2019
DOI: 10.2478/popets-2019-0037
|View full text |Cite
|
Sign up to set email alerts
|

MAPS: Scaling Privacy Compliance Analysis to a Million Apps

Abstract: The app economy is largely reliant on data collection as its primary revenue model. To comply with legal requirements, app developers are often obligated to notify users of their privacy practices in privacy policies. However, prior research has suggested that many developers are not accurately disclosing their apps’ privacy practices. Evaluating discrepancies between apps’ code and privacy policies enables the identification of potential compliance issues. In this study, we introduce the Mobile App Privacy Sy… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

4
159
0

Year Published

2020
2020
2022
2022

Publication Types

Select...
5
3
1

Relationship

1
8

Authors

Journals

citations
Cited by 132 publications
(163 citation statements)
references
References 37 publications
4
159
0
Order By: Relevance
“…While there is research on making PPs understandable for end users [34,58,72], there is minimal research on helping developers craft PPs. The lack of support can be seen in the wild, where there are still numerous apps without PPs [77] as well PPs that contain misleading and contradictory statements [7]. In our data, many questions ask for help creating privacy policies.…”
Section: Supporting Privacy Policy Creation Tasksmentioning
confidence: 99%
“…While there is research on making PPs understandable for end users [34,58,72], there is minimal research on helping developers craft PPs. The lack of support can be seen in the wild, where there are still numerous apps without PPs [77] as well PPs that contain misleading and contradictory statements [7]. In our data, many questions ask for help creating privacy policies.…”
Section: Supporting Privacy Policy Creation Tasksmentioning
confidence: 99%
“…Overall, our results show that menstruapps employ slightly better privacy practices than those in healthrelated apps or the general app ecosystem [12,31,53,57]. Yet, these apps still have a significant number of issues that could lead to serious consequences given the data they handle consists of information like sexual orientation, menstruation and pregnancy.…”
Section: Discussionmentioning
confidence: 93%
“…Comparatively, menstruapps perform better than average in the market. Zimmeck et al [57] studied the privacy policies of 1 million apps and found that only 50% had policies linked in the Play Store.…”
Section: Policy Availabilitymentioning
confidence: 99%
“…In order to achieve compliance for data transfer requests, major tech companies started the Data Transfer Project (DTP) with the goal of connecting any two participating services for the purpose of transferring data upon a user's request from one service to another [8]. Various academic work on compliance analysis seeks, among others, to identify software implementations that are contradictory to privacy laws, e.g., by identifying discrepancies between privacy practices described (or omitted) in privacy policies and actual code functionality [18,28,29,31,32].…”
Section: The Emerging Privacy Tech Industrymentioning
confidence: 99%