A Multilateral Privacy Impact Analysis Method for Android Apps

Majid Hatamian, Nurul Momen, Lothar Fritsch

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

9 Citations (Scopus)

Abstract

Smartphone apps have the power to monitor most of people’s private lives. Apps can permeate private spaces, access and map social relationships, monitor whereabouts and chart people’s activities in digital and/or real world. We are therefore interested in how much information a particular app can and intends to retrieve in a smartphone. Privacy-friendliness of smartphone apps is typically measured based on single-source analyses, which in turn, does not provide a comprehensive measurement regarding the actual privacy risks of apps. This paper presents a multi-source method for privacy analysis and data extraction transparency of Android apps. We describe how we generate several data sets derived from privacy policies, app manifestos, user reviews and actual app profiling at run time. To evaluate our method, we present results from a case study carried out on ten popular fitness and exercise apps. Our results revealed interesting differences concerning the potential privacy impact of apps, with some of the apps in the test set violating critical privacy principles. The result of the case study shows large differences that can help make relevant app choices.

Original languageEnglish
Title of host publicationPrivacy Technologies and Policy
Subtitle of host publication7th Annual Privacy Forum, APF 2019, Rome, Italy, June 13–14, 2019, Proceedings
EditorsMaurizio Naldi, Giuseppe F. Italiano, Kai Rannenberg, Manuel Medina, Athena Bourka
Place of PublicationCham, Switzerland
PublisherSpringer
Pages87-106
Number of pages20
Edition1
ISBN (Electronic)9783030217525
ISBN (Print)9783030217518
DOIs
Publication statusPublished - 2019
Externally publishedYes
EventAnnual Privacy Forum 2019 - LUISS Guido Carli, Rome, Italy
Duration: 13 Jun 201914 Jun 2019
https://2019.privacyforum.eu/

Publication series

NameSecurity and Cryptology
PublisherSpringer
Volume11498

Conference

ConferenceAnnual Privacy Forum 2019
Abbreviated titleAFP 2019
CountryItaly
CityRome
Period13/06/1914/06/19
Internet address

Fingerprint Dive into the research topics of 'A Multilateral Privacy Impact Analysis Method for Android Apps'. Together they form a unique fingerprint.

Cite this