Abstract P201: Evaluating Data Sharing And Privacy Policies Of Diabetes Mobile Apps: Where Is The Data Going?

Hypertension ◽  
2020 ◽  
Vol 76 (Suppl_1) ◽  
Author(s):  
Khaled Abdelrahman ◽  
Josh Bilello ◽  
Megna Panchbhavi ◽  
Mohammed S Abdullah
Keyword(s):  
Data Sharing ◽  
Mobile Applications ◽  
Mobile Apps ◽  
Third Party ◽  
Privacy Policy ◽  
Privacy Policies ◽  
Privacy Concerns ◽  
App Store ◽  
User Data ◽  
Do So

Introduction: Diabetes mobile applications (apps) that help patients monitor disease have led to privacy concerns. We aimed to assess privacy policies for diabetes mobile applications with a focus on data transmission to outside parties. Methods: The App Store was used to gather apps pertaining to diabetes by searching “diabetes” and “blood sugar”. Two readers evaluated privacy policies (PP) including data sharing and storing techniques for mention of 27 predetermined criteria. All network traffic generated while loading and using the app was intercepted by a man-in-the-middle attack to listen to data delivered between the sender and receiver of data transmissions. A packet analyzer determined contents of transmission, where data was sent, and if transmission contained user data. Results: Of 35 apps evaluated, 29 (83%) had PP. The most frequent transmission destinations were Google (n=130 transmissions), Kamai Technologies (n=53), Facebook (n=38) and Amazon (n=33). 35 of 35 apps (100%) were transmitting data to a third party. 2 of 2 (100%) of those who had a privacy policy without mention of a third party transmitted data to a third party. 8 of 8 (100%) apps who mentioned they would not transmit to a third party were found to do so. 19 of 19 (100%) apps who mentioned they would transmit data to a third party were found to do so. All apps (n=6) without a privacy policy were found to be transmitting data to a third party. Conclusion: Most diabetes apps on the App store have accessible PP. All apps evaluated transmitted data to a third party, even when the policy stated this would not occur. As mobile applications are increasingly utilized by patients, it is important to warn of privacy implications.

Assessment and Prediction of Privacy Concerns on Health Apps (Preprint)

2020 ◽  
Author(s):  
Reham AlTamime ◽  
Vincent Marmion ◽  
Wendy Hall
Keyword(s):  
Data Sharing ◽  
Mobile Applications ◽  
Retention Rate ◽  
Mobile Apps ◽  
Third Party ◽  
Privacy Concerns ◽  
Health Apps ◽  
Mobile Health Apps ◽  
Specific Factors ◽  
And Control

BACKGROUND Mobile apps and IoT-enabled smartphones technologies facilitate collecting, sharing, and inferring from a vast amount of data about individuals’ location, health conditions, mobility status, and other factors. The use of such technology highlights the importance of understanding individuals’ privacy concerns to design applications that integrate their privacy expectations and requirements. OBJECTIVE This paper explores, assesses, and predicts individuals’ privacy concerns in relation to collecting and disclosing data on mobile health apps. METHODS We designed a questionnaire to identify participants’ privacy concerns pertaining to a set of 432 mobile apps’ data collection and sharing scenarios. Participants were presented with 27 scenarios that varied across three categorical factors: (1) type of data collected (e.g. health, demographic, behavioral, and location); (2) data sharing (e.g., whether it is shared, and for what purpose); and, (3) retention rate (e.g., forever, until the purpose is satisfied, unspecified, week, or year). RESULTS Our findings show that type of data, data sharing, and retention rate are all factors that affect individuals’ privacy concerns. However, specific factors such as collecting and disclosing health data to a third-party tracker play a larger role than other factors in triggering privacy concerns. CONCLUSIONS Our findings suggest that it is possible to predict privacy concerns based on these three factors. We propose design approaches that can improve users’ awareness and control of their data on mobile applications

scholarly journals Losing Control to Data-Hungry Apps: A Mixed-Methods Approach to Mobile App Privacy

