Privacy‐preserving targeted mobile advertising: requirements, design and a prototype implementation

With the continued proliferation of mobile devices, the collection of information associated with such devices and their users—such as location, installed applications and cookies associated with built‐in browsers—has become increasingly straightforward. By analysing such information, organisations are often able to deliver more relevant and better focused advertisements. Of course, such targeted mobile advertising gives rise to a number of concerns, with privacy‐related concerns being prominent. In this paper, we discuss the necessary balance that needs to be struck between privacy and utility in this emerging area and propose privacy‐preserving targeted mobile advertising as a solution that tries to achieve that balance. Our aim is to develop a solution that can be deployed by users but is also palatable to businesses that operate in this space. This paper focuses on the requirements and design of privacy‐preserving targeted mobile advertising and also describes an initial prototype. We also discuss how more detailed technical aspects and a complete evaluation will underpin our future work in this area. Copyright © 2016 John Wiley & Sons, Ltd.

[1]  Saikat Guha,et al.  Serving Ads from localhost for Performance, Privacy, and Profit , 2009, HotNets.

[2]  Suman Nath,et al.  Privacy-aware personalization for mobile advertising , 2012, CCS.

[3]  Andrew P. Martin,et al.  Privacy-enhanced bi-directional communication in the Smart Grid using trusted computing , 2014, 2014 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[4]  Roksana Boreli,et al.  ProfileGuard: Privacy Preserving Obfuscation for Mobile User Profiles , 2014, WPES.

[5]  Thomas Schreck,et al.  Mobile-sandbox: having a deeper look into android applications , 2013, SAC '13.

[6]  Byung-Gon Chun,et al.  TaintDroid: an information flow tracking system for real-time privacy monitoring on smartphones , 2014, Commun. ACM.

[7]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[8]  Huy Kang Kim,et al.  Andro-profiler: anti-malware system based on behavior profiling of mobile malware , 2014, WWW.

[9]  Lukasz Ziarek,et al.  Flow Permissions for Android , 2013, 2013 28th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[10]  Susan B. Barnes,et al.  A privacy paradox: Social networking in the United States , 2006, First Monday.

[11]  Benjamin Livshits,et al.  RePriv: Re-imagining Content Personalization and In-browser Privacy , 2011, 2011 IEEE Symposium on Security and Privacy.

[12]  Daniel R. Horne,et al.  The Privacy Paradox: Personal Information Disclosure Intentions versus Behaviors , 2007 .

[13]  Yeong-Sheng Chen,et al.  Personalized Internet Advertisement Recommendation Service Based on Keyword Similarity , 2015, 2015 IEEE 39th Annual Computer Software and Applications Conference.

[14]  Ting-Peng Liang,et al.  Consumer Attitudes Toward Mobile Advertising: An Empirical Study , 2004, Int. J. Electron. Commer..

[15]  Alice E. Marwick 'I’m a Lot More Interesting than a Friendster Profile': Identity Presentation, Authenticity and Power in Social Networking Services , 2005 .

[16]  Saikat Guha,et al.  Privad: Practical Privacy in Online Advertising , 2011, NSDI.

[17]  Mary J. Culnan,et al.  Strategies for reducing online privacy risks: Why consumers read (or don't read) online privacy notices , 2004 .

[18]  Hamed Haddadi,et al.  MobiAd: private and scalable mobile advertising , 2010, MobiArch '10.

[19]  V. Virtanen,et al.  An Empirical Study of the Drivers of Consumer Acceptance of Mobile Advertising , 2007 .

[20]  Robert E. Smith,et al.  Using Advertising Alliances for New Product Introduction: Interactions between Product Complementarity and Promotional Strategies , 1999 .

[21]  Helen Nissenbaum,et al.  Adnostic: Privacy Preserving Targeted Advertising , 2010, NDSS.

[22]  Urs Gasser,et al.  Teens, social media, and privacy , 2013 .

[23]  Alastair R. Beresford,et al.  MockDroid: trading privacy for application functionality on smartphones , 2011, HotMobile '11.

[24]  Simin Nadjm-Tehrani,et al.  Crowdroid: behavior-based malware detection system for Android , 2011, SPSM '11.

[25]  Bernhard Debatin,et al.  Facebook and Online Privacy: Attitudes, Behaviors, and Unintended Consequences , 2009, J. Comput. Mediat. Commun..

[26]  Catherine E. Tucker,et al.  The economics of advertising and privacy , 2012 .

[27]  Agatha Cole,et al.  Internet Advertising after Sorrell v. IMS Health: A Discussion on Privacy and the First Amendment , 2012 .

[28]  Süleyman Barutçu,et al.  Attitudes towards mobile marketing tools: A study of Turkish consumers , 2007 .

[29]  Johannes Sametinger,et al.  Permission Tracking in Android , 2012 .

[30]  H U W Ratnayake,et al.  Introduction to Android , 2017 .

[31]  Catherine Tucker,et al.  Social Networks, Personalized Advertising, and Privacy Controls , 2013 .

[32]  Mayuram S. Krishnan,et al.  The Personalization Privacy Paradox: An Empirical Evaluation of Information Transparency and the Willingness to be Profiled Online for Personalization , 2006, MIS Q..

[33]  Zeynep Tufekci Can You See Me Now? Audience and Disclosure Regulation in Online Social Network Sites , 2008 .

[34]  Yong Guan,et al.  Detecting Click Fraud in Pay-Per-Click Streams of Online Advertising Networks , 2008, 2008 The 28th International Conference on Distributed Computing Systems.

[35]  Hamed Haddadi,et al.  Personal Data: Thinking Inside the Box , 2015, Aarhus Conference on Critical Alternatives.

[36]  Leibniz-Informationszentrum Wirtschaft Unwillingness to pay for privacy: A field experiment , 2011 .

[37]  Hamed Haddadi,et al.  Targeted Advertising on the Handset: Privacy and Security Challenges , 2011, Pervasive Advertising.

[38]  S. Utz,et al.  The privacy paradox on social network sites revisited: The role of individual characteristics and group norms , 2009 .

[39]  David A. Wagner,et al.  Android permissions: user attention, comprehension, and behavior , 2012, SOUPS.

[40]  Xinwen Zhang,et al.  Apex: extending Android permission model and enforcement with user-defined runtime constraints , 2010, ASIACCS '10.

[41]  Yajin Zhou,et al.  Taming Information-Stealing Smartphone Applications (on Android) , 2011, TRUST.

[42]  Heng Yin,et al.  DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis , 2012, USENIX Security Symposium.

[43]  M. Calo Against Notice Skepticism In Privacy (And Elsewhere) , 2011 .

[44]  Kirsten E. Martin Privacy Notices as Tabula Rasa: An Empirical Investigation into how Complying with a Privacy Notice is Related to Meeting Privacy Expectations Online , 2015 .