TY - JOUR
T1 - PPChecker
T2 - Towards Accessing the Trustworthiness of Android Apps' Privacy Policies
AU - Yu, Le
AU - Luo, Xiapu
AU - Chen, Jiachi
AU - Zhou, Hao
AU - Zhang, Tao
AU - Chang, Henry
AU - Leung, Hareton K.N.
PY - 2018
Y1 - 2018
N2 - Recent years have witnessed a sharp increase of malicious apps that steal users' personal information. To address users' concerns about privacy risks and to comply with data protection laws, more and more apps are supplied with privacy policies written in natural language to help users to understand an app's privacy practices. However, little is known whether these privacy policies are trustworthy or not. Questionable privacy policies may be prepared by careless app developers or someone with malicious intention. In this paper, we carry out a systematic study on privacy policy by proposing a novel approach to automatically identify five kinds of problems in privacy policy. After tackling several challenging issues, we implement the approach in a system, named PPChecker, and evaluate it with real apps and their privacy policies. The experimental results show that PPChecker can effectively identify questionable privacy policies with high precision. Applying PPChecker to 2,044 popular apps, we find that 1,429 apps (i.e., 69.9\%) have at least one kind of problems. This study sheds light on the research of improving and regulating apps' privacy policies.
AB - Recent years have witnessed a sharp increase of malicious apps that steal users' personal information. To address users' concerns about privacy risks and to comply with data protection laws, more and more apps are supplied with privacy policies written in natural language to help users to understand an app's privacy practices. However, little is known whether these privacy policies are trustworthy or not. Questionable privacy policies may be prepared by careless app developers or someone with malicious intention. In this paper, we carry out a systematic study on privacy policy by proposing a novel approach to automatically identify five kinds of problems in privacy policy. After tackling several challenging issues, we implement the approach in a system, named PPChecker, and evaluate it with real apps and their privacy policies. The experimental results show that PPChecker can effectively identify questionable privacy policies with high precision. Applying PPChecker to 2,044 popular apps, we find that 1,429 apps (i.e., 69.9\%) have at least one kind of problems. This study sheds light on the research of improving and regulating apps' privacy policies.
KW - Data protection
KW - Force
KW - Google
KW - Mobile handsets
KW - Natural languages
KW - Privacy
UR - http://www.scopus.com/inward/record.url?scp=85058875494&partnerID=8YFLogxK
U2 - 10.1109/TSE.2018.2886875
DO - 10.1109/TSE.2018.2886875
M3 - Journal article
AN - SCOPUS:85058875494
SN - 0098-5589
JO - IEEE Transactions on Software Engineering
JF - IEEE Transactions on Software Engineering
ER -