PrivacyInformer : an automated privacy description generator for the MIT App Inventor

Miao, Daniela Yidan

Author(s)

Miao, Daniela Yidan

DownloadFull printable version (5.004Mb)

Alternative title

Automated privacy description generator for the MIT App Inventor

Other Contributors

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.

Advisor

Lalana Kagal.

Terms of use

M.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission. http://dspace.mit.edu/handle/1721.1/7582

Metadata

Show full item record

Abstract

With the advent of "smart" mobile phones and ubiquitous mobile applications, the pace at which people generate, access, and acquire data has accelerated significantly. In this thesis, we first examine how privacy issues in the mobile apps market compromise the well-being of both app consumers and developers, noting that one important problem is the lack of usable privacy policies. Subsequently, we propose a technical solution named PrivacyInformer that automatically generates mobile app privacy descriptions, thereby relieving developers the burden of manually creating them. This tool is implemented as an extension to the MIT App Inventor, a do-it-yourself mobile app building platform that has a vast international user base, as well as a growing impact on the democratizing of mobile app building. We show that by analyzing source code of mobile apps directly in App Inventor, PrivacyInformer can produce simple and useful privacy descriptions in both human-readable and machine-readable format. Specifically, these generated documents describe how mobile apps use private information, rather than simply enumerating a list of data access as done in the permissions system. Finally, we conduct an exploratory user study to evaluate the effectiveness of PrivacyInformer from the app developer's perspective, as well as discuss the policy impact of such a tool in the mobile app development community.

Description

Thesis: S.M. in Technology and Policy, Massachusetts Institute of Technology, Engineering Systems Division, 2014.

Thesis: S.M., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2014.

This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.

Cataloged from student-submitted PDF version of thesis.

Includes bibliographical references (pages 71-73).

Date issued

2014

URI

http://hdl.handle.net/1721.1/95523

Department

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science; Massachusetts Institute of Technology. Engineering Systems Division

Publisher

Massachusetts Institute of Technology

Keywords

Engineering Systems Division., Technology and Policy Program., Electrical Engineering and Computer Science.

Collections

Graduate Theses