Your Location has been Shared 5,398 Times!: A Field Study on Mobile App Privacy Nudging

Smartphone users are often unaware of the data collected by apps running on their devices. We report on a study that evaluates the benefits of giving users an app permission manager and sending them nudges intended to raise their awareness of the data collected by their apps. Our study provides both qualitative and quantitative evidence that these approaches are complementary and can each play a significant role in empowering users to more effectively control their privacy. For instance, even after a week with access to the permission manager, participants benefited from nudges showing them how often some of their sensitive data was being accessed by apps, with 95% of participants reassessing their permissions, and 58% of them further restricting some of their permissions. We discuss how participants interacted both with the permission manager and the privacy nudges, analyze the effectiveness of both solutions, and derive some recommendations.

[1]  Yang Wang,et al.  A field trial of privacy nudges for facebook , 2014, CHI.

[2]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[3]  Bongshin Lee,et al.  Nudging People Away from Privacy-Invasive Mobile Apps through Visual Framing , 2013, INTERACT.

[4]  Alessandro Acquisti,et al.  Privacy and rationality in individual decision making , 2005, IEEE Security & Privacy.

[5]  Norman M. Sadeh,et al.  Modeling Users' Mobile App Privacy Preferences: Restoring Usability in a Sea of Permission Settings , 2014, SOUPS.

[6]  Lorrie Faith Cranor,et al.  Privacy as part of the app decision-making process , 2013, CHI.

[7]  Lorrie Faith Cranor,et al.  "Little brothers watching you": raising awareness of data leaks on smartphones , 2013, SOUPS.

[8]  David A. Wagner,et al.  Android permissions: user attention, comprehension, and behavior , 2012, SOUPS.

[9]  David A. Wagner,et al.  Choice Architecture and Smartphone Privacy: There's a Price for That , 2012, WEIS.

[10]  Ninghui Li,et al.  Effective Risk Communication for Android Apps , 2013, IEEE Transactions on Dependable and Secure Computing.

[11]  Norman M. Sadeh,et al.  Expectation and purpose: understanding users' mental models of mobile app privacy through crowdsourcing , 2012, UbiComp.

[12]  Malcolm Hall,et al.  ProtectMyPrivacy: detecting and mitigating privacy leaks on iOS devices using crowdsourcing , 2013, MobiSys '13.

[13]  Andrew Fisher Location Privacy: User Behavior in the Field , 2012 .

[14]  Byung-Gon Chun,et al.  TaintDroid: an information flow tracking system for real-time privacy monitoring on smartphones , 2014, Commun. ACM.

[15]  Alessandro Acquisti,et al.  Sleights of privacy: framing, disclosures, and the limits of transparency , 2013, SOUPS.

[16]  George Loewenstein,et al.  Enhanced active choice: A new method to motivate behavior change , 2011 .

[17]  Alexandre Padilla Review of Richard H. Thaler and Cass R. Sunstein, Nudge: Improving decisions about health, wealth, and happiness , 2009 .

[18]  Xinwen Zhang,et al.  Apex: extending Android permission model and enforcement with user-defined runtime constraints , 2010, ASIACCS '10.

[19]  Alessandro Acquisti,et al.  Nudging Users Towards Privacy on Mobile Devices , 2011 .

[20]  Seungyeop Han,et al.  These aren't the droids you're looking for: retrofitting android to protect data from imperious applications , 2011, CCS '11.

[21]  Seungyeop Han,et al.  Short paper: enhancing mobile application permissions with runtime feedback and constraints , 2012, SPSM '12.

[22]  Christopher Krügel,et al.  PiOS: Detecting Privacy Leaks in iOS Applications , 2011, NDSS.

[23]  Todd Millstein,et al.  Dr. Android and Mr. Hide: Fine-grained security policies on unmodified Android , 2011 .

[24]  Bettina Berendt,et al.  E-privacy in 2nd generation E-commerce: privacy preferences versus actual behavior , 2001, EC '01.

[25]  Marisa E. Campbell CHI 2004 , 2004, INTR.

[26]  Colin Potts,et al.  Privacy policies as decision-making tools: an evaluation of online privacy notices , 2004, CHI.

[27]  Chris Arney Nudge: Improving Decisions about Health, Wealth, and Happiness , 2015 .

[28]  Lorrie Faith Cranor,et al.  A "nutrition label" for privacy , 2009, SOUPS.

[29]  Todd D. Millstein,et al.  Dr. Android and Mr. Hide: fine-grained permissions in android applications , 2012, SPSM '12.

[30]  Norman M. Sadeh,et al.  Reconciling mobile app privacy and usability on smartphones: could user privacy profiles help? , 2014, WWW.

[31]  Alessandro Acquisti,et al.  Nudging Privacy: The Behavioral Economics of Personal Information , 2009, IEEE Security & Privacy.

[32]  Matthew Smith,et al.  Using personal examples to improve risk communication for security & privacy decisions , 2014, CHI.

[33]  Irina Shklovski,et al.  Leakiness and creepiness in app space: perceptions of privacy and mobile app use , 2014, CHI.

[34]  David A. Wagner,et al.  I've got 99 problems, but vibration ain't one: a survey of smartphone users' concerns , 2012, SPSM '12.

[35]  Marco Gruteser,et al.  A Field Study of Run-Time Location Access Disclosures on Android Smartphones , 2014 .