An Exploratory Study of Mobile Application Privacy Policies

I reviewed the privacy policies for the 110 apps included in a study of sensitive data sharing by mobile apps. [1] I focused on (1) the prevalence of privacy policies for mobile applications and (2) what, if anything, those policies said about the use of encryption for data in transit. 37 41 15 12 3 2 0% 20% 40% 60% 80% 100% iOS apps Android apps Link Dead link No link Graves J. An Exploratory Study of Mobile Application Privacy Policies. Technology Science. 2015103002. October 30, 2015. http://techscience.org/a/2015103002/ 2 Results summary: For the 110 apps I reviewed, the app store pages provided working links to privacy policies for 67% of the iOS apps and 75% of the Android apps. Of the apps with accessible privacy policies, 62% contained general language saying that security measures would be used but did not specifically promise that encryption would be used, 31% included language implying that the apps encrypted some types of data in transit, 5% said nothing about security, and one policy (2%) affirmatively stated that encryption was not used (although, according to our testing, it actually did).