Cargando…

Do the Right Thing: A Privacy Policy Adherence Analysis of over Two Million Apps in Apple iOS App Store

Mobile app developers are often obliged by regulatory frameworks to provide a privacy policy in natural comprehensible language to describe their apps’ privacy practices. However, prior research has revealed that: (1) not all app developers offer links to their privacy policies; and (2) even if they...

Descripción completa

Detalles Bibliográficos
Autores principales: Alamri, Hamad, Maple, Carsten, Mohamad, Saad, Epiphaniou, Gregory
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2022
Materias:
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9698788/
https://www.ncbi.nlm.nih.gov/pubmed/36433560
http://dx.doi.org/10.3390/s22228964
_version_ 1784838907016249344
author Alamri, Hamad
Maple, Carsten
Mohamad, Saad
Epiphaniou, Gregory
author_facet Alamri, Hamad
Maple, Carsten
Mohamad, Saad
Epiphaniou, Gregory
author_sort Alamri, Hamad
collection PubMed
description Mobile app developers are often obliged by regulatory frameworks to provide a privacy policy in natural comprehensible language to describe their apps’ privacy practices. However, prior research has revealed that: (1) not all app developers offer links to their privacy policies; and (2) even if they do offer such access, it is difficult to determine if it is a valid link to a (valid) policy. While many prior studies looked at this issue in Google Play Store, Apple App Store, and particularly the iOS store, is much less clear. In this paper, we conduct the first and the largest study to investigate the previous issues in the iOS app store ecosystem. First, we introduce an App Privacy Policy Extractor (APPE), a system that embraces and analyses the metadata of over two million apps to give insightful information about the distribution of the supposed privacy policies, and the content of the provided privacy policy links, store-wide. The result shows that only 58.5% of apps provide links to purported privacy policies, while 39.3% do not provide policy links at all. Our investigation of the provided links shows that only 38.4% of those links were directed to actual privacy policies, while 61.6% failed to lead to a privacy policy. Further, for research purposes we introduce the App Privacy Policy Corpus (APPC-451K); the largest app privacy policy corpus consisting of data relating to more than 451K verified privacy policies.
format Online
Article
Text
id pubmed-9698788
institution National Center for Biotechnology Information
language English
publishDate 2022
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-96987882022-11-26 Do the Right Thing: A Privacy Policy Adherence Analysis of over Two Million Apps in Apple iOS App Store Alamri, Hamad Maple, Carsten Mohamad, Saad Epiphaniou, Gregory Sensors (Basel) Article Mobile app developers are often obliged by regulatory frameworks to provide a privacy policy in natural comprehensible language to describe their apps’ privacy practices. However, prior research has revealed that: (1) not all app developers offer links to their privacy policies; and (2) even if they do offer such access, it is difficult to determine if it is a valid link to a (valid) policy. While many prior studies looked at this issue in Google Play Store, Apple App Store, and particularly the iOS store, is much less clear. In this paper, we conduct the first and the largest study to investigate the previous issues in the iOS app store ecosystem. First, we introduce an App Privacy Policy Extractor (APPE), a system that embraces and analyses the metadata of over two million apps to give insightful information about the distribution of the supposed privacy policies, and the content of the provided privacy policy links, store-wide. The result shows that only 58.5% of apps provide links to purported privacy policies, while 39.3% do not provide policy links at all. Our investigation of the provided links shows that only 38.4% of those links were directed to actual privacy policies, while 61.6% failed to lead to a privacy policy. Further, for research purposes we introduce the App Privacy Policy Corpus (APPC-451K); the largest app privacy policy corpus consisting of data relating to more than 451K verified privacy policies. MDPI 2022-11-19 /pmc/articles/PMC9698788/ /pubmed/36433560 http://dx.doi.org/10.3390/s22228964 Text en © 2022 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
spellingShingle Article
Alamri, Hamad
Maple, Carsten
Mohamad, Saad
Epiphaniou, Gregory
Do the Right Thing: A Privacy Policy Adherence Analysis of over Two Million Apps in Apple iOS App Store
title Do the Right Thing: A Privacy Policy Adherence Analysis of over Two Million Apps in Apple iOS App Store
title_full Do the Right Thing: A Privacy Policy Adherence Analysis of over Two Million Apps in Apple iOS App Store
title_fullStr Do the Right Thing: A Privacy Policy Adherence Analysis of over Two Million Apps in Apple iOS App Store
title_full_unstemmed Do the Right Thing: A Privacy Policy Adherence Analysis of over Two Million Apps in Apple iOS App Store
title_short Do the Right Thing: A Privacy Policy Adherence Analysis of over Two Million Apps in Apple iOS App Store
title_sort do the right thing: a privacy policy adherence analysis of over two million apps in apple ios app store
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9698788/
https://www.ncbi.nlm.nih.gov/pubmed/36433560
http://dx.doi.org/10.3390/s22228964
work_keys_str_mv AT alamrihamad dotherightthingaprivacypolicyadherenceanalysisofovertwomillionappsinappleiosappstore
AT maplecarsten dotherightthingaprivacypolicyadherenceanalysisofovertwomillionappsinappleiosappstore
AT mohamadsaad dotherightthingaprivacypolicyadherenceanalysisofovertwomillionappsinappleiosappstore
AT epiphaniougregory dotherightthingaprivacypolicyadherenceanalysisofovertwomillionappsinappleiosappstore