Most users of smartphone apps remain unaware of what data about them is being collected, by whom, and how these data are being used. In this mixed methods investigation, we examine the question of whether revealing key data collection practices of smartphone apps may help people make more informed privacy- related decisions. To investigate this question, we designed and prototyped a new class of privacy indicators, called Data Con- troller Indicators (DCIs), that expose previously hidden information flows out of the apps. Our lab study of DCIs suggests that such indicators do support people in making more confident and consistent choices, informed by a more diverse range of factors, including the number and nature of third-party companies that access users’ data. Furthermore, personalised DCIs, which are contextualised against the other apps an individual already uses, enable them to reason effectively about the differential impacts on their overall information exposure.
Better the devil you know: Personalized Data Controller Indicators that Expose Data Sharing in Smartphone Apps
Max Van Kleek, Ilaria Liccardi, Reuben Binns, Jun Zhao, Daniel J. Weitzner, Nigel Shadbolt
CHI 2017 – ACM Conference on Human Factors in Computing Systems.