Do Mobile App Providers Try Enough to Protect Users’ Privacy? – a Content Analysis of Mobile App Privacy Policies

Privacy policies are widely used to draw clear image of risks to users’ personal information in different contexts such as mobile apps. Nonetheless, many believe privacy policies are ineffective tools to notify and aware users about possible risks to information privacy merely because most users have a very low tendency to go through privacy policies to read and comprehend them. Due to intimacy of mobile apps, much of personal information disclosed to them are at risk. Specially, when mobile app users share sensitive personal information to apps chance of privacy violation and consequent risks are higher. It is not only important to understand how mobile developers practically implement a contract to protect users’ privacy based on users’ preferences but also crucial to examine the role of sensitivity of information on developers’ emphasis on different aspects of privacy. This research focuses on two aspects to understand the circumstance users experience when privacy policies are presented: efforts users have to make to read and understand privacy policies in terms of readability and length of statements, and developers’ emphasis on aspects of information privacy with respect to sensitivity of information. To elucidate easiness of reading privacy policy statements, readability and length are calculated. Through the lens of framing concept of prospect theory, this study investigates the information sensitivity level effect on developers’ emphasis on privacy dimensions. Three mobile app categories deal with different levels of sensitive data are health, navigation, and game apps. To differentiate between emphasis on different privacy dimensions when information sensitivity differs, a text mining method is developed in R to analyze the weights of four key privacy dimensions (collection, secondary use, improper access, and error). We downloaded 90 unique mobile app privacy policies. Readability calculations reveal that users should have a minimum of 12 years of secondary education to easily understand privacy policies. The average length of privacy policies is at least 1900 words, which hinders a thorough reading. ANOVA results show a significant difference between secondary uses of information in app privacy policies dealing with higher sensitive data. In addition, the findings demonstrate collection is more emphasized in health than game app privacy policies but do not find any significant difference between improper access dimensions. This study has made two key contributions. First, by building upon the framing concept of prospect theory, this research provides an effective framework to understand the organizational perspective of privacy concerns. Second, the results demonstrate the information sensitivity level is important for measuring privacy concerns

Measuring third party tracker power across web and mobile

Third-party networks collect vast amounts of data about users via web sites and mobile applications. Consolidations among tracker companies can significantly increase their individual tracking capabilities, prompting scrutiny by competition regulators. Traditional measures of market share, based on revenue or sales, fail to represent the tracking capability of a tracker, especially if it spans both web and mobile. This paper proposes a new approach to measure the concentration of tracking capability, based on the reach of a tracker on popular websites and apps. Our results reveal that tracker prominence and parent-subsidiary relationships have significant impact on accurately measuring concentration

Reliable online social network data collection

Large quantities of information are shared through online social networks, making them attractive sources of data for social network research. When studying the usage of online social networks, these data may not describe properly users’ behaviours. For instance, the data collected often include content shared by the users only, or content accessible to the researchers, hence obfuscating a large amount of data that would help understanding users’ behaviours and privacy concerns. Moreover, the data collection methods employed in experiments may also have an effect on data reliability when participants self-report inacurrate information or are observed while using a simulated application. Understanding the effects of these collection methods on data reliability is paramount for the study of social networks; for understanding user behaviour; for designing socially-aware applications and services; and for mining data collected from such social networks and applications. This chapter reviews previous research which has looked at social network data collection and user behaviour in these networks. We highlight shortcomings in the methods used in these studies, and introduce our own methodology and user study based on the Experience Sampling Method; we claim our methodology leads to the collection of more reliable data by capturing both those data which are shared and not shared. We conclude with suggestions for collecting and mining data from online social networks.Postprin

A realisation of ethical concerns with smartphone personal health monitoring apps

The pervasiveness of smartphones has facilitated a new way in which owners of devices can monitor their health using applications (apps) that are installed on their smartphones. Smartphone personal health monitoring (SPHM) collects and stores health related data of the user either locally or in a third party storing mechanism. They are also capable of giving feedback to the user of the app in response to conditions are provided to the app therefore empowering the user to actively make decisions to adjust their lifestyle. Regardless of the benefits that this new innovative technology offers to its users, there are some ethical concerns to the user of SPHM apps. These ethical concerns are in some way connected to the features of SPHM apps. From a literature survey, this paper attempts to recognize ethical issues with personal health monitoring apps on smartphones, viewed in light of general ethics of ubiquitous computing. The paper argues that there are ethical concerns with the use of SPHM apps regardless of the benefits that the technology offers to users due to SPHM apps’ ubiquity leaving them open to known and emerging ethical concerns. The paper then propose a need further empirical research to validate the claim

Money Walks: A Human-Centric Study on the Economics of Personal Mobile Data

In the context of a myriad of mobile apps which collect personally identifiable information (PII) and a prospective market place of personal data, we investigate a user-centric monetary valuation of mobile PII. During a 6-week long user study in a living lab deployment with 60 participants, we collected their daily valuations of 4 categories of mobile PII (communication, e.g. phonecalls made/received, applications, e.g. time spent on different apps, location and media, photos taken) at three levels of complexity (individual data points, aggregated statistics and processed, i.e. meaningful interpretations of the data). In order to obtain honest valuations, we employ a reverse second price auction mechanism. Our findings show that the most sensitive and valued category of personal information is location. We report statistically significant associations between actual mobile usage, personal dispositions, and bidding behavior. Finally, we outline key implications for the design of mobile services and future markets of personal data.Comment: 15 pages, 2 figures. To appear in ACM International Joint Conference on Pervasive and Ubiquitous Computing (Ubicomp 2014