features are already forcing developers to take a good look at their privacy practices.
Last week, we told you about TikTok reading users’ clipboards. This didn’t come exactly as a surprise, as the app was caught harvesting private information back in March. And even though promises were made to have this problematic behavior removed from the app, this never happened. And now, we’re starting to see reports of numerous other apps doing the same – checking the contents of your clipboard and seeing everything you copy from one app to another. More precisely, LinkedIn was caught snooping on users’ privacy. This is, as many of you know, an employment-related online service owned by Microsoft.
Hi @DonCubed. Appreciate you raising this. We've traced this to a code path that only does an equality check between the clipboard contents and the currently typed content in a text box. We don't store or transmit the clipboard contents.
— Erran Berger (@eberger45) July 3, 2020
We’ve seen the initial reports about LinkedIn harvesting the contents of users’ clipboards being raised on Twitter. More specifically, a Twitter user (@DonCubed) reported that the app is copying the contents of her clipboard. What’s worrying is that LinkedIn was reading the clipboard contents after every keystroke. And considering that iOS has a Universal Clipboard, the app manages to intercept what’s being copied between two devices (an iPad Pro and a MacBook Pro, in this particular case).
It didn’t take long for LinkedIn to acknowledge the strange behavior of its app. Erran Berger, VP Engineering of Consumer Products at LinkedIn, stated via Twitter that this behavior is a bug. It means that the app isn’t reading users’ clipboards on purpose, and more importantly – it isn’t storing or transmitting the clipboard contents.
LinkedIn is currently working on a fix that should go live in an upcoming version of the app. Therefore, we strongly recommend keeping your eye on the iOS App Store and updating the app as soon as possible.
Finally, it’s worth mentioning that TikTok and LinkedIn weren’t the only apps caught harvesting users’ clipboards – as exposed by iOS 14. We’re talking about apps such as Starbucks, Overstock, AccuWeather, NYTimes, Pigment, and more.
We have seen official statements only from a couple of app developers until now. They mostly stated that this behavior is either a bug or a method of preventing “repetitive, spammy actions.” However, one thing is sure – iOS 14 is moving in the right direction as there’s no longer a way for apps to quietly access users’ clipboards without the user seeing a banner at the top of their screen.