Jingwen Yan (Clemson University), Mohammed Aldeen (Clemson University), Jalil Harris (Clemson University), Kellen Grossenbacher (Clemson University), Aurore Munyaneza (Texas Tech University), Song Liao (Texas Tech University), Long Cheng (Clemson University)

As the number of mobile applications continues to grow, privacy labels (e.g. Apple’s Privacy Labels and Google’s Data Safety Section) emerge as a potential solution to help users understand how apps collect, use and share their data. However, it remains unclear whether these labels actually enhance user understanding to build trust in app developers or influence their download decisions. In this paper, we investigate user perceptions of privacy labels through a comprehensive analysis of online discussions and a structured user study. We first collect and analyze Reddit posts related to privacy labels, and manually analyze the discussions to understand users’ concerns and suggestions. Our analysis reveals that users are skeptical of self-reported privacy labels provided by developers and they struggle to interpret the terminology used in the labels. Users also expressed a desire for clearer explanations about why specific data is collected and emphasized the importance of third-party verification to ensure the accuracy of privacy labels. To complement our Reddit analysis, we conducted a user study with 50 participants recruited via Amazon Mechanical Turk and Qualtrics. The study revealed that 76% of the participants indicated that privacy labels influence their app download decisions and the amount of data practice in the privacy label is the most significant factor.

View More Papers

Automated Mass Malware Factory: The Convergence of Piggybacking and...

Heng Li (Huazhong University of Science and Technology), Zhiyuan Yao (Huazhong University of Science and Technology), Bang Wu (Huazhong University of Science and Technology), Cuiying Gao (Huazhong University of Science and Technology), Teng Xu (Huazhong University of Science and Technology), Wei Yuan (Huazhong University of Science and Technology), Xiapu Luo (The Hong Kong Polytechnic University)

Read More

Welcome to Jurassic Park: A Comprehensive Study of Security...

Abdullah AlHamdan (CISPA Helmholtz Center for Information Security), Cristian-Alexandru Staicu (CISPA Helmholtz Center for Information Security)

Read More

Tweezers: A Framework for Security Event Detection via Event...

Jian Cui (Indiana University), Hanna Kim (KAIST), Eugene Jang (S2W Inc.), Dayeon Yim (S2W Inc.), Kicheol Kim (S2W Inc.), Yongjae Lee (S2W Inc.), Jin-Woo Chung (S2W Inc.), Seungwon Shin (KAIST), Xiaojing Liao (Indiana University)

Read More

EAGLEYE: Exposing Hidden Web Interfaces in IoT Devices via...

Hangtian Liu (Information Engineering University), Lei Zheng (Institute for Network Sciences and Cyberspace (INSC), Tsinghua University), Shuitao Gan (Laboratory for Advanced Computing and Intelligence Engineering), Chao Zhang (Institute for Network Sciences and Cyberspace (INSC), Tsinghua University), Zicong Gao (Information Engineering University), Hongqi Zhang (Henan Key Laboratory of Information Security), Yishun Zeng (Institute for Network Sciences…

Read More