Reengineering the user: Privacy concerns about personal data on smartphones.

Tsavli, M., Efraimidis, P.S., Katos, V. and Mitrou, L., 2015. Reengineering the user: Privacy concerns about personal data on smartphones. Information and Computer Security, 23 (4), pp. 394-405.

Full text available as:

[img]
Preview
PDF
Reengineering the user.pdf - Accepted Version
Available under License Creative Commons Attribution Non-commercial No Derivatives.

230kB

DOI: 10.1108/ICS-10-2014-0071

Abstract

Purpose: This paper aims to discuss the privacy and security concerns that have risen from the permissions model in the Android operating system, along with two shortcomings that have not been adequately addressed. Design/methodology/approach: The impact of the applications’ evolutionary increment of permission requests from both the user’s and the developer’s point of view is studied, and finally, a series of remedies against the erosion of users’ privacy is proposed. Findings: The results of this work indicate that, even though providing access to personal data of smartphone users is by definition neither problematic nor unlawful, today’s smartphone operating systems do not provide an adequate level of protection for the user’s personal data. However, there are several ideas that can significantly improve the situation and mitigate privacy concerns of users of smart devices. Research limitations/implications: The proposed approach was evaluated through an examination of the Android’s permission model, although issues arise in other operating systems. The authors’ future intention is to conduct a user study to measure the user’s awareness and concepts surrounding privacy concerns to empirically investigate the above-mentioned suggestions. Practical implications: The proposed suggestions in this paper, if adopted in practice, could significantly improve the situation and mitigate privacy concerns of users of smart devices. Social implications: The recommendations proposed in this paper would strongly enhance the control of users over their personal data and improve their ability to distinguish legitimate apps from malware or grayware. Originality/value: This paper emphasises two shortcomings of the permissions models of mobile operating systems which, in authors’ view, have not been adequately addressed to date and propose an inherent way for apps and other entities of the mobile computing ecosystem to commit to responsible and transparent practices on mobile users’ privacy.

Item Type:Article
ISSN:2056-4961
Uncontrolled Keywords:Privacy concerns; Privacy; Personal data; Security issues; Smartphone data taxonomy User awareness
Subjects:UNSPECIFIED
Group:Faculty of Science & Technology
ID Code:24543
Deposited By: Unnamed user with email symplectic@symplectic
Deposited On:30 Aug 2016 15:04
Last Modified:30 Aug 2016 15:04

Downloads

Downloads per month over past year

More statistics for this item...
Repository Staff Only -