Charting App Developers’ Journey Through Privacy Regulation Features in Ad Networks

Tahaei, Mohammad; Ramokapane, Kopo M.; Li, Tianshi; Hong, Jason I.; Rashid, Awais

doi:10.56553/popets-2022-0061

Cited by 14 publications

(23 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…SDK providers should coordinate with app stores to enable providing timely and up-todate advice to developers on how to exclude data collected from child users from being used for prohibited activities. This would relieve developers from having to search SDK documentation for compliance advice, which was shown to be challenging [68]. Since developers were found to keep using default settings of thirdparty SDKs [55], modifying these settings to be privacypreserving (e.g., serving only contextual ads) would also help reduce the burden of compliance.…”

Section: Discussionmentioning

confidence: 99%

Developers Say the Darnedest Things: Privacy Compliance Processes Followed by Developers of Child-Directed Apps

Alomar

Egelman

2022

PoPETs

View full text Add to dashboard Cite

We investigate the privacy compliance processes followed by developers of child-directed mobile apps. While children’s online privacy laws have existed for decades in the US, prior research found relatively low rates of compliance. Yet, little is known about how compliance issues come to exist and how compliance processes can be improved to address them. Our results, based on surveys (n = 127) and interviews (n = 27), suggest that most developers rely on app markets to identify privacy issues, they lack complete understandings of the third-party SDKs they integrate, and they find it challenging to ensure that these SDKs are kept upto-date and privacy-related options are configured correctly. As a result, we find that well-resourced app developers outsource most compliance decisions to auditing services, and that smaller developers follow “best-effort” models, by assuming that their apps are compliant so long as they have not been rejected by app markets. We highlight the need for usable tools that help developers identify and fix mobile app privacy issues.

show abstract

Section: Discussionmentioning

confidence: 99%

Developers Say the Darnedest Things: Privacy Compliance Processes Followed by Developers of Child-Directed Apps

Alomar

Egelman

2022

PoPETs

View full text Add to dashboard Cite

show abstract

“…In terms of privacy, it means that the privacy implementation decisions of one developer can directly impact the privacy behavior of all software that uses that component, often in hardto-detect ways. A typical example is advertising libraries that may collect private data, such as location, without the developer's knowledge [8]. A less obvious example is error logs where a thirdparty library may collect crash reports containing personal information [9].…”

Section: Software Developers Have Become Anmentioning

confidence: 99%

Section: Software Developers Have Become Anmentioning

confidence: 99%

“…Even when a developer wants to preserve their users' privacy, the software ecosystem's complexity and the stakeholders' differing goals can make it challenging [8], [11]. Returning to the example of an advertising library, many such libraries offer developers the ability to limit data collection, but finding the settings may involve going through multiple layers of settings or looking up what sample code function parameters actually do [12], [8]. Given the challenges, it is unsurprising that some developers opt to use more straightforward approaches such as feeding libraries random numbers instead of potentially sensitive data or finding ways to avoid using software from larger companies perceived as privacy-unfriendly [5], [13].…”

Section: Software Developers Have Become Anmentioning

confidence: 99%

“…In a survey with 400 participants with mobile app development experience, we evaluated the impact of design in privacy-related interfaces on developers' choices and the possibility of nudging them to make a privacy-friendly decision [11]. We further assessed developers' understanding and ability to find privacy-related interfaces on mobile advertising networks by running 11 think-aloud sessions with developers, two usability experts, and several in-depth sessions with a senior developer, which gave us a chance to extensively analyze the usability of privacy interfaces directed at developers [8], [12], [14].…”

Section: How Did We Come Up With the Insights?mentioning

confidence: 99%

See 2 more Smart Citations

Embedding Privacy Into Design Through Software Developers: Challenges and Solutions

Tahaei

Vaniea

Rashid

2023

IEEE Secur. Privacy

View full text Add to dashboard Cite

show abstract

The Role of Human-Centered AI in User Modeling, Adaptation, and Personalization—Models, Frameworks, and Paradigms

Torkamaan,

Tahaei,

Buijsman

et al. 2024

Human–Computer Interaction Series

View full text Add to dashboard Cite

Charting App Developers’ Journey Through Privacy Regulation Features in Ad Networks

Cited by 14 publications

References 39 publications

Developers Say the Darnedest Things: Privacy Compliance Processes Followed by Developers of Child-Directed Apps

Developers Say the Darnedest Things: Privacy Compliance Processes Followed by Developers of Child-Directed Apps

Embedding Privacy Into Design Through Software Developers: Challenges and Solutions

The Role of Human-Centered AI in User Modeling, Adaptation, and Personalization—Models, Frameworks, and Paradigms

Contact Info

Product

Resources

About