Understanding Worldwide Private Information Collection on
Android

Data has become the commodity that sustains
much of the digital ecosystem. As smart devices, especially
smartphones, become more central in our daily life, mobiles
phones are turned into reliable sources of rich information
about us (e.g., where you go, what activities you do,
etc.).

Most mobile apps request access to some sort of
information about you and obtain certain permissions on the
device you are using. In most cases, information is shared
and device permissions are enabled with your explicit
consent.

Once the consent is given, however, it is
impractical for users to recall which app collects what
information, not to mention tracing the location the
information is transmitted to and the actors who may further
process, use, and control the data
collected.

Therefore, it remains very challenging to
obtain a comprehensive view of the information collected by
those mobile apps. For instance, it is natural to ask
questions like how many apps on my smartphone collect
private information, what kind of private information these
apps collect, which company processes and stores my private
information, etc.

In a study we conducted together
with researchers from Boston University, we investigate 22
categories of information that may affect the user’s
privacy. We list them in Table 1.

Our goal is to address
the above questions and understand worldwide private
information collection on Android phones by analysing the
flows of information (i.e., which app collects what
information to which domain) generated by 2.1M unique apps
installed by 17.3M users over 21 months between 2018 and
2019.

READ  Google Gifts 5G Android Smartphones with 'the Mandalorian' AR App - Next Reality

Table 1. The 22 categories of information
collected by mobile apps that may affect the user’s
privacy.

Is Private Information Collection Pervasive
in Mobile Apps?

It is now a common practice that the
apps installed on your smartphone request information about
you and the device (e.g., your name, your email address,
your location information) before you can use them. We try
to understand if private information collection is pervasive
in mobile apps.

By analysing our dataset, we discover
that, on average, a mobile app sends private information to
two unique domains. We also observe that over 57.6K apps
(installed on 12.8M devices collectively) collect at least
five unique categories of private information and send them
to at least five unique domains. Our findings confirm that
private information collection in mobile apps is universal
and diversified at the same time, highlighting the need for
additional security and privacy layer on the
device.

Figure 1. Top 25 data
controllers ranked by the fraction of devices they collect
private information from. These 25 data controllers collect
private information from a total of 13.9M devices covering
80.2% of all devices used in this study.

For more
information or to read the full post, please click: https://www.nortonlifelock.com/blogs/research-group/private-information-gathered-phone

© Scoop Media

 



READ SOURCE

LEAVE A REPLY

Please enter your comment!
Please enter your name here