Our goal is to understand how users perceive various smartphone-related risks, their preferences for how their sensitive data should be used by third-party applications, and the threat landscape, and then creating new user-centric systems that allow them to make more informed decisions.

Smartphones have become the most commonly-used computing platform. These devices allow third-party applications to create rich user experiences by granting the applications access to sensor data (e.g., location, accelerometers, etc.) and stored personal information. However, privacy and security problems exist when users cannot make informed choices about how their information may be used.

We’re broadly interested in answering the following questions:

• Under what circumstances do users want to be prompted with information about third-party applications may be accessing their personal information and/or sensor data?
• What steps do users take to mitigate risks on their devices?
• How can the permission-granting user experience be improved to facilitate informed consent?

Related Publications

• “Won’t Somebody Think of the Children?” Examining COPPA Compliance at Scale (PETS ’18)
• Contextualizing Privacy Decisions for Better Prediction (and Protection) (CHI ’18)
• TurtleGuard: Helping Android Users Apply Contextual Privacy Preferences (SOUPS ’17)
• The Feasibility of Dynamically Granted Permissions: Aligning Mobile Privacy with User Preferences (Oakland ’17)
• “Is Our Children’s Apps Learning?” Automatically Detecting COPPA Violations (ConPro ’17)
• Keep on Lockin’ in the Free World: A Multi-National Comparison of Smartphone Locking (CHI ’16)
• The Anatomy of Smartphone Unlocking: A Field Study of Android Lock Screens (CHI ’16)
• Android Permissions Remystified: A Field Study on Contextual Integrity (USENIX Sec ’15)
• Are you ready to lock? understanding user motivations for smartphone locking behaviors (CCS ’14)
• The effect of developer-specified explanations for permission requests on smartphone user behavior (CHI ’14)