research-article

Short paper: location privacy: user behavior in the field

Authors:

David WagnerAuthors Info & Claims

SPSM '12: Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices

Pages 51 - 56

https://doi.org/10.1145/2381934.2381945

Published: 19 October 2012 Publication History

Abstract

Current smartphone platforms provide ways for users to control access to information about their location. For instance, on the iPhone, when an application requests access to location information, the operating system asks the user whether to grant location access to this application. In this paper, we study how users are using these controls. Do iPhone users allow applications to access their location? Do their decisions differ from application to application? Can we predict how a user will respond for a particular application, given their past responses for other applications?

We gather data from iPhone users that sheds new light on these questions. Our results indicate that there are different classes of users: some deny all applications access to their location, some allow all applications access to their location, and some selectively permit a fraction of their applications to access their location. We also find that apps can be separated into different classes by what fraction of users trust the app with their location data. Finally, we investigate using machine learning techniques to predict users' location-sharing decisions; we find that we are sometimes able to predict the user's actual choice, though there is considerable room for improvement. If it is possible to improve the accuracy rate further, this information could be used to relieve users of the cognitive burden of individually assigning location permissions for each application, allowing users to focus their attention on more critical matters.

References

[1]

Denise Anthony, David Kotz, and Tristan Henderson. Privacy in location-aware computing environments. IEEE Pervasive Computing, 6(4):64--72, 2007.

Digital Library

[2]

Louise Barkhuus. Privacy in location-based services, concern vs. coolness. In Workshop on Location System Privacy and Control at MobileHCI, 2004.

[3]

Louise Barkhuus and Anind Dey. Location-based services for mobile telephony: a study of users' privacy concerns. In International Conference on Human-Computer Interaction, 2003.

[4]

Brian X. Chen. iPhone tracks your every move, and there's a map for that. http://www.wired.com/gadgetlab/2011/04/iphone-tracks/, April 2011.

[5]

Erika Chin, Adrienne Porter Felt, Vyas Sekar, and David Wagner. Measuring user confidence in smartphone security and privacy. In Proceedings of the 8th Symposium On Usable Privacy and Security (SOUPS), 2012.

Digital Library

[6]

Nicolas Christin, Serge Egelman, Timothy Vidas, and Jens Grossklags. It's all about the Benjamins: an empirical study on incentivizing users to ignore security advice. In Proceedings of the 15th international conference on Financial Cryptography and Data Security, FC'11, pages 16--30, Berlin, Heidelberg, 2012. Springer-Verlag.

Digital Library

[7]

Sunny Consolvo, Ian E. Smith, Tara Matthews, Anthony LaMarca, Jason Tabert, and Pauline Powledge. Location disclosure to social relations: why, when, & what people want to share. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI), 2005.

Digital Library

[8]

Dan Cvrcek, Marek Kumpost, Vashek Matyas, and George Danezis. A study on the value of location privacy. In Proceedings of the 2006 Workshop on Privacy in an Electronic Society (WPES'06), 2006.

Digital Library

[9]

George Danezis, Stephen Lewis, and Ross Anderson. How much is location privacy worth? In Proceedings of the Workshop on the Economics of Information Security Series (WEIS 2005), 2005.

[10]

Serge Egelman, Lorrie Faith Cranor, and Jason Hong. You've been warned: An empirical study of the effectiveness of web browser phishing warnings. In Proceedings of the twenty-sixth annual SIGCHI Conference on Human Factors in Computing Systems, CHI '08, pages 1065--1074, New York, NY, USA, 2008. ACM.

Digital Library

[11]

Serge Egelman, Adrienne Porter Felt, and David Wagner. Choice architecture and smartphone privacy: There's a price for that. In Workshop on the Economics of Information Security (WEIS), 2012.

[12]

Adrienne Porter Felt, Kate Greenwood, and David Wagner. The effectiveness of application permissions. In Proceedings of the 2nd USENIX conference on Web application development, WebApps'11, Berkeley, CA, USA, 2011. USENIX Association.

Digital Library

[13]

Arik Hesseldahl. Apple and Google answer tough questions from senators on the location brouhaha. http://allthingsd.com/20110510/liveblog-apple-and-google-testify-before-congress-on-the-location-brouhaha/, May 2011.

[14]

Giovanni Iachello, Ian Smith, Sunny Consolvo, Mike Chen, and Gregory D. Abowd. Developing privacy guidelines for social location disclosure applications and services. In Proceedings of the 2005 Symposium on Usable Privacy and Security (SOUPS), 2005.

