An (Un)Necessary Evil - Users’ (Un)Certainty about Smartphone App Permissions and Implications for Privacy Engineering

Bongard, Kerstin; Sterckx, Jean-Louis; Rossi, Arianna; Distler, Verena; Rivas, Salvador; Koenig, Vincent

Reference : An (Un)Necessary Evil - Users’ (Un)Certainty about Smartphone App Permissions and Imp...


	Document type :	Scientific congresses, symposiums and conference proceedings : Paper published in a book
	Discipline(s) :	Engineering, computing & technology : Computer science
	To cite this reference:	http://hdl.handle.net/10993/51593

Title :	An (Un)Necessary Evil - Users’ (Un)Certainty about Smartphone App Permissions and Implications for Privacy Engineering
Language :	English
Author, co-author :	Bongard, Kerstin [University of Luxembourg > Faculty of Humanities, Education and Social Sciences (FHSE) > Department of Behavioural and Cognitive Sciences (DBCS) >]
	Sterckx, Jean-Louis [University of Luxembourg > Department of Behavioural and Cognitive Sciences]
	Rossi, Arianna [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > IRiSC >]
	Distler, Verena [University of Luxembourg > Faculty of Humanities, Education and Social Sciences (FHSE) > Department of Behavioural and Cognitive Sciences (DBCS) >]
	Rivas, Salvador [University of Luxembourg > Faculty of Humanities, Education and Social Sciences (FHSE) > LUCET >]
	Koenig, Vincent [University of Luxembourg > Faculty of Humanities, Education and Social Sciences (FHSE) > Department of Behavioural and Cognitive Sciences (DBCS) >]
Publication date :	2022
Main document title :	2022 7th IEEE European Symposium on Security and Privacy Workshops (EuroSPW)
Publisher :	IEEE
Peer reviewed :	Yes
On invitation :	No
Audience :	International
Event name :	2022 International Workshop on Privacy Engineering – IWPE'22 CO-LOCATED WITH 7TH IEEE EUROPEAN SYMPOSIUM ON SECURITY AND PRIVACY
Event date :	6 June 2022
Event organizer :	IEEE EuroS&P
Event place (city) :	Genoa
Event country :	Italy
Keywords :	[en] human computer interaction ; user interface design ; security evaluation
Abstract :	[en] App permission requests are a control mechanism meant to help users oversee and safeguard access to data and resources on their smartphones. To decide whether to accept or deny such requests and make this consent valid, users need to understand the underlying reasons and judge the relevance of disclosing data in line with their own use of an app. This study investigates people’s certainty about app permission requests via an online survey with 400 representative participants of the UK population. The results demonstrate that users are uncertain about the necessity of granting app permissions for about half of the tested permission requests. This implies substantial privacy risks, which are discussed in the paper, resulting in a call for user-protecting interventions by privacy engineers.
Funders :	Fonds National de la Recherche - FnR
Target :	Researchers ; Professionals
Permalink :	http://hdl.handle.net/10993/51593
Mentions required by the publisher for OA :	© 2022, Kerstin Bongard-Blanchy. Under license to IEEE. DOI 10.1109/EuroS&PW55150.2022.00023
FnR project :	FnR ; FNR14717072 > Gabriele Lenzini > DECEPTICON > Deceptive Patterns Online > 01/06/2021 > 31/05/2024 > 2020

File(s) associated to this reference

Fulltext file(s):

	File	Commentary	Version	Size	Access
Open access	An (Un)Necessary Evil - Users' (Un)Certainty About Smartphone App Permissions and Implications for P.pdf		Author postprint	119.43 kB	View/Open

All documents in ORBi^lu are protected by a user license.

University of Luxembourg Library | Feedback | Legal notices