Smartphones offer a convenient way to download and install third-party applications. Over 200,000 applications are currently available in Apple's App Store and over 70,000 in Android's Market. Many of these applications access users' personal data such as location, phone information, and usage history to enhance their experience. But users must trust that applications will only use their privacy-sensitive information in a desirable way. Unfortunately, applications rarely provide privacy policies that clearly state how users' sensitive information will be used, and users have no way of knowing where applications send the information given to them.
The study was led by Jaeyeon Jung (a research scientist at Intel Labs, Seattle) and William Enck (a doctoral student at Penn State University). Their peer-reviewed report will be presented at the USENIX Symposium on Operating Systems Design and Implementation (OSDI) Oct. 4-6 in Vancouver, BC, Canada. Co-authors on the paper are Peter Gilbert (a doctoral student at Duke University), Landon Cox (an assistant professor at Duke University); Byung-Gon Chun (a research scientist at Intel Labs, Berkeley), Anmol Sheth (a research scientist at Intel Labs, Seattle); and Patrick McDaniel (an associate professor at Penn State University).