Aarhus University Seal / Aarhus Universitets segl

Follow My Recommendations: A Personalized Privacy Assistant for Mobile App Permissions

Publikation: Bidrag til bog/antologi/rapport/proceedingKonferencebidrag i proceedingsForskningpeer review

  • Bin Liu, Carnegie Mellon University, USA
  • Mads Schaarup Andersen
  • Florian Schaub, Carnegie Mellon University, USA
  • Hazim Almuhimedi, Carnegie Mellon University, USA
  • Shikun Zhang, Carnegie Mellon University, USA
  • Norman Sadeh, Carnegie Mellon University, USA
  • Alessandro Acquisti, Carnegie Mellon University, USA
  • Yuvraj Agarwal, Carnegie Mellon University, USA
  • Alexandra Instituttet A/S
Modern smartphone platforms have millions of apps, many of which request permissions to access private data and resources, like user accounts or location. While these smartphone platforms provide varying degrees of control over these permissions, the sheer number of decisions that users are expected to manage has been shown to be unrealistically high. Prior research has shown that users are often unaware of, if not uncomfortable with, many of their permission settings. Prior work also suggests that it is theoretically possible to predict many of the privacy settings a user would want by asking the user a small number of questions. However, this approach has neither been operationalized nor evaluated with actual users before. We report on a field study (n=72) in which we implemented and evaluated a Personalized Privacy Assistant (PPA) with participants using their own Android devices. The results of our study are encouraging. We find that 78.7% of the recommendations made by the PPA were adopted by users. Following initial recommendations on permission settings, participants were motivated to further review and modify their settings with daily “privacy nudges.” Despite showing substantial engagement with these nudges, participants only changed 5.1% of the settings previously adopted based on the PPA’s recommendations. The PPA and its recommendations were perceived as useful and usable. We discuss the implications of our results for mobile permission management and the design of personalized privacy assistant solutions.
TitelSOUPS 2016 : Twelfth Symposium on Usable Privacy and Security
Antal sider16
ForlagUSENIX - The Advanced Computing Systems Association
Udgivelsesår6 dec. 2016
ISBN (Elektronisk)ISBN 978-1-931971-31-7
StatusUdgivet - 6 dec. 2016
BegivenhedTwelfth Symposium on Usable Privacy and Security - Denver, Colorado, USA
Varighed: 22 jun. 201624 jun. 2016


KonferenceTwelfth Symposium on Usable Privacy and Security
ByDenver, Colorado

Se relationer på Aarhus Universitet Citationsformater

ID: 110208673