2018 ◽  
Vol 37 (4) ◽  
pp. 466-488 ◽  
Author(s):  
Petter Bae Brandtzaeg ◽  
Antoine Pultier ◽  
Gro Mette Moen
Keyword(s):  
Mixed Methods ◽  
Data Sharing ◽  
Mobile Apps ◽  
Personal Data ◽  
The United States ◽  
Mobile App ◽  
Third Party ◽  
User Survey ◽  
Privacy Policies ◽  
Mixed Methods Approach

Personal data from mobile apps are increasingly impacting users’ lives and privacy perceptions. However, there is a scarcity of research addressing the combination of (1) individual perceptions of mobile app privacy, (2) actual dataflows in apps, and (3) how such perceptions and dataflows relate to actual privacy policies and terms of use in mobile apps. To address these limitations, we conducted an innovative mixed-methods study including a representative user survey in Norway, an analysis of personal dataflows in apps, and content analysis of privacy policies of 21 popular, free Android mobile apps. Our findings show that more than half the respondents in the user survey repeatedly had refrained from downloading or using apps to avoid sharing personal data. Our analysis of dataflows applied a novel methodology measuring activity in the apps over time (48 hr). The investigation showed that 19 of the 21 apps investigated transmitted personal data to a total of approximately 600 different primary and third-party domains. From an European perspective, it is particularly noteworthy that most of these domains were associated with tech companies in the United States, where privacy laws are less strict than companies operating from Europe. The investigation further revealed that some apps by default track and share user data continuously, even when the app is not in use. For some of these, the terms of use provided with the apps did not inform the users about the actual tracking practice. A comparison of terms of use as provided in the studied apps with actual person dataflows as identified in the analysis disclosed that three of the apps shared data in violation with their provided terms of use. A possible solution for the mobile app industry, to strengthen user trust, is privacy by design through opt-in data sharing with the service and third parties and more granular information on personal data sharing practices. Also, based on the findings from this study, we suggest specific visualizations to enhance transparency of personal dataflows in mobile apps. A methodological contribution is that a mixed-methods approach strengthens our understanding of the complexity of privacy issues in mobile apps.

scholarly journals Evaluating the Data Privacy of Mobile Applications Through Crowdsourcing

2020 ◽  
Author(s):  
Ioannis Chrysakis ◽  
Giorgos Flouris ◽  
George Ioannidis ◽  
Maria Makridaki ◽  
Theodore Patkos ◽  
...  
Keyword(s):  
Mobile Applications ◽  
Data Privacy ◽  
Collective Intelligence ◽  
Mobile Apps ◽  
Mobile App ◽  
Smart Devices ◽  
Privacy Policy ◽  
Policy Documents ◽  
Privacy Concerns

Consumers are largely unaware regarding the use being made to the data that they generate through smart devices, or their GDPR-compliance, since such information is typically hidden behind vague privacy policy documents, which are often lengthy, difficult to read (containing legal terms and definitions) and frequently changing. This paper describes the activities of the CAP-A project, whose aim is to apply crowdsourcing techniques to evaluate the privacy friendliness of apps, and to allow users to better understand the content of Privacy Policy documents and, consequently, the privacy implications of using any given mobile app. To achieve this, we developed a set of tools that aim at assisting users to express their own privacy concerns and expectations and assess the mobile apps’ privacy properties through collective intelligence.

A New User-controlled and Efficient Encrypted Data Sharing Model in Cloud Storage

2019 ◽  
Vol 13 (4) ◽  
pp. 356-363
Author(s):  
Yuezhong Wu ◽  
Wei Chen ◽  
Shuhong Chen ◽  
Guojun Wang ◽  
Changyun Li
Keyword(s):  
Data Sharing ◽  
Data Security ◽  
Cloud Storage ◽  
Screening Program ◽  
Original Data ◽  
Third Party ◽  
Active System ◽  
Encrypted Data ◽  
Active User ◽  
User Data

