Understanding mobile users' privacy expectations: A recommendation-based method through crowdsourcing

Rui Liu, Junbin Liang, Jiannong Cao, Kehuan Zhang, Wenyu Gao, Lei Yang, Ruiyun Yu

Research output: Journal article publicationJournal articleAcademic researchpeer-review

5 Citations (Scopus)

Abstract

Privacy is a pivotal issue of mobile apps because there is a plethora of personal and sensitive information in smartphones. Many mechanisms and tools are proposed to detect and mitigate privacy leaks. However, they rarely consider users' preferences and expectations. Users hold various expectation towards different mobile apps. For example, users may allow a social app to access their photos rather than a game app because it goes beyond users' expectation to access personal photos. Therefore, we believe it is practical and beneficial to understand users' privacy expectations on various mobile apps and help them mitigate privacy risks introduced by smartphones. To achieve this objective, we propose and implement PriWe, a system based on crowdsourcing driven by users who contribute privacy permission settings of the apps installed on their smartphones. PriWe leverages the crowdsourced permission settings to understand users' privacy expectations and provides app specific recommendations to mitigate information leakage. We deployed PriWe in the real world for evaluation. According to the feedback of 78 users who evaluated our system and 422 participants who completed our survey, PriWe is able to make proper recommendations which can match participants' privacy expectations and are mostly accepted by users, thereby help them to mitigate privacy disclosure in smartphones.

Original languageEnglish
Article number7776979
Pages (from-to)304-318
Number of pages15
JournalIEEE Transactions on Services Computing
Volume12
Issue number2
DOIs
Publication statusPublished - 1 Mar 2019

Keywords

  • crowdsourcing
  • mobile applications
  • Mobile privacy
  • recommendation

ASJC Scopus subject areas

  • Hardware and Architecture
  • Computer Science Applications
  • Computer Networks and Communications
  • Information Systems and Management

Cite this