Related papers: User Interaction Data in Apps: Comparing Policy Claims to Implementations

User Interaction Data in Apps: Comparing Policy Claims to Implementations

URL: http://arxiv.org/abs/2312.02710v1
Date: Tue, 5 Dec 2023 12:11:11 GMT
Title: User Interaction Data in Apps: Comparing Policy Claims to Implementations
Authors: Feiyang Tang, Bjarte M. {\O}stvold
Abstract summary: We analyzed the top 100 apps across diverse categories using static analysis methods to evaluate the alignment between policy claims and implemented data collection techniques. Our findings highlight the lack of transparency in data collection and the associated risk of re-identification, raising concerns about user privacy and trust.
Score: 0.0
License: http://creativecommons.org/licenses/by/4.0/
Abstract: As mobile app usage continues to rise, so does the generation of extensive user interaction data, which includes actions such as swiping, zooming, or the time spent on a screen. Apps often collect a large amount of this data and claim to anonymize it, yet concerns arise regarding the adequacy of these measures. In many cases, the so-called anonymized data still has the potential to profile and, in some instances, re-identify individual users. This situation is compounded by a lack of transparency, leading to potential breaches of user trust. Our work investigates the gap between privacy policies and actual app behavior, focusing on the collection and handling of user interaction data. We analyzed the top 100 apps across diverse categories using static analysis methods to evaluate the alignment between policy claims and implemented data collection techniques. Our findings highlight the lack of transparency in data collection and the associated risk of re-identification, raising concerns about user privacy and trust. This study emphasizes the importance of clear communication and enhanced transparency in privacy practices for mobile app development.

Related papers

PrivacyLens: Evaluating Privacy Norm Awareness of Language Models in Action [54.11479432110771]
PrivacyLens is a novel framework designed to extend privacy-sensitive seeds into expressive vignettes and further into agent trajectories. We instantiate PrivacyLens with a collection of privacy norms grounded in privacy literature and crowdsourced seeds. State-of-the-art LMs, like GPT-4 and Llama-3-70B, leak sensitive information in 25.68% and 38.69% of cases, even when prompted with privacy-enhancing instructions.
arXiv Detail & Related papers (2024-08-29T17:58:38Z)
Collection, usage and privacy of mobility data in the enterprise and public administrations [55.2480439325792]
Security measures such as anonymization are needed to protect individuals' privacy. Within our study, we conducted expert interviews to gain insights into practices in the field. We survey privacy-enhancing methods in use, which generally do not comply with state-of-the-art standards of differential privacy.
arXiv Detail & Related papers (2024-07-04T08:29:27Z)
IDPFilter: Mitigating Interdependent Privacy Issues in Third-Party Apps [0.30693357740321775]
Third-party apps have increased concerns about interdependent privacy (IDP) This paper provides a comprehensive investigation into the previously underinvestigated IDP issues of third-party apps. We propose IDPFilter, a platform-agnostic API that enables application providers to minimize collateral information collection.
arXiv Detail & Related papers (2024-05-02T16:02:13Z)
Transparency in App Analytics: Analyzing the Collection of User Interaction Data [0.0]
We conducted an analysis of the top 20 analytic libraries for Android apps to identify common practices of interaction data collection. We developed a standardized collection claim template for summarizing an app's data collection practices.
arXiv Detail & Related papers (2023-06-20T11:01:27Z)
Protecting User Privacy in Online Settings via Supervised Learning [69.38374877559423]
We design an intelligent approach to online privacy protection that leverages supervised learning. By detecting and blocking data collection that might infringe on a user's privacy, we can restore a degree of digital privacy to the user.
arXiv Detail & Related papers (2023-04-06T05:20:16Z)
Cross-Network Social User Embedding with Hybrid Differential Privacy Guarantees [81.6471440778355]
We propose a Cross-network Social User Embedding framework, namely DP-CroSUE, to learn the comprehensive representations of users in a privacy-preserving way. In particular, for each heterogeneous social network, we first introduce a hybrid differential privacy notion to capture the variation of privacy expectations for heterogeneous data types. To further enhance user embeddings, a novel cross-network GCN embedding model is designed to transfer knowledge across networks through those aligned users.
arXiv Detail & Related papers (2022-09-04T06:22:37Z)
Relational Graph Neural Networks for Fraud Detection in a Super-App environment [53.561797148529664]
We propose a framework of relational graph convolutional networks methods for fraudulent behaviour prevention in the financial services of a Super-App. We use an interpretability algorithm for graph neural networks to determine the most important relations to the classification task of the users. Our results show that there is an added value when considering models that take advantage of the alternative data of the Super-App and the interactions found in their high connectivity.
arXiv Detail & Related papers (2021-07-29T00:02:06Z)
Trustworthy Transparency by Design [57.67333075002697]
We propose a transparency framework for software design, incorporating research on user trust and experience. Our framework enables developing software that incorporates transparency in its design.
arXiv Detail & Related papers (2021-03-19T12:34:01Z)
Towards Mass Adoption of Contact Tracing Apps -- Learning from Users' Preferences to Improve App Design [3.187723878624947]
We explore user preferences for contact tracing apps using market research techniques and conjoint analysis. Our results confirm the privacy-preserving design of most European contact tracing apps. We conclude that adding goal-congruent features will play an important role in fostering mass adoption.
arXiv Detail & Related papers (2020-11-24T19:08:09Z)
Privacy-accuracy trade-offs in noisy digital exposure notifications [3.04585143845864]
There is interest in using the power of mobile phones to automate the contact-tracing process. The rough idea is simple: use Bluetooth or other data-exchange technologies to record contacts between users, enable users to report positive diagnoses, and alert users who have been exposed to sick users. Although designing practical protocols is of crucial importance, it is essential to realize that notifying users about exposure events may itself leak confidential information.
arXiv Detail & Related papers (2020-11-08T15:00:38Z)
Privacy Guidelines for Contact Tracing Applications [19.094312133714023]
We discuss the scenarios which a contact tracing application should be able to handle. We describe the various threat actors who can disrupt its working, or misuse end user's data. We present privacy guidelines for contact tracing applications from different stakeholder's perspective.
arXiv Detail & Related papers (2020-04-28T06:44:14Z)

This list is automatically generated from the titles and abstracts of the papers in this site.