Mobile app privacy

261 views

Published on

Student presentation for ECOM6024 - Mobile and pervasive commerce, MSc in Electronic Commerce and Internet Computing, http://www.ecom-icom.hku.hk/

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
261
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • Subjects: 1,000 US Consumers aged 18+ who are owning/using smartphonesUS residentsAge 18 or aboveCurrently owning or using a smartphoneNot employed in advertising, marketing research or telecom
  • device
  • The Ginger.io app runs silently in the background of participants’ smartphones, collecting text message habits, call frequency, and location. All that data is analyzed and sent back to both patients via the app and doctors and researchers via an online dashboard. If you suddenly stop calling your friends, or don’t go to work for a few days, that could be a sign to your doctors that they need to check in on you more aggressively.
  • Contacted 2 times on average, selling 4.5 years
  • TRUSTe Survey
  • France passed 13 anti-terrorism measures on Oct. 31, 2001, the United Kingdom passed the Anti-Terrorism, Crime and Security Act on Dec. 15, 2001 since replaced by the Prevention of Terrorism Act 2005; Belgium in December 2003 enacted legislation outlawing any action with the purpose of “destabilizing or destroying the fundamental political, constitutional, economic or social structures of a country”“the cure should not be worse than the disease”
  • Mobile app privacy

    1. 1. Mobile App PrivacyJason Leung, Leo Lau
    2. 2. Privacy Concerns1Rank Concerns#1 Consumers ranked Privacy as their primary concern on usingsmartphone and mobile apps#2 98% have a strong desire for better controls over their personalinformation in mobile apps#3 Nearly 75% feels uncomfortable on advertising tracking and85% of the total wants to opt out#4 77% of consumers does NOT want to share location data withapp developers#5 Only 1 out of 3 consumers feel they are in control of theirpersonal informationSurvey: Consumer Mobile Privacy Insights Report - Smart Privacy for Smartphones, TRUSTe,in Feb 2011, Released on April 2011
    3. 3. What and WhyWhat is “Privacy on Mobile Apps”?Rights and Controls ofInformation captured and exposed by the mobile apps, that can beassociated with a user, e.g. YOU.Usage Patterns: Individual and Personal Information aggregated acrossmobile apps matterWhy “Privacy on Mobile Apps” is so important?Compare with Privacy on Desktop Computers“Hub of Personal Information”Real-time dataAlways on, always connectedPrevent the abuse and misusee.g. Frauds, Phishing, Intrusive Marketing PromotionsMobile Apps Privacy is NOT Mobile SecurityPersonal Information are provided or observed, but not stolen.2
    4. 4. Personal Information Flow3• App Users(YOU)• Send outpersonalinformation• Build up usagepatterns• ConnectedUsers• Contact List• Social friends’list and sharing• App, ServiceDevelopers• CollectionControl• Apps, ServiceDevelopers• 3rd partyBusinessEntities• AdvertisingNetworks• Personalizedintrusivemarketing• Sell and Resellof personalinformation• Public dataobservers:General PublicandGovernments
    5. 5. Sources of PersonalInformationMobile DevicesPhones and TabletsWearablesGoogle Glass andSmart WatchesConnected Peripherals:Internet of ThingsCarIntelligent braceletsIntelligent BulbSurveillance camerasMobile AppsAccessedCamera, NFC, GPS,Heart sensor, GyrosServices: Siri,services on theCloud4
    6. 6. Types of Personal InformationProvidedUser Registrations, Personal Preferences, Locations andSocial SharingAccessedCalendar, Contact Lists, Photos and Task ListsDevice informationHardware configurations, Battery, Mobile Data usageConnected peripheralsBio-metricsPersonal preferencesObservedUsage Patterns5
    7. 7. IssuesData for salesPersonal data and market dataOctopus sold 2M users data for HK$44M and CEO resignedPublic accessible dataDifferent sources provide data access APIAnalytic, business intelligent, data miningMosaic effectPattern recognitionPrediction6
    8. 8. IssuesPrivacy policyOnly 19% top free apps have privacy policy74% consumer believe it’s “very important” or “extremelyimportant” to understand what personal information a mobileapp collects42% read and understand privacy policy before downloadRough and unspecific privacy policy,http://www.apple.com/uk/privacy/http://tos.ea.com/legalapp/WEBPRIVACY/US/en/PCPrivacy policy change7Source: TRUSTe Mobile Privacy Survey 2011
    9. 9. Regulations8US EU HKGoverning Bodies Federal TradeCommission takesprimary roleEuropeanCommission, NationalData ProtectionAuthorities in EU27Office of the PrivacyCommissioner forPersonal DataRegulation 8 federal laws; statelawsEU Law, DataProtection DirectivePersonal Data(Privacy) OrdinanceDefinition of PersonalInformationNo single definition,depends oncorresponding lawAny informationrelatingto an identified oridentifiable naturalpersonData relating to aliving individual, foridentity of individual,access or processingis practicablePrinciples Notice, Choice,Access, Integrity,EnforcementNotice, Purpose,Consent, Security,Disclosure, Access,AccountabilityPurpose and Notice,Accuracy, SecondaryPurpose Consent,Security, Policy andPractices, AccessAnti-privacy, statesecurityPatriot Act Countries-specificanti-terrorismInterception ofCommunications andSurveillanceOrdinanceSafe Harbor Arrangement
    10. 10. What we can do?Information ownerInformation owner has little controlRead privacy policy before downloadReview OS and app level privacy settingPay attention to pop-upPersonal responsibilityApp developerGet serious about privacyAsk BEFORE collectTransparency and ChoiceCollect only what is requiredOS developerPrivacy by design9
    11. 11. Referenceshttp://www.scmp.com/article/720620/octopus-sold-personal-data-customers-hk44mhttp://www.computerworld.com/s/article/91109/Sidebar_The_Mosaic_Effecthttp://en.wikipedia.org/wiki/Data_Protection_Directivehttp://ec.europa.eu/justice/data-protection/http://www.ftc.gov/reports/privacy3/fairinfo.shtmhttp://wikibon.org/blog/big-data-statistics/https://www.truste.com/blog/2012/10/18/are-businesses-smart-enough-about-smartphone-privacy/http://www.truste.com/blog/2011/04/27/5-privacy-tips-for-mobile-app-developers/http://ag.ca.gov/cms_attachments/press/pdfs/n2630_signed_agreement.pdfhttp://ag.ca.gov/cms_attachments/press/pdfs/n2630_updated_mobile_apps_info.pdfhttp://mobiledeviceinsight.com/2011/12/sensors-in-smartphones/http://www.w3.org/P3P/mobile-privacy-ws/papers/zks.htmlhttp://bits.blogs.nytimes.com/2011/05/19/the-sensors-are-coming/http://www.slideshare.net/kleinerperkins/kpcb-internet-trends-2013http://www.businessinsider.com/wearable-computing-a-new-mobile-market-takes-shape-2013-4http://export.gov/safeharbor/10
    12. 12. Q & Aand11Thank You!

    ×