The Privacy and Security Behaviors of Smartphone App Developers

Balebako, Rebecca; Marsh, Abigail A.; Lin, Jialiu; Hong, Jason I.; Cranor, Lorrie Faith

doi:10.14722/usec.2014.23006

Cited by 163 publications

(157 citation statements)

References 6 publications

Supporting

Mentioning

150

Contrasting

Unclassified

Order By: Relevance

“…The mobile application developers (''devs'') frequently responsible for making decisions about user data range from hobbyists to consultants to independent contractors to employees of multinational corporations (VisionMobile 2016). Low barriers to entry enable a vibrant but deprofessionalized development ecosystem (Cravens 2012), and surveys of application developers have revealed that many lack knowledge of current best practices for privacy and data protection (Balebako et al 2014). Devs also rely on distribution by two major international platforms: the Apple App Store and Google's Play Marketplace (VisionMobile 2016).…”

Section: Introduction: Investigating Work Dynamics That Impact Privacmentioning

confidence: 99%

Linking Platforms, Practices, and Developer Ethics: Levers for Privacy Discourse in Mobile Application Development

Shilton

Greene

2017

J Bus Ethics

View full text Add to dashboard Cite

Privacy is a critical challenge for corporate social responsibility in the mobile device ecosystem. Mobile application firms can collect granular and largely unregulated data about their consumers, and must make ethical decisions about how and whether to collect, store, and share these data. This paper conducts a discourse analysis of mobile application developer forums to discover when and how privacy conversations, as a representative of larger ethical debates, arise during development. It finds that online forums can be useful spaces for ethical deliberations, as developers use these spaces to define, discuss, and justify their values. It also discovers that ethical discussions in mobile development are prompted by work practices which vary considerably between iOS and Android, today's two major mobile platforms. For educators, regulators, and managers interested in encouraging more ethical discussion and deliberation in mobile development, these work practices provide a valuable point of entry. But while the triggers for privacy conversations are quite different between platforms, ultimately the justifications for privacy are similar. Developers for both platforms use moral and cautionary tales, moral evaluation, and instrumental and technical rationalization to justify and legitimize privacy as a value in mobile development. Understanding these three forms of justification for privacy is useful to educators, regulators, and managers who wish to promote ethical practices in mobile development.

show abstract

Section: Introduction: Investigating Work Dynamics That Impact Privacmentioning

confidence: 99%

Linking Platforms, Practices, and Developer Ethics: Levers for Privacy Discourse in Mobile Application Development

Shilton

Greene

2017

J Bus Ethics

View full text Add to dashboard Cite

show abstract

“…Balebako et al surveyed and interviewed over 200 app developers, and concluded that most approached security issues using web search, or by consulting peers [5].…”

Section: A How Programmers Learn Securitymentioning

confidence: 99%

“…Comparing the existing work on app developers and security, section 2 identified valuable research on current practice by developers such as that by Balebako et al [5]; this work goes further by identifying approaches for better practice. Much of the remaining literature we discussed is also valuable in the context the dialectic techniques as providing solutions to the challenges identified through dialectic.…”

Section: A Relationship To Existing Workmentioning

confidence: 99%

I'd Like to Have an Argument, Please: Using Dialectic for Effective App Security

Weir¹,

Rashid²,

Noble³

2017

Proceedings 2nd European Workshop on Usable Security

View full text Add to dashboard Cite

Abstract-The lack of good secure development practice for app developers threatens everyone who uses mobile software. Current practice emphasizes checklists of processes and security errors to avoid, and has not proved effective in the application development domain. Based on analysis of interviews with relevant security experts, we suggest that secure app development requires 'dialectic': challenging dialog with a range of counterparties, continued throughout the development cycle. By further studying the different dialectic techniques possible in programmers' communications, we shall be able to empower app developers to produce the secure software that we need.

show abstract

“…Therefore, identifying the decisionmakers leads to a greater understanding of the privacy protections likely to be employed. For example, app developers without security expertise may fail to correctly implement privacy-preserving technologies (Balebako, Marsh, et al, 2014).…”

Section: Phasesmentioning

confidence: 99%

Can Smartphones and Privacy Coexist? Assessing Technologies and Regulations Protecting Personal Data on Android and iOS Devices

Yerukhimovich¹,

Balebako²,

Boustead³

et al. 2016

Self Cite

View full text Add to dashboard Cite

The Privacy and Security Behaviors of Smartphone App Developers

Cited by 163 publications

References 6 publications

Linking Platforms, Practices, and Developer Ethics: Levers for Privacy Discourse in Mobile Application Development

Linking Platforms, Practices, and Developer Ethics: Levers for Privacy Discourse in Mobile Application Development

I'd Like to Have an Argument, Please: Using Dialectic for Effective App Security

Can Smartphones and Privacy Coexist? Assessing Technologies and Regulations Protecting Personal Data on Android and iOS Devices

Contact Info

Product

Resources

About