Digital Library

[15]

Apple Inc. iPhone User Guide for iOS 5.1 software, 2012.

[16]

Patrick Gage Kelley, Michael Benisch, Lorrie Faith Cranor, and Norman Sadeh. When are users comfortable sharing locations with advertisers? In Proceedings of the Conference on Human Factors in Computing Systems (CHI), 2011.

Digital Library

[17]

Raghunandan H. Keshavan, Sewoong Oh, and Andrea Montanari. Matrix completion from a few entries. In Proceedings of the 2009 IEEE international conference on Symposium on Information Theory - Volume 1, ISIT'09, pages 324--328, Piscataway, NJ, USA, 2009. IEEE Press.

Digital Library

[18]

Scott Lederer, Jennifer Mankoff, and Anind K. Dey. Who wants to know what when? Privacy preference determinants in ubiquitous computing. In CHI Extended Abstracts on Human Factors in Computing Systems, 2003.

Digital Library

[19]

Janne Lindqvist, Justin Cranshaw, Jason Wiese, Jason Hong, and John Zimmerman. I'm the mayor of my house: examining why people use Foursquare - a social-driven location sharing application. In ACM CHI Conference on Human Factors in Computing Systems, 2011.

Digital Library

[20]

Nathan Olivarez-Giles. Path apologizes for saving iPhone contacts, wipes data, updates app. http://articles.latimes.com/2012/feb/08/business/la-fi-tn-path-ceo-dave-morin-we-are-sorry-20120208, Feb 2012.

[21]

Sarah Perez. Android phones track your location, too. http://www.readwriteweb.com/archives/Android_phones_track_your_location_too.php, April 2011.

[22]

Norman Sadeh, Jason Hong, Lorrie Cranor, Ian Fette, Patrick Kelley, Madhu Prabaker, and Jinghai Rao. Understanding and capturing people's privacy policies in a mobile social networking application. Personal and Ubiquitous Computing, 2009.

Digital Library

[23]

Joshua Sunshine, Serge Egelman, Hazim Almuhimedi, Neha Atri, and Lorrie Faith Cranor. Crying wolf: an empirical study of SSL warning effectiveness. In Proceedings of the 18th conference on USENIX security symposium, SSYM'09, pages 399--416, Berkeley, CA, USA, 2009. USENIX Association.

Digital Library

[24]

Jason Wiese, Patrick Gage Kelley, Lorrie Faith Cranor, Laura Dabbish, Jason I. Hong, and John Zimmerman. Are you close with me? are you nearby?: investigating social groups, closeness, and willingness to share. In Proceedings of the 13th International Conference on Ubiquitous Computing (UbiComp), 2011.

Digital Library

Cited By

Ma YSew CSarsenbayeva ZKnibbe JGoncalves J(2024)Understanding Users' Perspectives on Location Privacy Management on iPhonesProceedings of the ACM on Human-Computer Interaction10.1145/36765298:MHCI(1-25)Online publication date: 24-Sep-2024
https://dl.acm.org/doi/10.1145/3676529
Ma YZhou QTag BSarsenbayeva ZKnibbe JGoncalves J(2023)“Hello, Fellow Villager!”: Perceptions and Impact of Displaying Users’ Locations on WeiboHuman-Computer Interaction – INTERACT 202310.1007/978-3-031-42286-7_29(511-532)Online publication date: 25-Aug-2023
https://doi.org/10.1007/978-3-031-42286-7_29
Miazi NLipford HShehab M(2021)Exploring Perceptions of a Localized Content-Sharing System Using Users-as-BeaconsHuman-Computer Interaction – INTERACT 202110.1007/978-3-030-85616-8_21(351-372)Online publication date: 26-Aug-2021
https://doi.org/10.1007/978-3-030-85616-8_21
Show More Cited By

Index Terms

Short paper: location privacy: user behavior in the field
1. Security and privacy
  1. Systems security
    1. Operating systems security

Recommendations

The effect of developer-specified explanations for permission requests on smartphone user behavior
CHI '14: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems

In Apple's iOS 6, when an app requires access to a protected resource (e.g., location or photos), the user is prompted with a permission request that she can allow or deny. These permission request dialogs include space for developers to optionally ...
Short paper: WifiLeaks: underestimated privacy implications of the access_wifi_state android permission
WiSec '14: Proceedings of the 2014 ACM conference on Security and privacy in wireless & mobile networks

