PrivacyInformer : an automated privacy description generator for the MIT App Inventor

With advancements in mobile communication technology, mobile privacy is rapidly emerging as a field of concern for mobile developers, industry leaders and the public. Privacy issues in the mobile applications market could compromise the well-being of smartphone consumers, yet developers continue to struggle with producing appropriate privacy documents. As a part of my research work, I have developed a technical solution named PrivacyInformer, as an add-on to the MIT App Inventor. During my presentation I will show how PrivacyInformer can automatically produce privacy descriptions in both human-readable and machine-readable format, by simply analyzing the source code of the App Inventor project. This serves as an enabling mechanism for better visual representation of privacy-related information and smart matching of users' privacy preferences with mobile applications.

[1]  Marc Langheinrich,et al.  A Privacy Awareness System for Ubiquitous Computing Environments , 2002, UbiComp.

[2]  Steve Hanna,et al.  Android permissions demystified , 2011, CCS '11.

[3]  A. Anonymous,et al.  Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy , 2013, J. Priv. Confidentiality.

[4]  Dan S. Wallach,et al.  A case of collusion: a study of the interface between ad libraries and their apps , 2013, SPSM '13.

[5]  David A. Wagner,et al.  Android permissions: user attention, comprehension, and behavior , 2012, SOUPS.

[6]  Zhuoqing Morley Mao,et al.  AppProfiler: a flexible method of exposing privacy-related behavior in android applications to end users , 2013, CODASPY.

[7]  David A. Wagner,et al.  The Effectiveness of Application Permissions , 2011, WebApps.

[8]  Yajin Zhou,et al.  Systematic Detection of Capability Leaks in Stock Android Smartphones , 2012, NDSS.

[9]  Rajesh Krishna Balan,et al.  The case for mobile forensics of private data leaks: towards large-scale user-oriented privacy protection , 2013, APSys.

[10]  Jeremie Badaroux MIT App Inventor , 2013 .

[11]  Swarat Chaudhuri,et al.  A Study of Android Application Security , 2011, USENIX Security Symposium.

[12]  Lorrie Faith Cranor,et al.  P3P: Making Privacy Policies More Useful , 2003, IEEE Secur. Priv..

[13]  Aleecia M. McDonald,et al.  Nano-Notice: Privacy Disclosure at a Mobile Scale , 2013 .

[14]  Lorrie Faith Cranor,et al.  A "nutrition label" for privacy , 2009, SOUPS.

[15]  Lukasz Ziarek,et al.  Information flows as a permission mechanism , 2014, ASE.

[16]  Lorrie Faith Cranor,et al.  Standardizing privacy notices: an online study of the nutrition label approach , 2010, CHI.

[17]  Aleecia M. McDonald,et al.  The Cost of Reading Privacy Policies , 2009 .

[18]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[19]  Shaileen Crawford Pokress,et al.  MIT App Inventor: Enabling Personal Mobile Computing , 2013, ArXiv.