Before and after GDPR: tracking in mobile apps

• URL: http://arxiv.org/abs/2112.11117v1
• Date: Tue, 21 Dec 2021 11:45:01 GMT
• Title: Before and after GDPR: tracking in mobile apps
• Authors: Konrad Kollnig, Reuben Binns, Max Van Kleek, Ulrik Lyngs, Jun Zhao, Claudine Tinsman, Nigel Shadbolt
• Abstract summary: Thirdparty tracking, sharing of data about individuals is significant and ubiquitous in mobile apps. Thirdparty tracking in nearly two million Android apps from before and after introduction of EU General Data Protection Regulation. concentration of behavioural tracking capabilities among few large gatekeeper companies persists.
• Score: 34.15669578579838
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Third-party tracking, the collection and sharing of behavioural data about individuals, is a significant and ubiquitous privacy threat in mobile apps. The EU General Data Protection Regulation (GDPR) was introduced in 2018 to protect personal data better, but there exists, thus far, limited empirical evidence about its efficacy. This paper studies tracking in nearly two million Android apps from before and after the introduction of the GDPR. Our analysis suggests that there has been limited change in the presence of third-party tracking in apps, and that the concentration of tracking capabilities among a few large gatekeeper companies persists. However, change might be imminent.

Related papers

• A Large-Scale Privacy Assessment of Android Third-Party SDKs [17.245330733308375]
  Third-party Software Development Kits (SDKs) are widely adopted in Android app development. This convenience raises substantial concerns about unauthorized access to users' privacy-sensitive information. Our study offers a targeted analysis of user privacy protection among Android third-party SDKs.
  arXiv  Detail & Related papers  (2024-09-16T15:44:43Z)
• IDPFilter: Mitigating Interdependent Privacy Issues in Third-Party Apps [0.30693357740321775]
  Third-party apps have increased concerns about interdependent privacy (IDP) This paper provides a comprehensive investigation into the previously underinvestigated IDP issues of third-party apps. We propose IDPFilter, a platform-agnostic API that enables application providers to minimize collateral information collection.
  arXiv  Detail & Related papers  (2024-05-02T16:02:13Z)
• A Unified View of Differentially Private Deep Generative Modeling [60.72161965018005]
  Data with privacy concerns comes with stringent regulations that frequently prohibited data access and data sharing. Overcoming these obstacles is key for technological progress in many real-world application scenarios that involve privacy sensitive data. Differentially private (DP) data publishing provides a compelling solution, where only a sanitized form of the data is publicly released.
  arXiv  Detail & Related papers  (2023-09-27T14:38:16Z)
• TeD-SPAD: Temporal Distinctiveness for Self-supervised Privacy-preservation for video Anomaly Detection [59.04634695294402]
  Video anomaly detection (VAD) without human monitoring is a complex computer vision task. Privacy leakage in VAD allows models to pick up and amplify unnecessary biases related to people's personal information. We propose TeD-SPAD, a privacy-aware video anomaly detection framework that destroys visual private information in a self-supervised manner.
  arXiv  Detail & Related papers  (2023-08-21T22:42:55Z)
• Is It a Trap? A Large-scale Empirical Study And Comprehensive Assessment of Online Automated Privacy Policy Generators for Mobile Apps [15.181098379077344]
  Automated Privacy Policy Generators can create privacy policies for mobile apps. Nearly 20.1% of privacy policies could be generated by existing APPGs. App developers must carefully select and use the appropriate APPGs to avoid potential pitfalls.
  arXiv  Detail & Related papers  (2023-05-05T04:08:18Z)
• Goodbye Tracking? Impact of iOS App Tracking Transparency and Privacy Labels [25.30364629335751]
  Apple introduced two significant changes with iOS 14: App Tracking Transparency (ATT), a mandatory opt-in system for enabling tracking on iOS, and Privacy Nutrition Labels. This paper addresses the impact of these changes on individual privacy and control by analysing two versions of 1,759 iOS apps from the UK App Store. We find that Apple itself engages in some forms of tracking and exempts invasive data practices like first-party tracking and credit scoring.
  arXiv  Detail & Related papers  (2022-04-07T16:32:58Z)
• Analysis of Longitudinal Changes in Privacy Behavior of Android Applications [79.71330613821037]
  In this paper, we examine the trends in how Android apps have changed over time with respect to privacy. We examine the adoption of HTTPS, whether apps scan the device for other installed apps, the use of permissions for privacy-sensitive data, and the use of unique identifiers. We find that privacy-related behavior has improved with time as apps continue to receive updates, and that the third-party libraries used by apps are responsible for more issues with privacy.
  arXiv  Detail & Related papers  (2021-12-28T16:21:31Z)
• Location Data and COVID-19 Contact Tracing: How Data Privacy Regulations and Cell Service Providers Work In Tandem [1.1470070927586016]
  Cellphone Service Providers (CSPs) enable the spatial and temporal real-time user tracking. Three of the regulations analyzed analyzed defined mobile location data as private information. Two of the five CSPs that were analyzed did not comply with the COPPA regulation.
  arXiv  Detail & Related papers  (2021-03-25T22:13:50Z)
• Mind the GAP: Security & Privacy Risks of Contact Tracing Apps [75.7995398006171]
  Google and Apple have jointly provided an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy. We demonstrate that in real-world scenarios the GAP design is vulnerable to (i) profiling and possibly de-anonymizing persons, and (ii) relay-based wormhole attacks that basically can generate fake contacts.
  arXiv  Detail & Related papers  (2020-06-10T16:05:05Z)
• Give more data, awareness and control to individual citizens, and they will help COVID-19 containment [74.10257867142049]
  Contact-tracing apps are being proposed for large scale adoption by many countries. A centralized approach raises concerns about citizens' privacy and needlessly strong digital surveillance. We advocate a decentralized approach, where both contact and location data are collected exclusively in individual citizens' "personal data stores"
  arXiv  Detail & Related papers  (2020-04-10T20:30:37Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.