Privacy is a pivotal issue of mobile apps because there is a plethora of personal and sensitive information in smartphones. Many mechanisms and tools are proposed to detect and mitigate privacy leaks. However, they rarely consider users' preferences and expectations. Users hold various expectation towards different mobile apps. For example, users may allow a social app to access their photos rather than a game app because it goes beyond users' expectation to access personal photos. Therefore, we believe it is practical and beneficial to understand users' privacy expectations on various mobile apps and help them mitigate privacy risks introduced by smartphones. To achieve this objective, we propose and implement PriWe, a system based on crowdsourcing driven by users who contribute privacy permission settings of the apps installed on their smartphones. PriWe leverages the crowdsourced permission settings to understand users' privacy expectations and provides app specific recommendations to mitigate information leakage. We deployed PriWe in the real world for evaluation. According to the feedback of 78 users who evaluated our system and 422 participants who completed our survey, PriWe is able to make proper recommendations which can match participants' privacy expectations and are mostly accepted by users, thereby help them to mitigate privacy disclosure in smartphones.
- mobile applications
- Mobile privacy
ASJC Scopus subject areas
- Hardware and Architecture
- Computer Science Applications
- Computer Networks and Communications
- Information Systems and Management