How Should We Support Designing Privacy-Friendly Apps for Children? Using a Research through Design Process to Understand Developers' Needs and Challenges

Mobile apps used by children often make use of harmful techniques, such as data tracking and targeted advertising. Previous research has suggested that developers face several systemic challenges in designing apps that prioritise children's best interests. To understand how developers can be better supported, we used a Research through Design (RtD) method to explore what the future of privacy-friendly app development could look like. We performed an elicitation study with 20 children's app developers to understand their needs and requirements. We found a number of specific technical requirements from the participants about how they would like to be supported, such as having actionable transnational design guidelines and easy-to-use development libraries. However, participants were reluctant to adopt these design ideas in their development practices due to perceived financial risks associated with increased privacy in apps. To overcome this critical gap, participants formulated socio-technical requirements that extend to other stakeholders in the mobile industry, including parents and marketplaces. Our findings provide important immediate and long-term design opportunities for the HCI community, and indicate that support for changing app developers' practices must be designed in the context of their relationship with other stakeholders.Comment: 28 pages, 2 figure

How can we design privacy-friendly apps for children? Using a research through design process to understand developers' needs and challenges

Mobile apps used by children often make use of harmful techniques, such as data tracking and targeted advertising. Previous research has suggested that developers face several systemic challenges in designing apps that prioritise children's best interests. To understand how developers can be better supported, we used a Research through Design (RtD) method to explore what the future of privacy-friendly app development could look like. We performed an elicitation study with 20 children's app developers to understand their needs and requirements. We found a number of specific technical requirements from the participants about how they would like to be supported, such as having actionable transnational design guidelines and easy-to-use development libraries. However, participants were reluctant to adopt these design ideas in their development practices due to perceived financial risks associated with increased privacy in apps. To overcome this critical gap, participants formulated socio-technical requirements that extend to other stakeholders in the mobile industry, including parents and marketplaces. Our findings provide important immediate and long-term design opportunities for the HCI community, and indicate that support for changing app developers' practices must be designed in the context of their relationship with other stakeholders

Semantic discovery and reuse of business process patterns

Patterns currently play an important role in modern information systems (IS) development and their use has mainly been restricted to the design and implementation phases of the development lifecycle. Given the increasing significance of business modelling in IS development, patterns have the potential of providing a viable solution for promoting reusability of recurrent generalized models in the very early stages of development. As a statement of research-in-progress this paper focuses on business process patterns and proposes an initial methodological framework for the discovery and reuse of business process patterns within the IS development lifecycle. The framework borrows ideas from the domain engineering literature and proposes the use of semantics to drive both the discovery of patterns as well as their reuse

The Dark Side(-Channel) of Mobile Devices: A Survey on Network Traffic Analysis

In recent years, mobile devices (e.g., smartphones and tablets) have met an increasing commercial success and have become a fundamental element of the everyday life for billions of people all around the world. Mobile devices are used not only for traditional communication activities (e.g., voice calls and messages) but also for more advanced tasks made possible by an enormous amount of multi-purpose applications (e.g., finance, gaming, and shopping). As a result, those devices generate a significant network traffic (a consistent part of the overall Internet traffic). For this reason, the research community has been investigating security and privacy issues that are related to the network traffic generated by mobile devices, which could be analyzed to obtain information useful for a variety of goals (ranging from device security and network optimization, to fine-grained user profiling). In this paper, we review the works that contributed to the state of the art of network traffic analysis targeting mobile devices. In particular, we present a systematic classification of the works in the literature according to three criteria: (i) the goal of the analysis; (ii) the point where the network traffic is captured; and (iii) the targeted mobile platforms. In this survey, we consider points of capturing such as Wi-Fi Access Points, software simulation, and inside real mobile devices or emulators. For the surveyed works, we review and compare analysis techniques, validation methods, and achieved results. We also discuss possible countermeasures, challenges and possible directions for future research on mobile traffic analysis and other emerging domains (e.g., Internet of Things). We believe our survey will be a reference work for researchers and practitioners in this research field.Comment: 55 page

Social Media’s impact on Intellectual Property Rights

This is a draft chapter. The final version is available in Handbook of Research on Counterfeiting and Illicit Trade, edited by Peggy E. Chaudhry, published in 2017 by Edward Elgar Publishing Ltd, https://doi.org/10.4337/9781785366451. This material is for private use only, and cannot be used for any other purpose without further permission of the publisher.Peer reviewe

