Factors Affecting Users' Disclosure Decisions in Android Runtime Permissions Model

Baalous, R. and Poet, R. (2020) Factors Affecting Users' Disclosure Decisions in Android Runtime Permissions Model. In: 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 29 Dec 2020 - 01 Jan 2021, pp. 1113-1118. ISBN 9780738143804 (doi: 10.1109/TrustCom50675.2020.00147)

[img] Text
234950.pdf - Accepted Version

662kB

Publisher's URL: https://ieeexplore.ieee.org/abstract/document/9343147

Abstract

Today, Android users are faced with several permissions' screens asking to access their personal information when using Android apps. In fact, Android users have to balance several considerations when choosing to grant or deny these data collection activities. Hence, it is important to understand how users' decisions are made and what factors play a role in users' decisions. A number of studies on the permissions' screens of Android devices have reported users discomfort and misunderstanding of the permission system. However, most studies were carried out on the old permission system where all permissions are presented at installation time, and the user has to either accept all the permissions or stop the installation. With the new permission system started with Android version 6.0 and higher, permissions are presented differently at run time. In this work, we aim to study users' disclosure decisions with the new run time system on Android. We have modeled users' disclosure decisions from three perspectives: dangerous permission type, clarity of rationale, and clarity of context. The study has been conducted on Amazon Mechanical Turk. The results show that dangerous permission type as well as clarity of the context have a statistical significant effect on users' disclosure decisions. On the other hand, clarity of dangerous permission's rationale does not contribute significantly to users' decisions. These findings shed light upon important factors that users consider in making privacy decisions in the new Android run time model. Such factors should be taken into account by Android apps developers when requesting access to users' private information.

Item Type:Conference Proceedings
Status:Published
Refereed:Yes
Glasgow Author(s) Enlighten ID:Poet, Dr Ron and Baalous, Rawan Sulaiman A
Authors: Baalous, R., and Poet, R.
College/School:College of Science and Engineering > School of Computing Science
ISSN:2324-9013
ISBN:9780738143804
Published Online:09 February 2021
Copyright Holders:Copyright © 2020 IEEE
First Published:First published in 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom): 1113-1118
Publisher Policy:Reproduced in accordance with the publisher copyright policy

University Staff: Request a correction | Enlighten Editors: Update this record