Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Engineering & Public Policy The Privacy and Security Behaviors of Smartphone App Developers Rebecca Balebako, Abigail Marsh, Jialiu Lin, Jason Hong,

Published byJustina Payne Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Engineering & Public Policy The Privacy and Security Behaviors of Smartphone App Developers Rebecca Balebako, Abigail Marsh, Jialiu Lin, Jason Hong,"— Presentation transcript:

1 1 Engineering & Public Policy The Privacy and Security Behaviors of Smartphone App Developers Rebecca Balebako, Abigail Marsh, Jialiu Lin, Jason Hong, Lorrie Faith Cranor

2 App Developer decisions Privacy and Security features compete with Features requested by customers Data requested by financers Revenue model 2

3 Research Project Exploratory Interviews Quantitative on-line study 3

4 Findings Small companies lack privacy and security behaviors Small company developers rely on social ties for advice Legalese hinders reading and writing of privacy policies Third-Party tools heavily used 4

5 Participant Recruitment 13 developers interviewed Recruited through craigslist and Meetups $20 for one-hour interview 5

6 Participant Demographics Variety of revenue models Advertising Subscription Pay-per-use Non-Profit Seven different states Small company size well-represented 6

7 Tools impact privacy and security Interviewees do: Use cloud computing Use authentication tools such as Facebook Use analytics such as Google and Flurry Use open source tools such as mysql 7

8 Tools not used Interviewees don’t use or are unaware of: Use privacy policy generators Use security audits Read third-party privacy policies Delete data 8

9 9

10 On-line surveys 228 app developers Paid $5 (avg: 15 minutes) Recruited through craigslist, reddit, Facebook, backpage.com Developer demographics Majority were ‘Programmer or Software Engineer’ or ‘Product or Project Manager’ Avg age: 30 (18-50 years) 10

11 Company demographics Platforms iOS (62%) Android (62%) Windows (17%) Blackberry (4%) Palm (3%) Large Company Size well-represented 11

12 Data collected or stored BehaviorCollect or Store Parameters specific to my app84% Which apps are installed74% Location72% Sensor information (not location-related)63% 12

13 Privacy and security behaviors BehaviorPercent Use SSL84% Encrypt everything (all data collected)57% Have CPO or equivalent78% Privacy Policy on website58% 13 Room for improvement!

14 Company size and behaviors 14

15 Who do you turn to? 15

16 Who do you turn to? 16

17 Ad and analytics heavily used 87.4% use at least one analytics company 86.5% use at least one advertising company 17

18 Third-party tools 18

19 How Familiar Are You With The Types Of Data Collected By Third-Party Tools 19

20 Findings Small companies lack privacy and security behaviors Free or quick tools needed Usable tools needed Small company developers rely on social ties for advice Opportunities for intervention in social networks Legalese hinders reading and writing of privacy policies Third-Party tools heavily used Third-party tools should be explicit about data handling 20

21 balebako@cmu.edu Questions?

22 Privacy Policies Are Not Considered Useful “I haven’t even read [our privacy policy]. I mean, it’s just legal stuff that’s required, so I just put in there.” – P4 22

23 Developers have time and resource constraints “I don’t see the time it would take to implement that over cutting and pasting someone else’s privacy policies.... I don’t see the value being such that that’s worth it.” -P10 23

24 Privacy and security behaviors BehaviorPercent Use SSL83.8% Encrypt data on phone59.6% Encrypt data in database53.1% Encrypt everything (all data collected)57.0% Revenue from advertising48.2% Have CPO or equivalent78.1% Privacy Policy on website57.9% 24

25 Ad and analytics Ad or analytic providerpercent Google analytics82% Google ads64% Flurry analytics17% No ads13% No analytics13% 25

26 Advice 26

Download ppt "1 Engineering & Public Policy The Privacy and Security Behaviors of Smartphone App Developers Rebecca Balebako, Abigail Marsh, Jialiu Lin, Jason Hong,"

Similar presentations

User Friendly Chat Reference Jodie Holden Internet/Reference Librarian October 23, 2008.