Understanding and supporting app developers towards designing privacy-friendly apps for children

The integration of digital technology in contemporary society has led to children being exposed to and using mobile devices at younger ages. These devices have become an integral part of their daily routines and experiences, playing a crucial role in their socialisation and development. However, the use of these devices is not without drawbacks. The underlying infrastructure of many of the apps available on such devices heavily relies on a vast and intricate data-driven ecosystem. The proliferation of mobile app developers and numerous third-party and fourth-party entities heavily relies on the collection, sharing, transmission, and analysis of personal data, including that of children. The breach of privacy resulting from the extensive data tracking is prevalent and has detrimental effects on children, including the loss of autonomy and trust. In this thesis, we investigate this problem from the perspective of app developers. We begin by conducting a critical examination of the privacy landscape of popular children's apps in the UK market. In conjunction with a systematic literature review, we develop a research-driven method for evaluating privacy practices in mobile applications. By applying this methodology to a dataset of 137 'expert-approved' children's apps, we reveal that these apps extensively tracked children's data, while providing insufficient user-facing support for children to manage and negotiate these privacy behaviours. This finding raises the crucial question of barriers to designing privacy-friendly mobile apps for children. To explore this issue, we first conduct a mixed-method study with developers of children's apps, comprising 134 surveys and 20 interviews. Our findings show that while the developers are invested in the best interests of children, they encounter difficulties in navigating the complex data-driven ecosystem, understanding the behaviour of third-party libraries and trackers, as well as the pressure to monetise their apps through privacy-friendly alternatives. In light of these findings, we carry out a Research through Design approach to elicit latent needs from children's app developers, using a set of 12 ideas, generated through a workshop with design expert, aimed at addressing the identified challenges. These ideas are evaluated with a sample of 20 children's app developers to uncover a set of latent requirements for support, including a demand for increased transparency regarding third-party libraries and easy-to-adopt compliance checking against regulatory guidelines. Utilising the requirements gathered from the developers, we develop a web-based application that aims to provide transparency about the privacy behaviours of commonly used SDKs and third-party libraries for app developers. We ask a sample of 12 children's app developers to evaluate how features in our application may incentivise developers to consider privacy-friendly alternatives to commonly used SDKs, how they may plan to use it in their development practices, and how it may be improved in the future. The research in this thesis casts a crucial new perspective upon the current state of privacy in the mobile ecosystem, through carefully-designed observations and attempts to disrupt existing practices of app developers for children. Through this journey, we contribute to the HCI research community and related designers and regulatory bodies with fresh and original insights into the design and development of privacy-friendly mobile applications for children

Assessing Quality of Consumer Reviews in Mobile Application Markets: A Principal Component Analysis Approach

This study presents a simple, theory-based method for calculating a metric which reflects the quality of online consumer reviews in mobile application markets. Derived from prior online consumer review studies based on psychology, information quality, and economics literature, a metric for measuring online consumer review quality is developed. The metric is a weighted sum of three variables (Squared Star Rating, Log-transformed Word Count, and Sum of Squared Negative and Positive Sentiment), and weights for calculating the metric are estimated by using Principal Component Analysis (PCA) technique. Preliminary assessment of the proposed method shows that metrics computed by using the proposed method are positively correlated with helpfulness ranks of mobile application reviews in Google Play. However, PCA results show that one of the variables (i.e., sentiment) used for developing the metric did not load consistently on the first factor component. From the findings of the preliminary evaluation on the metric, limitations and future research directions of the proposed method are discussed

Groping in the dark? Exploring customer perception of hidden actions in smart service ecosystems through the lens of agency theory

DDue to new technologies, providers of digital goods and services collect an ever-increasing amount of personal data. Although the GDPR mandates that providers must inform their customers about the handling of their data, past privacy scandals have shown that customers lack information. In this study, we adopt a qualitative-exploratory approach to develop a rich understanding of the practices about which customers are not fully informed. We rely on agency theory to understand hidden actions as an informational advantage of providers. By conducting focus groups, we identify perceptions of three key hidden actions of smart product customers in B2C service ecosystems. Building on the hidden actions, we understand the relationship between customer and provider in smart service ecosystems characterized by information asymmetries. With our research, we provide the first steps towards understanding the nature and role of hidden actions in the context of smart service ecosystems. For practitioners, we provide guidance on how to effectively reduce information asymmetries