Top

Published in:

2024 | OriginalPaper | Chapter

User Interaction Data in Apps: Comparing Policy Claims to Implementations

Authors : Feiyang Tang, Bjarte M. Østvold

Published in: Privacy and Identity Management. Sharing in a Digital World

Publisher: Springer Nature Switzerland

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The chapter delves into the privacy implications of user interaction data collection in mobile apps, challenging the effectiveness of anonymization techniques. It introduces an automated method to compare privacy policy claims with actual data collection practices in app code, aiming to enhance transparency and rebuild user trust. The study analyzes 100 popular apps, revealing significant gaps in transparency and detailing the extent of user interaction data collection. The chapter also presents a case study of four popular apps, highlighting the need for clearer and more detailed privacy policies. By addressing these issues, the research contributes to fostering a culture of transparency and accountability in the mobile app ecosystem.

AI Generated

This summary of the content was generated with the help of AI.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Business + Economics & Engineering + Technology"

Online-Abonnement

Springer Professional "Business + Economics & Engineering + Technology" gives you access to:

more than 102.000 books
more than 537 journals

from the following subject areas:

Automotive
Construction + Real Estate
Business IT + Informatics
Electrical Engineering + Electronics
Energy + Sustainability
Finance + Banking
Management + Leadership
Marketing + Sales
Mechanical Engineering + Materials
Insurance + Risk

Secure your knowledge advantage now!

inform now

Springer Professional "Engineering + Technology"

Online-Abonnement

Springer Professional "Engineering + Technology" gives you access to:

more than 67.000 books
more than 390 journals

from the following specialised fileds:

Automotive
Business IT + Informatics
Construction + Real Estate
Electrical Engineering + Electronics
Energy + Sustainability
Mechanical Engineering + Materials

Secure your knowledge advantage now!

inform now

Springer Professional "Business + Economics"

Online-Abonnement

Springer Professional "Business + Economics" gives you access to:

more than 67.000 books
more than 340 journals

from the following specialised fileds:

Construction + Real Estate
Business IT + Informatics
Finance + Banking
Management + Leadership
Marketing + Sales
Insurance + Risk

Secure your knowledge advantage now!

inform now

previous chapter Assuring GDPR Conformance Through Language-Based Compliance

next chapter Developing with Compliance in Mind: Addressing Data Protection Law, Cybersecurity Regulation, and AI Regulation During Software Development

Available only for authorised users

https://www.appbrain.com/stats/libraries/tag/analytics/android-analytics-libraries.

The German Google Play Store was selected for its adherence to the GDPR, ensuring that the apps included in the study would have well-constructed privacy policies. https://play.google.com/store/apps?hl=en_US &gl=DE.

Avdiienko, V., et al.: Mining apps for abnormal usage of sensitive data. In: The 37th IEEE International Conference on Software Engineering, vol. 1, pp. 426–436. IEEE (2015)

Creţu, A.M., Monti, F., Marrone, S., Dong, X., Bronstein, M., de Montjoye, Y.A.: Interaction data are identifiable even across long periods of time. Nat. Commun. 13(1), 313 (2022)CrossRef

Devlin, J., Chang, M.W., Lee, K., Toutanova, K.: Bert: pre-training of deep bidirectional transformers for language understanding (2019)

Enck, W., et al.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. (TOCS) 32(2), 1–29 (2014)CrossRef

Grünewald, E., Pallas, F.: TILT: a GDPR-aligned transparency information language and toolkit for practical privacy engineering. In: Proceedings of the 2021 ACM Conference on Fairness, Accountability, and Transparency, pp. 636–646 (2021)

Leiva, L.A., Arapakis, I., Iordanou, C.: My mouse, my rules: privacy issues of behavioral user profiling via mouse tracking. In: Proceedings of the 2021 Conference on Human Information Interaction and Retrieval, pp. 51–61 (2021)

Marda, V.: Non-personal data: the case of the Indian Data Protection Bill, definitions and assumptions (2020). https://www.adalovelaceinstitute.org/blog/non-personal-data-indian-data-protection-bill/. Accessed 28 Nov 2023

Qu, Z., Rastogi, V., Zhang, X., Chen, Y., Zhu, T., Chen, Z.: AutoCog: measuring the description-to-permission fidelity in android applications. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 1354–1365 (2014)

Ravichander, A., Black, A.W., Norton, T., Wilson, S., Sadeh, N.: Breaking down walls of text: how can NLP benefit consumer privacy? In: Proceedings of the 59th Annual Meeting of the Association for Computational Linguistics and the 11th International Joint Conference on Natural Language Processing, vol. 1 (2021)

10.

Rzhevkina, A.: Several EU countries banned Google analytics - here are some alternatives (2022). https://www.contentgrip.com/eu-countries-ban-google-analytics/. Accessed 03 Nov 2023

11.

Singh, A., Raghavan, M., Chugh, B., Prasad, S.: The contours of public policy for non-personal data flows in India (2019). https://www.dvara.com/research/blog/2019/09/24/the-contours-of-public-policy-for-non-personal-data-flows-in-india/. Accessed 28 Nov 2023

12.

Tang, F., Østvold, B.M.: Transparency in app analytics: analyzing the collection of user interaction data. In: 2023 20th Annual International Conference on Privacy, Security and Trust (PST), pp. 1–10 (2023). https://doi.org/10.1109/PST58708.2023.10320181

13.

Tesfay, W.B., Hofmann, P., Nakamura, T., Kiyomoto, S., Serna, J.: PrivacyGuide: towards an implementation of the EU GDPR on internet privacy policy evaluation. In: Proceedings of the Fourth ACM International Workshop on Security and Privacy Analytics, IWSPA 2018, pp. 15–21 (2018)

14.

Zhang, X., Wang, X., Slavin, R., Breaux, T., Niu, J.: How does misconfiguration of analytic services compromise mobile privacy? In: Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering, pp. 1572–1583 (2020)

15.

Zimmeck, S., Goldstein, R., Baraka, D.: PrivacyFlash pro: automating privacy policy generation for mobile apps. In: NDSS (2021)

16.

Zimmeck, S., et al.: MAPS: scaling privacy compliance analysis to a million apps. Proc. Priv. Enhanc. Tech. 2019, 66 (2019)

Title: User Interaction Data in Apps: Comparing Policy Claims to Implementations
Authors: Feiyang Tang
Bjarte M. Østvold
Publisher: Springer Nature Switzerland
Book: Privacy and Identity Management. Sharing in a Digital World
Print ISBN: 978-3-031-57977-6

Electronic ISBN: 978-3-031-57978-3

Copyright Year: 2024
DOI: https://doi.org/10.1007/978-3-031-57978-3_5

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Business + Economics & Engineering + Technology"

Springer Professional "Engineering + Technology"

Springer Professional "Business + Economics"