Alamri, Hamad, Maple, Carsten, Mohamad, Saad and Epiphaniou, Gregory (2022) Do the right thing : a privacy policy adherence analysis of over two million apps in Apple iOS App Store. Sensors, 22 (22). 8964. doi:10.3390/s22228964 ISSN 1424-8220.

Preview

PDF sensors-22-08964-v2.pdf - Published Version - Requires a PDF viewer. Available under License Creative Commons Attribution 4.0. Download (594Kb) | Preview

Request Changes to record.

Abstract

Mobile app developers are often obliged by regulatory frameworks to provide a privacy policy in natural comprehensible language to describe their apps’ privacy practices. However, prior research has revealed that: (1) not all app developers offer links to their privacy policies; and (2) even if they do offer such access, it is difficult to determine if it is a valid link to a (valid) policy. While many prior studies looked at this issue in Google Play Store, Apple App Store, and particularly the iOS store, is much less clear. In this paper, we conduct the first and the largest study to investigate the previous issues in the iOS app store ecosystem. First, we introduce an App Privacy Policy Extractor (APPE), a system that embraces and analyses the metadata of over two million apps to give insightful information about the distribution of the supposed privacy policies, and the content of the provided privacy policy links, store-wide. The result shows that only 58.5% of apps provide links to purported privacy policies, while 39.3% do not provide policy links at all. Our investigation of the provided links shows that only 38.4% of those links were directed to actual privacy policies, while 61.6% failed to lead to a privacy policy. Further, for research purposes we introduce the App Privacy Policy Corpus (APPC-451K); the largest app privacy policy corpus consisting of data relating to more than 451K verified privacy policies.

Item Type:	Journal Article
Subjects:	Q Science > QA Mathematics > QA76 Electronic computers. Computer science. Computer software
Divisions:	Faculty of Science, Engineering and Medicine > Engineering > WMG (Formerly the Warwick Manufacturing Group)
Library of Congress Subject Headings (LCSH):	Privacy, iOS (Electronic resource), Information storage and retrieval systems -- Privacy, Right of, Data protection -- Law and legislation, Mobile apps, Application software -- Development
Journal or Publication Title:	Sensors
Publisher:	MDPI AG
ISSN:	1424-8220
Official Date:	19 November 2022
Dates:	Date Event 19 November 2022 Published 12 November 2022 Accepted
Volume:	22
Number:	22
Article Number:	8964
DOI:	10.3390/s22228964
Status:	Peer Reviewed
Publication Status:	Published
Access rights to Published version:	Open Access (Creative Commons)
Date of first compliant deposit:	7 February 2023
Date of first compliant Open Access:	7 February 2023

Request changes or add full text files to a record

Repository staff actions (login required)

View Item

Downloads