Conference Proceeding Article
While mobile platforms rely on developers to follow good practices in privacy design, developers might not always adhere. In addition, it is often difficult for users to understand the privacy behaviour of their applications without some prolonged usage. To aid in these issues, we describe on-going research to improve privacy protection by utilizing techniques that mine privacy information from application binaries as a grey-box (Automated Privacy Checking). The outputs can then be utilized to improve the users' ability to exercise privacy-motivated discretion. We conducted a user study to observe the effects of presenting information on leak-causing triggers within applications in the form of privacy message overlays. We found that while users' prior usage time largely determined their usage behaviour, presenting trigger information helped users who disapproved with data use and had sufficient understanding of the implications of data leaks. Users' inherent level of privacy consciousness and surprise levels were also factors in ensuring the effectiveness of messages.
mobile privacy, binary analysis, user-behavioural factors
Information Security | Portfolio and Security Analysis
Software and Cyber-Physical Systems
Bridging the Gap between Privacy by Design and Privacy in Practice(CHI Workshop)
City or Country
San Jose, CA, USA
CHAN JOO KENG JOSEPH; JIANG, Lingxiao; Tan, Kiat Wee; and BALAN, Rajesh Krishna.
Leveraging automated privacy checking for design of mobile privacy protection mechanisms. (2016). Bridging the Gap between Privacy by Design and Privacy in Practice(CHI Workshop). Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/3513
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.