DeepAI AI Chat
Log In Sign Up

On the (Un)Reliability of Privacy Policies in Android Apps

by   Luca Verderame, et al.
Università di Genova

Access to privacy-sensitive information on Android is a growing concern in the mobile community. Albeit Google Play recently introduced some privacy guidelines, it is still an open problem to soundly verify whether apps actually comply with such rules. To this aim, in this paper, we discuss a novel methodology based on a fruitful combination of static analysis, dynamic analysis, and machine learning techniques, which allows assessing such compliance. More in detail, our methodology checks whether each app i) contains a privacy policy that complies with the Google Play privacy guidelines, and ii) accesses privacy-sensitive information only upon the acceptance of the policy by the user. Furthermore, the methodology also allows checking the compliance of third-party libraries embedded in the apps w.r.t. the same privacy guidelines. We implemented our methodology in a tool, 3PDroid, and we carried out an assessment on a set of recent and most-downloaded Android apps in the Google Play Store. Experimental results suggest that more than 95 access user's privacy-sensitive information, but just a negligible subset of them (around 1


page 1

page 2

page 3

page 4


You can't always get what you want: towards user-controlled privacy on Android

Mobile applications (hereafter, apps) collect a plethora of information ...

Demystifying Privacy Policy of Third-Party Libraries in Mobile Apps

The privacy of personal information has received significant attention i...

Not Your Average App: A Large-scale Privacy Analysis of Android Browsers

The transparency and privacy behavior of mobile browsers has remained wi...

An Approach for the Identification of Information Leakage in Automotive Infotainment systems

The advancements in the digitization world has revolutionized the automo...

A Fait Accompli? An Empirical Study into the Absence of Consent to Third-Party Tracking in Android Apps

Third-party tracking allows companies to collect users' behavioural data...

Lalaine: Measuring and Characterizing Non-Compliance of Apple Privacy Labels at Scale

As a key supplement to privacy policies that are known to be lengthy and...

Improving the Reliability of Mobility Applications

The Android platform was introduced by Google in 2008 as an operating sy...