Patrick Gage Kelley @patrickgage Lorrie Faith Cranor Norman Sadeh Privacy as Part of the App Decision- Making Process 

No content

Apps that come on the phone Apps that come from a trusted/ already known brand Apps that are picked from the market to fill a need 3 

4 Apps that come on the phone The most used apps: phone, mail, text messaging, weather, directions, maps... But also includes many apps users wish they could remove 

Apps that come from a trusted/ already known brand: Facebook, Twitter, Pandora, Spotify, Angry Birds, The New York Times, Words with Friends, ESPN, etc... 5 

Apps that are picked from the market to fill a need How do users make this decision? 6 

7 

8 

9 privacy 

10 privacy The privacy information could be included on this screen 

11 privacy privacy 

12 How users report they pick apps ratings user reviews price branding and design word of mouth # downloads popularity permissions size of the app developer/company advertising 0% 25% 50% 75% 100% Very important Not important 

13 Android permissions screens 

Why not permissions? 14 - Users do not understand Android permissions - The terms used are: - vague or confusing - sometimes misleading - jargon-filled - poorly grouped - The permissions appear after the user has pressed “download,” making their decision 

15 meters highlights icons checklist 

16 So we have two possible issues: Format Position privacy 

17 

18 

Privacy Facts Checklist • Bold header “Privacy Facts” • Eight types of information • Advertising and analytics • Checkbox next to each • Immediately after the Description section • Immediately before the Reviews section 19 

20 Phase 1 20-participant laboratory interview and application selection experiment Phase 2 250-participant MTurk application selection experiment and survey Two Phases of Testing 

Lab/Online Study • General Android phone use • How they select apps in the market • Roleplay • App selection task • Malicious applications and data sharing concerns • Privacy and permissions 21 Nathaniel Good, Rachna Dhamija, Jens Grossklags, David Thaw, Steven Aronowitz, Deirdre Mulligan, and Joseph Konstan. Stopping spyware at the gate: a user study of privacy, notice and spyware. SOUPS 2005 

Application Selection Task • Privacy Facts Checklist v. Android Market • Users select one app per category • Each category has two apps • One requests less permissions 22 — Calorie tracking — Word game — Streaming music — Twitter — Document scanning — Flight tracker 

4 stars 10,000-50,000 downloads 3 similar reviews Category Differences 23 — Calorie tracking — Word game — Twitter — Document scanning — Streaming music (brand) 50 million downloads — Flight tracker (3 stars) 

Application Selection (Interview) 24 Word game Nutrition Document scanning Twitter Music Flight tracking brand 3/4 Privacy Facts Checklist 60% 70% 90% 70% 40% 40% Permissions 50% 100% 90% 20% 30% 20% 

Comments on app selection “I like to download the apps that have a name that I can easily find. So Calorie Counter, I know where that is gonna be on my phone. I don’t have to be like, oh, what is this called.” 25 

Comments on app selection “And I might try things out and see... I just kind of see how well it works, because some things are more glitchy.” 26 

Application Selection (MTurk) 27 Word game Nutrition Twitter Document scanning Music Flight tracking n = 366 brand 3/4 Privacy Facts Checklist 61% 73% 53% 60% 29% 35% Permissions 41% 56% 25% 73% 18% 41% Permissions Inline 50% 73% 35% 63% 23% 37% 

With the checklist, people are more often selecting the application that accesses less permissions though other factors like brand and rating are stronger or remove the effect 28 

Reading the permissions... 29 Participants took between 4 and 47 minutes selecting the application Privacy Facts Checklist – 11:40 Android Permissions — 10:51 Average time spent viewing the permissions display was 3.19 seconds 4 participants never looked at the permissions 1 participant compared permissions in one category 

With the privacy checklist • No one thought the new display was out of place • No one stated permissions were missing 30 

People said it wasn’t useful It didn’t influence my decision even though I noticed it. I tend to pay more attention to ratings and usefulness then anything else.” No, not really. It’s not the most important factor. I don’t keep a bunch of vital personal info on my phone, so no worries. I think people who do are really stupid.” 31 “ “ 

People said it was useful Yes. It only influenced me if it seemed to be the only thing to distinguish between the two apps.” Yeah, I always check that stuff. I want to know exactly what is happening to and with my data from that program when I use it. It was useful though I wish some apps would go into greater detail about why certain things are there.” 32 “ “ 

Not concerned with data sharing • All their data is already out there • Android/Google are protecting them 33 Participants wanted reasons • Watching out for apps that take too much • ...but will make up reasons when asked why an app might need a certain permission 

Overall, privacy information at decision time helps users • More likely to mention “information” or “data” • Said they would be more likely to consider privacy • The checklist influences app selection • Not just about information position, the formatting and terms used played a significant role 34 And format matters 

Lorrie Faith Cranor Norman Sadeh & Patrick Gage Kelley @patrickgage [email protected] patrickgagekelley.com S P E C I A L T H A N K S T O Alessandro Acquisti Seungyeop Han Matthew Kay Michelle Mazurek Janice Tsai David Wetherall Sunny Consolvo Jaeyeon Jung Jialiu Lin Manya Sleeper Tim Vidas