User Friendly Chat Reference Jodie Holden Internet/Reference Librarian October 23, 2008.
Presented by Amanda Groover Oct. 16 th, 2013. MBA- Marketing from Ashford University BBA- Management from University of North GA Previous Work Experience:

Presented by Amanda Groover Oct. 16 th, MBA- Marketing from Ashford University BBA- Management from University of North GA Previous Work Experience:
Security for Mobile Devices

Security for Mobile Devices
The Lucernex Cloud: A software-as-a-service solution delivered via the Cloud What is the Cloud? Cloud Computing is the future of all software applications,

The Lucernex Cloud: A software-as-a-service solution delivered via the Cloud What is the Cloud? Cloud Computing is the future of all software applications,
Video Games Today & Tomorrow Steven Rechtschaffner.

Video Games Today & Tomorrow Steven Rechtschaffner.
Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.

Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.
Mobile Applications: Changes in social networking and mobile phones By Elias Chesy.

Mobile Applications: Changes in social networking and mobile phones By Elias Chesy.
Industry Survey Report on Hong Kong Mobile Apps Industry.

Industry Survey Report on Hong Kong Mobile Apps Industry.
1 The End Of The Privacy Policy As We Know It Fran Maier President TRUSTe.

1 The End Of The Privacy Policy As We Know It Fran Maier President TRUSTe.
About IGNITE! marketing Why is free Wi-Fi important? What is Social HotSpot™ marketing? How does it work ? What are the benefits for your business? Packages.

About IGNITE! marketing Why is free Wi-Fi important? What is Social HotSpot™ marketing? How does it work ? What are the benefits for your business? Packages.
Leveraging Social Chatter: Online Brand Reputation Monitoring and Management A Wakeup Call Gary Levine WSI Brand Reputation Expert.

Leveraging Social Chatter: Online Brand Reputation Monitoring and Management A Wakeup Call Gary Levine WSI Brand Reputation Expert.
Usable Privacy and Security Carnegie Mellon University Spring 2006 Cranor/Hong/Reiter 1 Course Overview January.

Usable Privacy and Security Carnegie Mellon University Spring 2006 Cranor/Hong/Reiter 1 Course Overview January.
Tracking, Privacy, You & The 21 st Century When you talk online the internet listens.

Tracking, Privacy, You & The 21 st Century When you talk online the internet listens.
Phone: 619-807-9654.

Phone:
WHAT IS CLOUD COMPUTING? PRESENTED BY BRIAN DUKE, RISHI SINGH & JOSE CERVANTES.

WHAT IS CLOUD COMPUTING? PRESENTED BY BRIAN DUKE, RISHI SINGH & JOSE CERVANTES.
ITEC0722: Mobile Business and Implementation: Mobile Applications Suronapee Phoomvuthisarn, Ph.D.

ITEC0722: Mobile Business and Implementation: Mobile Applications Suronapee Phoomvuthisarn, Ph.D.
The Privacy Tug of War: Advertisers vs. Consumers Presented by Group F.

The Privacy Tug of War: Advertisers vs. Consumers Presented by Group F.
MANAGING YOUR ONLINE PROFILE WHAT DOES THIS MEAN AND WHY SHOULD YOU CARE? Sarah Morris UT Libraries.

MANAGING YOUR ONLINE PROFILE WHAT DOES THIS MEAN AND WHY SHOULD YOU CARE? Sarah Morris UT Libraries.
SD1230 Unit 8 The Mobile Landscape. Course Objectives During this unit, we will cover the following course objectives: – Identify the characteristics.

SD1230 Unit 8 The Mobile Landscape. Course Objectives During this unit, we will cover the following course objectives: – Identify the characteristics.
UFCFX5-15-3Mobile Device Development Commercial Trends and Competitive Initiatives.

UFCFX5-15-3Mobile Device Development Commercial Trends and Competitive Initiatives.

Similar presentations

Ads by Google