Who Leaks My Privacy: Towards Automatic and Association Detection with GDPR Compliance

Jia, Qiwei; Zhou, Lü; Li, Huaxin; Yang, Ruoxu; Du, Suguo; Zhu, Haojin

doi:10.1007/978-3-030-23597-0_11

Cited by 17 publications

(14 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…user consent). Some recent works rely on the apps' privacy policies [10], [40] or prevailing standards or regulations [12], [13], [41]- [44] as the source for extracting the appropriate or inappropriate personal data flows in terms of the aforementioned elements. These are used as ground truth to analyze their alignment with the personal data flows carried out by apps, and then detect whether a potential privacy violation occurs.…”

Section: A Privacy Analysis In Android Appsmentioning

confidence: 99%

“…They relied on static code analysis to detect any disclosure of personal information, although the specific GDPR requirements that are covered are blurred. Jia et al [13] propose a method to detect personal data disclosures in network traffic based on association mining. Leveraging the fact that the application's network packet payload is represented as a set of key-value pairs, they used a catalogue of key-value pairs related to personal data to search for any of them and then detect personal data disclosures without the user's consent.…”

Section: B Gdpr Analysis In Android Appsmentioning

confidence: 99%

“…Coders mutually harmonized their criteria and curated the annotations properly. The same procedure was followed for all other disagreements 13 .…”

Section: ) Inter-annotator Reliability Checkingmentioning

confidence: 99%

“…The domain supersonicads.com is owned by the third-party recipient IronSource Ltd, which is based in the US. 13 Details can be found in the replication package available at http://dx.doi.org/10.17632/ws6cx9p65d.1…”

Section: ) Full Cross-border Transfer Disclosurementioning

confidence: 99%

See 3 more Smart Citations

GDPR Compliance Assessment for Cross-Border Personal Data Transfers in Android Apps

2021

View full text Add to dashboard Cite

The pervasiveness of Android mobile applications and the services they support allow the personal data of individuals to be collected and shared worldwide. However, data protection legislations usually require all participants in a personal data flow to ensure an equivalent level of personal data protection, regardless of location. In particular, the European General Data Protection Regulation constrains cross-border transfers of personal data to non-EU countries and establishes specific requirements to carry them out. This paper presents a method to systematically assess compliance of Android mobile apps with the requirements for cross-border transfers established by the European data protection regulation. We have validated the method with one hundred Android apps, finding an outstanding 66% of ambiguous, inconsistent and omitted cross-border transfer disclosures.

show abstract

Section: A Privacy Analysis In Android Appsmentioning

confidence: 99%

Section: B Gdpr Analysis In Android Appsmentioning

confidence: 99%

“…Coders mutually harmonized their criteria and curated the annotations properly. The same procedure was followed for all other disagreements 13 .…”

Section: ) Inter-annotator Reliability Checkingmentioning

confidence: 99%

Section: ) Full Cross-border Transfer Disclosurementioning

confidence: 99%

See 2 more Smart Citations

GDPR Compliance Assessment for Cross-Border Personal Data Transfers in Android Apps

2021

View full text Add to dashboard Cite

show abstract

“…The research was undertaken to understand the dynamics of the employees at the office. The data were aggregated and anonymized in compliance with the principles outlined in the GDPR regulations, and the study was performed in accordance with the principles outlined in the Declaration of Helsinki; all participants gave written informed consent [56][57][58].…”

Section: Pilot Studymentioning

confidence: 99%

Learnings from User Digital Trail Post-Occupancy Evaluation before COVID-19 for Future Workplace Analysis and Design

et al. 2021

View full text Add to dashboard Cite

Data are required for optimizing workplace design, assessing user experience, and ensuring wellbeing. This research focuses on the benefits of incorporating post-occupancy evaluation (POE) data analysis by studying the digital trail of employees generated by the existing Wi-Fi infrastructure of the office. The objective is to enable a safe return to offices through compliance with COVID-19 space-capacity regulations and in consideration of the health and wellbeing of employees. Workplaces, teams, and people have become more digitalized and therefore more mobile due to the globalization of knowledge and cutting-edge technological innovations, a process that has been accelerated by the COVID-19 crisis. Now, hybrid work and fully remote working routines are increasing in a significant number of companies. Nevertheless, with the return to the office, understanding how to calibrate spatial capacity is now key for workplaces and companies. Traditional assessment methods are obsolete; new methods that respond to mobility, changing occupancy rates, and comfort are essential. This paper analyzes, through the case study of a pre-COVID-19 activity-based office, the advantages of using digital indoor-location techniques (such as Wi-Fi networks, which additionally have the advantage of being previously installed in the majority of these spaces). The paper demonstrates that the incorporation of digital POE of user trends enabled a more seamless, accurate, and scalable return to a new normal office work scenario and an improved post-COVID-19 design of workplaces.

show abstract

Where Does Your Data Go? Comparing Network Traffic and Privacy Policies of Public Sector Mobile Applications

Carlsson

Heino²,

Koivunen³

et al. 2022

Information Systems and Technologies

View full text Add to dashboard Cite

Who Leaks My Privacy: Towards Automatic and Association Detection with GDPR Compliance

Cited by 17 publications

References 19 publications

GDPR Compliance Assessment for Cross-Border Personal Data Transfers in Android Apps

GDPR Compliance Assessment for Cross-Border Personal Data Transfers in Android Apps

Learnings from User Digital Trail Post-Occupancy Evaluation before COVID-19 for Future Workplace Analysis and Design

Where Does Your Data Go? Comparing Network Traffic and Privacy Policies of Public Sector Mobile Applications

Contact Info

Product

Resources

About