Balash, David G. scite author profile

Balash, David G.

3Publications

4Citation Statements Received

109Citation Statements Given

How they've been cited

How they cite others

106

Affiliations

Publications

Order By: Most citations

Longitudinal Analysis of Privacy Labels in the Apple App Store

G.¹,

Ali²,

Wu³

et al. 2022

Preprint

View full text Add to dashboard Cite

In December of 2020, Apple started to require app developers to annotate their apps with privacy labels that indicate what data is collected and how it is used. We collected and analyzed 36 weekly snapshots of 1.6 million apps between July 15, 2021 and March 17, 2022 to better understand the privacy label ecosystem, the categories and types of data collected, and the purposes that developers used to justify that collection. Nearly two years after privacy labels launched, only 60.5% of apps have privacy labels, increasing by an average of 0.5% per week, mostly driven by new apps rather than older apps coming into compliance. Of apps with labels, 17.3% collect data used to track users, 37.6% collect data that is linked to a user identity, and 41.9% collect data that is not linked. Only 42.1% of apps with labels indicate that they do not collect any data. We find that because many apps indicate that they do not collect any data, even apps that would seem likely to collect or link data, trusting the veracity of privacy labels is still an open question.

show abstract

Are Privacy Dashboards Good for End Users? Evaluating User Perceptions and Reactions to Google's My Activity (Extended Version)

Farke¹,

G.²,

Golla³

et al. 2021

Preprint

View full text Add to dashboard Cite

Privacy dashboards and transparency tools help users review and manage the data collected about them online. Since 2016, Google has offered such a tool, My Activity, which allows users to review and delete their activity data from Google services. We conducted an online survey with n = 153 participants to understand if Google's My Activity, as an example of a privacy transparency tool, increases or decreases endusers' concerns and benefits regarding data collection. While most participants were aware of Google's data collection, the volume and detail was surprising, but after exposure to My Activity, participants were significantly more likely to be both less concerned about data collection and to view data collection more beneficially. Only 25 % indicated that they would change any settings in the My Activity service or change any behaviors. This suggests that privacy transparency tools are quite beneficial for online services as they garner trust with their users and improve their perceptions without necessarily changing users' behaviors. At the same time, though, it remains unclear if such transparency tools actually improve end user privacy by sufficiently assisting or motivating users to change or review data collection settings.

show abstract

Security and Privacy Perceptions of Third-Party Application Access for Google Accounts (Extended Version)

G.¹,

Wu²,

Miles³

et al. 2021

Preprint

View full text Add to dashboard Cite

Online services like Google provide a variety of application programming interfaces (APIs). These online APIs enable authenticated third-party services and applications (apps) to access a user's account data for tasks such as single sign-on (SSO), calendar integration, and sending email on behalf of the user, among others. Despite their prevalence, API access could pose significant privacy and security risks, where a thirdparty could have unexpected privileges to a user's account. To gauge users' perceptions and concerns regarding third-party apps that integrate with online APIs, we performed a multipart online survey of Google users. First, we asked n = 432 participants to recall if and when they allowed third-party access to their Google account: 89% recalled using at least one SSO and 52% remembered at least one third-party app. In the second survey, we re-recruited n = 214 participants to ask about specific apps and SSOs they've authorized on their own Google accounts. We collected in-the-wild data about users' actual SSOs and authorized apps: 86% used Google SSO on at least one service, and 67% had at least one third-party app authorized. After examining their apps and SSOs, participants expressed the most concern about access to personal information like email addresses and other publicly shared info. However, participants were less concerned with broader-and perhaps more invasive-access to calendars, emails, or cloud storage (as needed by third-party apps). This discrepancy may be due in part to trust transference to apps that integrate with Google, forming an implied partnership. Our results suggest opportunities for design improvements to the current third-party management tools offered by Google; for example, tracking recent access, automatically revoking access due to app disuse, and providing permission controls.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Balash, David G.

Longitudinal Analysis of Privacy Labels in the Apple App Store

Are Privacy Dashboards Good for End Users? Evaluating User Perceptions and Reactions to Google's My Activity (Extended Version)

Security and Privacy Perceptions of Third-Party Application Access for Google Accounts (Extended Version)

Contact Info

Product

Resources

About