Personal data from mobile apps are increasingly impacting users’ lives and privacy perceptions. However, there is a scarcity of research addressing the combination of (1) individual perceptions of mobile app privacy, (2) actual dataflows in apps, and (3) how such perceptions and dataflows relate to actual privacy policies and terms of use in mobile apps. To address these limitations, we conducted an innovative mixed-methods study including a representative user survey in Norway, an analysis of personal dataflows in apps, and content analysis of privacy policies of 21 popular, free Android mobile apps. Our findings show that more than half the respondents in the user survey repeatedly had refrained from downloading or using apps to avoid sharing personal data. Our analysis of dataflows applied a novel methodology measuring activity in the apps over time (48 hr). The investigation showed that 19 of the 21 apps investigated transmitted personal data to a total of approximately 600 different primary and third-party domains. From an European perspective, it is particularly noteworthy that most of these domains were associated with tech companies in the United States, where privacy laws are less strict than companies operating from Europe. The investigation further revealed that some apps by default track and share user data continuously, even when the app is not in use. For some of these, the terms of use provided with the apps did not inform the users about the actual tracking practice. A comparison of terms of use as provided in the studied apps with actual person dataflows as identified in the analysis disclosed that three of the apps shared data in violation with their provided terms of use. A possible solution for the mobile app industry, to strengthen user trust, is privacy by design through opt-in data sharing with the service and third parties and more granular information on personal data sharing practices. Also, based on the findings from this study, we suggest specific visualizations to enhance transparency of personal dataflows in mobile apps. A methodological contribution is that a mixed-methods approach strengthens our understanding of the complexity of privacy issues in mobile apps.
The volume of data being published on the Web and made available as Open Data has significantly increased over the last several years. However, data published by independent publishers are sliced and fragmented. Creating descriptive connections across datasets may considerably enrich data and extend their value. One way to standardize, describe and interconnect the information from heterogeneous data sources is to use Linked Data as a publishing technology.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.