Xiaoyuan Wu (Carnegie Mellon University), Lydia Hu (Carnegie Mellon University), Eric Zeng (Carnegie Mellon University), Hana Habib (Carnegie Mellon University), Lujo Bauer (Carnegie Mellon University)

Apple's App Privacy Report (``privacy report''), released in 2021, aims to
inform iOS users about apps' access to their data and sensors (e.g., contacts,
camera) and, unlike other privacy dashboards, what domains are contacted by apps and websites. To evaluate the
effectiveness of the privacy report, we conducted semi-structured interviews
(textit{n} = 20) to examine users' reactions to the information, their understanding of relevant privacy
implications, and how they might change
their behavior to address privacy concerns. Participants easily understood which
apps accessed data and sensors at certain times on their phones, and knew how to
remove an app's permissions in case of unexpected access. In contrast,
participants had difficulty understanding apps' and websites' network
activities. They were confused about how and why network activities occurred,
overwhelmed by the number of domains their apps contacted, and uncertain about
what remedial actions they could take against potential privacy threats. While
the privacy report and similar tools can increase transparency by presenting
users with details about how their data is handled, we recommend providing more
interpretation or aggregation of technical details, such as the purpose of
contacting domains, to help users make informed decisions.

View More Papers

PolicyPulse: Precision Semantic Role Extraction for Enhanced Privacy Policy...

Andrick Adhikari (University of Denver), Sanchari Das (University of Denver), Rinku Dewri (University of Denver)

Read More

CHAOS: Exploiting Station Time Synchronization in 802.11 Networks

Sirus Shahini (University of Utah), Robert Ricci (University of Utah)

Read More

Privacy Preserved Integrated Big Data Analytics Framework Using Federated...

Sarah Kaleem (Prince Sultan University, PSU) Awais Ahmad (Imam Mohammad Ibn Saud Islamic University, IMSIU), Muhammad Babar (Prince Sultan University, PSU), Goutham Reddy Alavalapati (University of Illinois, Springfield)

Read More

Kronos: A Secure and Generic Sharding Blockchain Consensus with...

Yizhong Liu (Beihang University), Andi Liu (Beihang University), Yuan Lu (Institute of Software Chinese Academy of Sciences), Zhuocheng Pan (Beihang University), Yinuo Li (Xi’an Jiaotong University), Jianwei Liu (Beihang University), Song Bian (Beihang University), Mauro Conti (University of Padua)

Read More