On Android, installing an application implies accepting the permissions it requests, and these permissions are then enforced at runtime. In this work, we focus on the privacy implications of the ACCESS_WIFI_STATE permission. For this purpose, we ...
Short paper: a look at smartphone permission models
SPSM '11: Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices

Many smartphone operating systems implement strong sandboxing for 3rd party application software. As part of this sandboxing, they feature a permission system, which conveys to users what sensitive resources an application will access and allows users ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SPSM '12: Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices

October 2012

112 pages

ISBN:9781450316668

DOI:10.1145/2381934

General Chair:
Ting Yu
North Carolina State University, USA
,
Program Chairs:
William Enck
North Carolina State University
,
Xuxian Jiang
North Carolina State University

Copyright © 2012 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 19 October 2012

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'12

Sponsor:

SIGSAC

CCS'12: the ACM Conference on Computer and Communications Security

October 19, 2012

North Carolina, Raleigh, USA

Acceptance Rates

Overall Acceptance Rate 46 of 139 submissions, 33%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

23
Total Citations
View Citations
626
Total Downloads

Downloads (Last 12 months)17
Downloads (Last 6 weeks)0

Reflects downloads up to 16 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Ma YSew CSarsenbayeva ZKnibbe JGoncalves J(2024)Understanding Users' Perspectives on Location Privacy Management on iPhonesProceedings of the ACM on Human-Computer Interaction10.1145/36765298:MHCI(1-25)Online publication date: 24-Sep-2024
https://dl.acm.org/doi/10.1145/3676529
Ma YZhou QTag BSarsenbayeva ZKnibbe JGoncalves J(2023)“Hello, Fellow Villager!”: Perceptions and Impact of Displaying Users’ Locations on WeiboHuman-Computer Interaction – INTERACT 202310.1007/978-3-031-42286-7_29(511-532)Online publication date: 25-Aug-2023
https://doi.org/10.1007/978-3-031-42286-7_29
Miazi NLipford HShehab M(2021)Exploring Perceptions of a Localized Content-Sharing System Using Users-as-BeaconsHuman-Computer Interaction – INTERACT 202110.1007/978-3-030-85616-8_21(351-372)Online publication date: 26-Aug-2021
https://doi.org/10.1007/978-3-030-85616-8_21
Tonge ACaragea C(2020)Image Privacy Prediction Using Deep Neural NetworksACM Transactions on the Web10.1145/338608214:2(1-32)Online publication date: 9-Apr-2020
https://dl.acm.org/doi/10.1145/3386082
Mainali PShepherd CPetitcolas F(2019)Privacy-Enhancing Context Authentication from Location-Sensitive DataProceedings of the 14th International Conference on Availability, Reliability and Security10.1145/3339252.3340334(1-10)Online publication date: 26-Aug-2019
https://dl.acm.org/doi/10.1145/3339252.3340334
Wu TTang LZhang RWen SParis CNepal SGrobler MXiang Y(2019)Catering to Your ConcernsACM Transactions on Cyber-Physical Systems10.1145/33176993:4(1-21)Online publication date: 4-Sep-2019
https://dl.acm.org/doi/10.1145/3317699
Betzing JTietz Mvom Brocke JBecker J(2019)The impact of transparency on mobile privacy decision makingElectronic Markets10.1007/s12525-019-00332-330:3(607-625)Online publication date: 7-Feb-2019
https://doi.org/10.1007/s12525-019-00332-3
Gerber NGerber PDrews HKirchner ESchlegel NSchmidt TScholz LBella GLenzini G(2018)FoxITProceedings of the 7th Workshop on Socio-Technical Aspects in Security and Trust10.1145/3167996.3167999(53-63)Online publication date: 5-Dec-2018
https://dl.acm.org/doi/10.1145/3167996.3167999
Chitkara SGothoskar NHarish SHong JAgarwal Y(2017)Does this App Really Need My Location?Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/31320291:3(1-22)Online publication date: 11-Sep-2017
https://dl.acm.org/doi/10.1145/3132029
Liu BAndersen MSchaub FAlmuhimedi HZhang SSadeh NAcquisti AAgarwal Y(2016)Follow my recommendationsProceedings of the Twelfth USENIX Conference on Usable Privacy and Security10.5555/3235895.3235899(27-41)Online publication date: 22-Jun-2016
https://dl.acm.org/doi/10.5555/3235895.3235899
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents