Our goal is to understand how users perceive various smartphone-related risks, their preferences for how their sensitive data should be used by third-party applications, and the threat landscape, and then creating new user-centric systems that allow them to make more informed decisions.

Smartphones have become the most commonly-used computing platform. These devices allow third-party applications to create rich user experiences by granting the applications access to sensor data (e.g., location, accelerometers, etc.) and stored personal information. However, privacy and security problems exist when users cannot make informed choices about how their information may be used.

We’re broadly interested in answering the following questions:

  • Under what circumstances do users want to be prompted with information about third-party applications may be accessing their personal information and/or sensor data?
  • What steps do users take to mitigate risks on their devices?
  • How can the permission-granting user experience be improved to facilitate informed consent?