ABSTRACT
One aspect of privacy that has not been well explored is privacy for children. We present the design and evaluation of a machine learning model for predicting whether a mobile app is designed for children, which is an important step in helping to enforce the Children's Online Privacy Protection Act (COPPA). We evaluated our model on 1,728 apps from Google Play and achieved 95% accuracy. We also applied our model on a set of nearly 1 million free apps from Google Play, and identified almost 68,000 apps for kids. We then conducted a privacy analysis of the usage of third-party libraries for each app, which can help us understand some of the app's privacy-related behaviors. We believe this list can serve as a good start point for further fine-grained privacy analysis on mobile apps for children.
- COPPA - Children's Online Privacy Protection Act. http://www.coppa.org/coppa.htm.Google Scholar
- Flesch-Kincaid readability test. https://en.wikipedia.org/wiki/Flesch%E2%80%93Kincaid_readability_tests.Google Scholar
- FTC's first fines for violating online kids' privacy law. http://www.computerworld.com/article/2592253/government-it/ftc-assesses-first-fines-for-violating-online-kids-privacy-law.html.Google Scholar
- The porter stemming algorithm. http://tartarus.org/martin/PorterStemmer/.Google Scholar
- Privacygrade: Grading the privacy of smartphone apps. http://privacygrade.org/.Google Scholar
- Tesseract-ocr. https://github.com/tesseract-ocr.Google Scholar
- Y. Agarwal and M. Hall. ProtectMyPrivacy: detecting and mitigating privacy leaks on iOS devices using crowdsourcing. In MobiSys, 2013. Google ScholarDigital Library
- R. Bhoraskar, S. Han, J. Jeon, T. Azim, S. Chen, J. Jung, S. Nath, R. Wang, and D. Wetherall. Brahmastra: Driving apps to test the security of third-party components. In USENIX Security Symposium, 2014. Google ScholarDigital Library
- C.-C. Chang and C.-J. Lin. LIBSVM: A library for support vector machines. ACM Transactions on Intelligent Systems and Technology, 2011. Software available at http://www.csie.ntu.edu.tw/%7Ecjlin/libsvm. Google ScholarDigital Library
- N. Chen, S. C. Hoi, S. Li, and X. Xiao. SimApp: A framework for detecting similar mobile applications by online kernel learning. In WSDM, 2015. Google ScholarDigital Library
- Y. Chen, H. Xu, Y. Zhou, and S. Zhu. Is this app safe for children?: A comparison study of maturity ratings on Android and iOS applications. In WWW, 2013. Google ScholarDigital Library
- Y. Chen, S. Zhu, H. Xu, and Y. Zhou. Children's exposure to mobile in-app advertising: An analysis of content appropriateness. In SocialCom, 2013. Google ScholarDigital Library
- F. T. Commission et al. Mobile apps for kids: current privacy disclosures are disappointing, 2012.Google Scholar
- F. T. Commission et al. Mobile apps for kids: Disclosures still not making the grade, 2012.Google Scholar
- B. Fu, J. Lin, L. Li, C. Faloutsos, J. Hong, and N. Sadeh. Why people hate your app: Making sense of user feedback in a mobile app store. In KDD, 2013. Google ScholarDigital Library
- C. Gibler, J. Crussell, J. Erickson, and H. Chen. Androidleaks: Automatically detecting potential privacy leaks in Android applications on a large scale. In TRUST, 2012. Google ScholarDigital Library
- M. Harman, Y. Jia, and Y. Zhang. App store mining and analysis: MSR for app stores. In MSR, 2012. Google ScholarDigital Library
- D. Holloway, L. Green, and S. Livingstone. Zero to eight: Young children and their internet use. LSE London, EU Kids Online, 2013.Google Scholar
- B. Hu, B. Liu, N. Z. Gong, D. Kong, and H. Jin. Protecting your children from inappropriate content in mobile apps: An automatic maturity rating framework. In CIKM, 2015. Google ScholarDigital Library
- I. Liccardi, M. Bulger, H. Abelson, D. Weitzner, and W. Mackay. Can apps play by the COPPA rules? In PST, 2014.Google ScholarCross Ref
- J. Lin, S. Amini, J. I. Hong, N. Sadeh, J. Lindqvist, and J. Zhang. Expectation and purpose: Understanding users' mental models of mobile app privacy through crowdsourcing. In UbiComp, 2012. Google ScholarDigital Library
- J. Lin, B. Liu, N. Sadeh, and J. I. Hong. Modeling users mobile app privacy preferences: Restoring usability in a sea of permission settings. In SOUPS, 2014.Google Scholar
- R. Pandita, X. Xiao, W. Yang, W. Enck, and T. Xie. WHYPER: Towards automating risk assessment of mobile applications. In USENIX Security Symposium, 2013. Google ScholarDigital Library
- H. Wang, J. I. Hong, and Y. Guo. Using text mining to infer the purpose of permission use in mobile apps. In UbiComp, 2015. Google ScholarDigital Library
- Y. Yang and J. O. Pedersen. A comparative study on feature selection in text categorization. In ICML, 1997. Google ScholarDigital Library
- H. Zhu, H. Xiong, Y. Ge, and E. Chen. Ranking fraud detection for mobile apps: A holistic view. In CIKM, 2013. Google ScholarDigital Library
Index Terms
- Identifying and Analyzing the Privacy of Apps for Kids
Recommendations
“Money makes the world go around”: Identifying Barriers to Better Privacy in Children’s Apps From Developers’ Perspectives
CHI '21: Proceedings of the 2021 CHI Conference on Human Factors in Computing SystemsThe industry for children’s apps is thriving at the cost of children’s privacy: these apps routinely disclose children’s data to multiple data trackers and ad networks. As children spend increasing time online, such exposure accumulates to long-term ...
Analyzing GUI running fluency for Android apps
MSCC '16: Proceedings of the 3rd ACM Workshop on Mobile Sensing, Computing and CommunicationAndroid as a free open platform has become increasingly popular and been widespread adopted in mobile, tablet, and other devices. However, a great number of issues, such as inadequate quality and the fragmentation phenomenon, have emerged, enhancing the ...
Mining and characterizing hybrid apps
WAMA 2016: Proceedings of the International Workshop on App Market AnalyticsMobile apps have grown tremendously over the past few years. To capitalize on this growth and to attract more users, implementing the same mobile app for different platforms has become a common industry practice. Building the same app natively for each ...
Comments