Does Android notify users when an app reads the clipboard?

Yes, since Android 12. When an app reads clipboard data that came from a different app, the system shows a notification telling the user, which exposed apps that quietly checked the clipboard on launch. It mirrors the change iOS made. For developers, it means any unnecessary clipboard read now produces a visible privacy signal, so reading the clipboard without a clear, user-initiated purpose looks like the snooping the notification was designed to surface.

Is reading the Android clipboard a privacy risk?

Yes, when done without user intent. The clipboard often holds sensitive content the user copied for another purpose, such as a password, one-time code, or address, so reading it when the user did not ask exposes data unrelated to your app and triggers the system notification. Reading on launch or in the background is the problem; reading in response to an explicit paste action is expected. Treat the clipboard as shared, sensitive space, not private to your app.

Can I mark clipboard data as sensitive on Android?

Yes. Recent Android lets you flag a clip as sensitive so the system hides its on-screen preview when it is copied, which is appropriate for content like a password or a one-time code. That prevents the preview from being shown to anyone looking at the screen. It does not make the clipboard private, since other apps can still read it, so combine flagging sensitive clips with avoiding putting long-lived secrets on the clipboard at all.

How do I review my app's clipboard and data handling?

Scan the build and review your clipboard code. A pre-submission scan such as PTKD.com reads the compiled APK or AAB against OWASP MASVS and surfaces how your app handles sensitive data, which complements checking that your app reads the clipboard only on user action and flags sensitive copied content. If your app auto-reads the clipboard, the fix is to tie reads to an explicit user action so it does not capture unrelated sensitive data or trigger the access notification.

Android clipboard privacy: what to know

The clipboard is shared, sensitive space on Android just as it is on iOS, and reading it without a reason is a privacy problem the platform now makes visible. Since Android 12, when an app reads clipboard data that came from a different app, the system shows a notification, exposing apps that quietly check the clipboard on launch. The clipboard often holds exactly what a user did not mean to share, a copied password, a one-time code, an address, so the right approach is to read it only when the user acts. Here is what changed and how to handle the clipboard respectfully.

Short answer

On Android, the clipboard can hold sensitive data the user copied for another purpose, and since Android 12 the system shows a notification when an app reads clipboard data that originated in a different app, exposing apps that read it silently. Per Android's documentation, you should read the clipboard only in response to an explicit user action, not automatically, and you can mark sensitive copied content so its preview is hidden. Do not auto-read the clipboard, do not place secrets on it without flagging them, and treat clipboard contents as shared, sensitive data rather than a private channel for your app.

What you should know

The clipboard holds sensitive data: passwords, one-time codes, addresses.
Android shows a read notification: since Android 12, for cross-app reads.
Do not auto-read on launch: read only on explicit user action.
Mark sensitive copied content: so its preview is hidden.
Treat it as shared space: both reading and writing are exposed.

What changed with the clipboard access notification?

Android made clipboard reads visible, which exposed silent access. Starting in Android 12, when an app reads clipboard data that came from a different app, the system shows a notification telling the user, so behavior that used to be invisible, an app checking the clipboard the moment it opened, became obvious. This mirrors the change iOS made, and it had the same effect: it revealed how common silent clipboard reading was and prompted apps to stop doing it without a reason. For developers, it means any unnecessary clipboard read now produces a visible privacy signal to the user, so reading the clipboard without a clear, user-initiated purpose looks exactly like the snooping the notification was designed to surface.

What is the privacy risk?

Both reading and writing the clipboard can expose data. The table breaks it down.

Action	Risk
Reading the clipboard on launch	Captures unrelated sensitive content the user copied
Reading without user intent	Looks like snooping and triggers the notification
Writing a secret to the clipboard	Other apps can read it, and it may persist
Not flagging sensitive copied data	Its preview can be shown to others

On the read side, accessing the clipboard when the user did not ask exposes whatever they last copied, which is often sensitive and unrelated to your app. On the write side, placing a secret such as a password or one-time code on the clipboard makes it available to other apps that read the clipboard, and recent Android lets you flag a clip as sensitive so the system hides its on-screen preview. So the clipboard is shared space in both directions, and treating it as private to your app is the mistake.

How do you handle the clipboard respectfully?

Read only on intent, and be careful what you write. Do not read the clipboard automatically on launch or in the background; read it only when the user explicitly acts, such as tapping a paste control, so access matches expectation and does not trigger an alarming notification. When your app copies sensitive content to the clipboard, for example a generated password or a one-time code, flag the clip as sensitive so the system hides its preview, and consider whether it needs to go on the shared clipboard at all. Avoid placing long-lived secrets on the clipboard, since other apps can read it. The rule is the same as on iOS: clipboard access should trace back to a user action, and sensitive data you do put on the clipboard should be marked and short-lived. That keeps your app on the right side of the privacy signal the platform now shows.

What to watch out for

The first trap is reading the clipboard on launch or in the background, which captures unrelated sensitive content and triggers the notification, making your app look like it is snooping. The second is writing a secret to the clipboard without flagging it sensitive, where its preview and contents are exposed to other apps. The third is leaving sensitive copied data on the clipboard longer than needed. A pre-submission scan such as PTKD.com (https://ptkd.com) reads the compiled APK or AAB against OWASP MASVS and surfaces how your app handles sensitive data, which complements reviewing your clipboard usage for privacy. The clipboard behavior itself you adjust in the app, tying reads to user intent.

What to take away

The Android clipboard can hold sensitive data the user copied elsewhere, and since Android 12 the system shows a notification when an app reads cross-app clipboard data.
Read the clipboard only in response to an explicit user action, never automatically on launch or in the background.
When you copy sensitive content, flag the clip as sensitive so its preview is hidden, and avoid placing long-lived secrets on the shared clipboard.
Use a pre-submission scan such as PTKD.com to review how your app handles sensitive data alongside its clipboard usage.