Skip to main content

iPhone Mirroring is currently a privacy and legal risk on work Macs

One of the new features of iOS 18 and macOS Sequoia is iPhone Mirroring – but using this with a personal iPhone on a work Mac currently creates a privacy risk for employees, and a legal risk for businesses.

The problem, as cybersecurity company Sevco discovered, is that apps on the iPhone get treated as Mac apps, and that means their presence is included in corporate IT audits …

How iPhone Mirroring treats apps

Sevco found that when iPhone Mirroring is use, any iPhone app you run creates an entry in the Mac library here:

/Users/<user>/Library/Daemon Containers/<uuid>/Data/Library/Caches/<app_name>

That is, the Mac treats them as if they were Mac apps.

This means that when companies run automated network audits, to check that all the apps on their Macs are properly authorized and licensed, the iPhone apps will be identified.

For iPhone users, that creates a potential privacy risk, because your employer will be able to see your iPhone apps. To be clear, they can’t see the data in them, but Sevco says even knowing which apps you use could have serious implications.

For iPhone users, this Apple bug is a major privacy risk because it can expose aspects of their personal lives that they don’t want to share or that could put them at risk. This could include exposing a VPN app in a country that restricts access to the internet, a dating app that reveals their sexual orientation in a jurisdiction with limited protections or legal consequences, or an app related to a health condition that an employee simply does not want to share. The consequences of such data exposure may be severe.

It also creates a potential legal minefield for businesses.

For companies, this bug represents a new data liability from potentially collecting private employee data. If this bug is not addressed, it may lead to violation of major privacy laws such as CCPA, potential litigation, and federal agency enforcement.

In Europe, it would almost certainly contravene GDPR privacy requirements.

Apple is working on a fix; disclosure couldn’t wait

This is not intended behavior, and Apple is working on a fix.

Usually, a security company would wait for the fix to be pushed before it reveals the details, but Sevco said it felt that it couldn’t do so this time.

While typical responsible disclosure timelines are usually at least 30 days, we’ve decided to release this information now because we are watching the number of people and companies impacted grow with every day that passes. The biggest risk in this situation is to individuals in a potentially compromising situation and their best defense is their own awareness. We appreciate Apple’s rapid response and urgency addressing the issue.

Image: 9to5Mac collage of images from Apple and J Lee on Unsplash

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications