research-article

Public Access

Identifying and Analyzing the Privacy of Apps for Kids

Authors:
Minxing Liu

Peking University, Beijing, China

Peking University, Beijing, China
View Profile

,
Haoyu Wang

Peking University, Beijing, China

Peking University, Beijing, China
View Profile

,
Yao Guo

Peking University, Beijing, China

Peking University, Beijing, China
View Profile

,
Jason Hong

Carnegie Mellon University, Pittsburgh, PA, USA

Carnegie Mellon University, Pittsburgh, PA, USA
View Profile

HotMobile '16: Proceedings of the 17th International Workshop on Mobile Computing Systems and ApplicationsFebruary 2016Pages 105–110https://doi.org/10.1145/2873587.2873597

Published:23 February 2016Publication History

HotMobile '16: Proceedings of the 17th International Workshop on Mobile Computing Systems and Applications

Pages 105–110

ABSTRACT

One aspect of privacy that has not been well explored is privacy for children. We present the design and evaluation of a machine learning model for predicting whether a mobile app is designed for children, which is an important step in helping to enforce the Children's Online Privacy Protection Act (COPPA). We evaluated our model on 1,728 apps from Google Play and achieved 95% accuracy. We also applied our model on a set of nearly 1 million free apps from Google Play, and identified almost 68,000 apps for kids. We then conducted a privacy analysis of the usage of third-party libraries for each app, which can help us understand some of the app's privacy-related behaviors. We believe this list can serve as a good start point for further fine-grained privacy analysis on mobile apps for children.

References

COPPA - Children's Online Privacy Protection Act. http://www.coppa.org/coppa.htm.Google Scholar
Flesch-Kincaid readability test. https://en.wikipedia.org/wiki/Flesch%E2%80%93Kincaid_readability_tests.Google Scholar
FTC's first fines for violating online kids' privacy law. http://www.computerworld.com/article/2592253/government-it/ftc-assesses-first-fines-for-violating-online-kids-privacy-law.html.Google Scholar
The porter stemming algorithm. http://tartarus.org/martin/PorterStemmer/.Google Scholar
Privacygrade: Grading the privacy of smartphone apps. http://privacygrade.org/.Google Scholar
Tesseract-ocr. https://github.com/tesseract-ocr.Google Scholar
Y. Agarwal and M. Hall. ProtectMyPrivacy: detecting and mitigating privacy leaks on iOS devices using crowdsourcing. In MobiSys, 2013. Google ScholarDigital Library
R. Bhoraskar, S. Han, J. Jeon, T. Azim, S. Chen, J. Jung, S. Nath, R. Wang, and D. Wetherall. Brahmastra: Driving apps to test the security of third-party components. In USENIX Security Symposium, 2014. Google ScholarDigital Library
C.-C. Chang and C.-J. Lin. LIBSVM: A library for support vector machines. ACM Transactions on Intelligent Systems and Technology, 2011. Software available at http://www.csie.ntu.edu.tw/%7Ecjlin/libsvm. Google ScholarDigital Library
N. Chen, S. C. Hoi, S. Li, and X. Xiao. SimApp: A framework for detecting similar mobile applications by online kernel learning. In WSDM, 2015. Google ScholarDigital Library
Y. Chen, H. Xu, Y. Zhou, and S. Zhu. Is this app safe for children?: A comparison study of maturity ratings on Android and iOS applications. In WWW, 2013. Google ScholarDigital Library
Y. Chen, S. Zhu, H. Xu, and Y. Zhou. Children's exposure to mobile in-app advertising: An analysis of content appropriateness. In SocialCom, 2013. Google ScholarDigital Library
F. T. Commission et al. Mobile apps for kids: current privacy disclosures are disappointing, 2012.Google Scholar
F. T. Commission et al. Mobile apps for kids: Disclosures still not making the grade, 2012.Google Scholar
B. Fu, J. Lin, L. Li, C. Faloutsos, J. Hong, and N. Sadeh. Why people hate your app: Making sense of user feedback in a mobile app store. In KDD, 2013. Google ScholarDigital Library
C. Gibler, J. Crussell, J. Erickson, and H. Chen. Androidleaks: Automatically detecting potential privacy leaks in Android applications on a large scale. In TRUST, 2012. Google ScholarDigital Library
M. Harman, Y. Jia, and Y. Zhang. App store mining and analysis: MSR for app stores. In MSR, 2012. Google ScholarDigital Library
D. Holloway, L. Green, and S. Livingstone. Zero to eight: Young children and their internet use. LSE London, EU Kids Online, 2013.Google Scholar
B. Hu, B. Liu, N. Z. Gong, D. Kong, and H. Jin. Protecting your children from inappropriate content in mobile apps: An automatic maturity rating framework. In CIKM, 2015. Google ScholarDigital Library
I. Liccardi, M. Bulger, H. Abelson, D. Weitzner, and W. Mackay. Can apps play by the COPPA rules? In PST, 2014.Google ScholarCross Ref
J. Lin, S. Amini, J. I. Hong, N. Sadeh, J. Lindqvist, and J. Zhang. Expectation and purpose: Understanding users' mental models of mobile app privacy through crowdsourcing. In UbiComp, 2012. Google ScholarDigital Library
J. Lin, B. Liu, N. Sadeh, and J. I. Hong. Modeling users mobile app privacy preferences: Restoring usability in a sea of permission settings. In SOUPS, 2014.Google Scholar
R. Pandita, X. Xiao, W. Yang, W. Enck, and T. Xie. WHYPER: Towards automating risk assessment of mobile applications. In USENIX Security Symposium, 2013. Google ScholarDigital Library
H. Wang, J. I. Hong, and Y. Guo. Using text mining to infer the purpose of permission use in mobile apps. In UbiComp, 2015. Google ScholarDigital Library
Y. Yang and J. O. Pedersen. A comparative study on feature selection in text categorization. In ICML, 1997. Google ScholarDigital Library
H. Zhu, H. Xiong, Y. Ge, and E. Chen. Ranking fraud detection for mobile apps: A holistic view. In CIKM, 2013. Google ScholarDigital Library

Index Terms

Identifying and Analyzing the Privacy of Apps for Kids
1. Human-centered computing
  1. Ubiquitous and mobile computing
2. Security and privacy
  1. Software and application security

Recommendations

“Money makes the world go around”: Identifying Barriers to Better Privacy in Children’s Apps From Developers’ Perspectives
CHI '21: Proceedings of the 2021 CHI Conference on Human Factors in Computing Systems

The industry for children’s apps is thriving at the cost of children’s privacy: these apps routinely disclose children’s data to multiple data trackers and ad networks. As children spend increasing time online, such exposure accumulates to long-term ...
Read More
Analyzing GUI running fluency for Android apps
MSCC '16: Proceedings of the 3rd ACM Workshop on Mobile Sensing, Computing and Communication

Android as a free open platform has become increasingly popular and been widespread adopted in mobile, tablet, and other devices. However, a great number of issues, such as inadequate quality and the fragmentation phenomenon, have emerged, enhancing the ...
Read More
Mining and characterizing hybrid apps
WAMA 2016: Proceedings of the International Workshop on App Market Analytics

Mobile apps have grown tremendously over the past few years. To capitalize on this growth and to attract more users, implementing the same mobile app for different platforms has become a common industry practice. Building the same app natively for each ...
Read More

Reviews

Reviewer: William Edward Mihalo

This short paper describes "a machine learning model for predicting whether a mobile app is designed for children." This can help enforce the Children's Online Privacy Protection Act (COPPA). The authors note that enforcement of COPPA is the responsibility of the Federal Trade Commission (FTC). According to the authors, in 2012, "the FTC manually checked 200 apps from Google Play and the Apple App Store." The FTC used a comprehensive, labor-intensive approach for identifying whether an app was targeted at children. The authors used the FTC's framework and created a machine learning classifier. The classifier accepted a feature vector based on content extracted from an app's product detail page. The authors trained the classifier using manually labeled data from Google Play. Examined components included the app category, content rating title, description, readability score of the description, color distribution of picture resources, and "frequency and importance of keywords extracted from strings in screen shots." Color analysis of screen shots and icons, along with an analysis of the words in the app description and title, were four of the most important features used to determine if an app was targeting children. The screen shot and icon analysis included "the color histogram, average hue, average saturation, average brightness value, and number of colors used." Child-oriented pictures would have a greater use of bright primary colors. Almost a million app descriptions from Google Play and the Apple App Store were pushed through the classifier, which flagged over 67,000 apps as being directed toward children. Overall, accuracy for the classifier was around 95 percent. This paper describes an innovative approach to machine learning. Rather than concentrating simply on text in the description of an app, the authors used picture analysis tools to process screen shots and determine if an app was targeted toward children. They also used open-source optical recognition tools to process text that appeared in screen shots. Online Computing Reviews Service

Access critical reviews of Computing literature here

Become a reviewer for Computing Reviews.

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
HotMobile '16: Proceedings of the 17th International Workshop on Mobile Computing Systems and Applications
February 2016
120 pages
ISBN:9781450341455
DOI:10.1145/2873587
General Chair:
David Chu
Microsoft Research - Redmond WA, USA
,
Program Chair:
Prabal Dutta
University of Michigan, USA
Copyright © 2016 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 23 February 2016
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
android
children's privacy
mobile applications
Qualifiers
- research-article
Conference

Acceptance Rates
HotMobile '16 Paper Acceptance Rate18of55submissions,33%Overall Acceptance Rate96of345submissions,28%
More
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 31
  Total Citations
  View Citations
- 1,551
  Total Downloads
- Downloads (Last 12 months)187
- Downloads (Last 6 weeks)25
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Identifying and Analyzing the Privacy of Apps for Kids

HotMobile '16: Proceedings of the 17th International Workshop on Mobile Computing Systems and Applications

ABSTRACT

References

Cited By

Index Terms

Recommendations

“Money makes the world go around”: Identifying Barriers to Better Privacy in Children’s Apps From Developers’ Perspectives

Analyzing GUI running fluency for Android apps

Mining and characterizing hybrid apps

Reviews

Access critical reviews of Computing literature here