Background: Cloud storage is generally used to provide on-demand services with sufficient scalability in an efficient network environment, and various encryption algorithms are typically applied to protect the data in the cloud. However, it is non-trivial to obtain the original data after encryption and efficient methods are needed to access the original data. Methods: In this paper, we propose a new user-controlled and efficient encrypted data sharing model in cloud storage. It preprocesses user data to ensure the confidentiality and integrity based on triple encryption scheme of CP-ABE ciphertext access control mechanism and integrity verification. Moreover, it adopts secondary screening program to achieve efficient ciphertext retrieval by using distributed Lucene technology and fine-grained decision tree. In this way, when a trustworthy third party is introduced, the security and reliability of data sharing can be guaranteed. To provide data security and efficient retrieval, we also combine active user with active system. Results: Experimental results show that the proposed model can ensure data security in cloud storage services platform as well as enhance the operational performance of data sharing. Conclusion: The proposed security sharing mechanism works well in an actual cloud storage environment.

Mobile Applications for Health Management of Older Adults: A Scoping Review (Preprint)

2020 ◽  
Author(s):  
Nurul Asilah Ahmad ◽  
Shahrul Azman Mohd Noah ◽  
Arimi Fitri Mat Ludin ◽  
Suzana Shahar ◽  
Noorlaili Mohd Tohit
Keyword(s):  
Older Adults ◽  
Goal Setting ◽  
Mobile Applications ◽  
Health Management ◽  
Mobile Apps ◽  
Personalized Feedback ◽  
Self Monitoring ◽  
App Store ◽  
Evidenced Based ◽  
Google Play

BACKGROUND Currently, the use of smartphones to deliver health-related content has experienced a rapid growth, with more than 165,000 mobile health (mHealth) applications currently available in the digital marketplace such as iOS store and Google Play. Among these, there are several mobile applications (mobile apps) that offer tools for disease prevention and management among older generations. These mobile apps could potentially promote health behaviors which will reduce or delay the onset of disease. However, no review to date that has focused on the app marketplace specific for older adults and little is known regarding its evidence-based quality towards the health of older adults. OBJECTIVE The aim of this review was to characterize and critically appraise the content and functionality of mobile apps that focuses on health management and/or healthy lifestyle among older adults. METHODS An electronic search was conducted between May 2019 to December 2019 of the official app store for two major smartphone operating systems: iPhone operating system (iTunes App Store) and Android (Google Play Store). Stores were searched separately using predetermined search terms. Two authors screened apps based on information provided in the app description. Metadata from all included apps were abstracted into a standard assessment criteria form. Evidenced based strategies and health care expert involvement of included apps was assessed. Evidenced based strategies included: self-monitoring, goal setting, physical activity support, healthy eating support, weight and/or health assessment, personalized feedback, motivational strategies, cognitive training and social support. Two authors verified the data with reference to the apps and downloaded app themselves. RESULTS A total of 16 apps met the inclusion criteria. Six out of 16 (37.5%) apps were designed exclusively for the iOS platform while ten out of 16 (62.5%) were designed for Android platform exclusively. Physical activity component was the most common feature offered in all the apps (9/16, 56.3%) and followed by cognitive training (8/16, 50.0%). Diet/nutrition (0/16, 0%) feature, however, was not offered on all reviewed mobile apps. Of reviewed apps, 56.3% (9/16) provide education, 37.5% (6/16) provide self-monitoring features, 18.8% (3/16) provide goal setting features, 18.5% (3/16) provide personalized feedback, 6.3% (1/16) provide social support and none of the reviewed apps offers heart rate monitoring and reminder features to the users. CONCLUSIONS All reviewed mobile apps for older adults in managing health did not focused on diet/nutrition component, lack of functional components and lack of health care professional involvement in their development process. There is also a need to carry out scientific testing prior to the development of the app to ensure cost effective and its health benefits to older adults. Collaborative efforts between developers, researchers, health professionals and patients are needed in developing evidence-based, high quality mobile apps in managing health prior they are made available in the app store.

