User Interaction Data in Apps: Comparing Policy Claims to Implementations
Journal article, Peer reviewed
Submitted version
Permanent lenke
https://hdl.handle.net/11250/3127879Utgivelsesdato
2024Metadata
Vis full innførselOriginalversjon
IFIP Advances in Information and Communication Technology. 2024, 695 64-80. 10.1007/978-3-031-57978-3_5Sammendrag
As mobile app usage continues to rise, so does the generation of extensive user interaction data, which includes actions such as swiping, zooming, or the time spent on a screen. Apps often collect a large amount of this data and claim to anonymize it, yet concerns arise regarding the adequacy of these measures. In many cases, the so-called anonymized data still has the potential to profile and, in some instances, re-identify individual users. This situation is compounded by a lack of transparency, leading to potential breaches of user trust. Our work investigates the gap between privacy policies and actual app behavior, focusing on the collection and handling of user interaction data. We analyzed the top 100 apps across diverse categories using static analysis methods to evaluate the alignment between policy claims and implemented data collection techniques. Our findings highlight the lack of transparency in data collection and the associated risk of re-identification, raising concerns about user privacy and trust. This study emphasizes the importance of clear communication and enhanced transparency in privacy practices for mobile app development. User Interaction Data in Apps: Comparing Policy Claims to Implementations