Choice architecture and smartphone privacy: there’s a price for that (WEIS ’12)

Abstract Under certain circumstances, consumers are willing to pay a premium for privacy. We explore how choice architecture affects smartphone users’ stated willingness to install applications that request varying permissions. We performed two experiments to gauge smartphone users’ stated willingness to pay premiums to limit their personal information exposure when installing new applications. We found that when participants were comparison shopping between multiple applications that performed similar functionality, a quarter…

How to ask for permission (HotSec ’12)

Abstract Application platforms provide applications with access to hardware (e.g., GPS and cameras) and personal data. Modern platforms use permission systems to protect access to these resources. The nature of these permission systems vary widely across platforms. Some platforms obtain user consent as part of installation, while others display runtime consent dialogs. We propose a set of guidelines to aid platform designers in determining the most appropriate permission-granting mechanism for…

I’ve got 99 problems, but vibration ain’t one: a survey of smartphone users’ concerns (SPSM ’12)

Abstract Smartphone operating systems warn users when third-party applications try to access sensitive functions or data. However, all of the major smartphone platforms warn users about different application actions. To our knowledge, their selection of warnings was not grounded in user research; past research on mobile privacy has focused exclusively on the risks pertained to sharing location. To expand the scope of smartphone security and privacy research, we surveyed 3,115…

Location privacy: user behavior in the field (SPSM ’12)

Abstract Current smartphone platforms provide ways for users to control access to information about their location. For instance, on the iPhone, when an application requests access to location information, the operating system asks the user whether to grant location access to this application. In this paper, we study how users are using these controls. Do iPhone users allow applications to access their location? Do their decisions differ from application to…