Privacy Concerns and Mobile App Store

2021 ◽  
pp. 2150019
Author(s):  
Brenda Mak ◽  
Leigh Jin
Keyword(s):  
Purchase Intention ◽  
Mobile Apps ◽  
Smart Phone ◽  
User Acceptance ◽  
Mobile App ◽  
Privacy Concerns ◽  
App Store ◽  
Negative Effect ◽  
Positive Effect ◽  
Share Information

Mobile apps have been transforming how individuals and organizations share information and conduct business. This research studies the relationships among user readiness factors, privacy concerns, and user acceptance of mobile app stores. A survey was conducted among college smart phone users. Results indicate that the privacy concerns construct has a direct negative effect on purchase intention of mobile apps in the app store. In addition, user readiness has a direct positive effect on attitudes to the app store, and a net positive effect on purchase intention of apps in the app store. Implications of our findings were discussed.

An Analysis of Online Privacy Policies of Fortune 100 Companies

2009 ◽  
pp. 269-283
Author(s):  
Suhong Li
Keyword(s):  
Personal Information ◽  
Online Privacy ◽  
Third Party ◽  
Security Requirements ◽  
Current Status ◽  
Safe Harbor ◽  
Privacy Policy ◽  
Privacy Policies ◽  
Fair Information Practices ◽  
Fortune 100

The purpose of this chapter is to investigate the current status of online privacy policies of Fortune 100 Companies. It was found that 94% of the surveyed companies have posted an online privacy policy and 82% of them collect personal information from consumers. The majority of the companies only partially follow the four principles (notice, choice, access, and security) of fair information practices. For example, most of the organizations give consumers some notice and choice in term of the collection and use of their personal information. However, organizations fall short in security requirements. Only 19% of organizations mention that they have taken steps to provide security for information both during transmission and after their sites have received the information. The results also reveal that a few organizations have obtained third-party privacy seals including TRUSTe, BBBOnline Privacy, and Safe Harbor.

How Do Mobile Applications for Cancer Communicate About Their Privacy Practices?

2021 ◽  
pp. 113-144
Author(s):  
Zerin Mahzabin Khan ◽  
Rukhsana Ahmed ◽  
Devjani Sen
Keyword(s):  
Mobile Applications ◽  
Critical Analysis ◽  
Data Privacy ◽  
Mobile Apps ◽  
Personal Data ◽  
End Users ◽  
Privacy Policies ◽  
Inadequate Information ◽  
Practical Implications ◽  
Complex Manner

No previous research on cancer mobile applications (apps) has investigated issues associated with the data privacy of its consumers. The current chapter addressed this gap in the literature by assessing the content of online privacy policies of selected cancer mobile apps through applying a checklist and performing an in-depth critical analysis to determine how the apps communicated their privacy practices to end users. The results revealed that the privacy policies were mostly ambiguous, with content often presented in a complex manner and inadequate information on the ownership, use, disclosure, retention, and collection of end users' personal data. These results highlight the importance of improving the transparency of privacy practices in health and fitness cancer mobile apps to clearly and effectively communicate how end users' personal data are collected, stored, and shared. The chapter concludes with recommendations and discussion on practical implications for stakeholders like cancer app users, developers, policymakers, and clinicians.

scholarly journals CAP-A: A Suite of Tools for Data Privacy Evaluation of Mobile Applications

2020 ◽  
Author(s):  
Ioannis Chrysakis ◽  
Giorgos Flouris ◽  
George Ioannidis ◽  
Maria Makridaki ◽  
Theodore Patkos ◽  
...  
Keyword(s):  
Mobile Applications ◽  
Data Privacy ◽  
Mobile Apps ◽  
Personal Data ◽  
Privacy Policy ◽  
Policy Makers ◽  
Policy Documents ◽  
The Public

The utilisation of personal data by mobile apps is often hidden behind vague Privacy Policy documents, which are typically lengthy, difficult to read (containing legal terms and definitions) and frequently changing. This paper discusses a suite of tools developed in the context of the CAP-A project, aiming to harness the collective power of users to improve their privacy awareness and to promote privacy-friendly behaviour by mobile apps. Through crowdsourcing techniques, users can evaluate the privacy friendliness of apps, annotate and understand Privacy Policy documents, and help other users become aware of privacy-related aspects of mobile apps and their implications, whereas developers and policy makers can identify trends and the general stance of the public in privacy-related matters. The tools are available for public use in: https://cap-a.eu/tools/.

Sign in / Sign up

Export Citation Format

Share Document