If someone wanted to know where you were 442 times a day, would you be uncomfortable?
Researchers at Carnegie Mellon University recently conducted a study on cellphone privacy settings by giving cellphone users information on how frequently their apps accessed and shared private information, such as location.
In the study, when smartphone users learned how frequently their apps shared private information, they tried to limit future sharing, according to Norman Sadeh, a Carnegie Mellon University computer science professor.
“Many of us these days have 50, 100 apps on our smartphones, and we don’t realize how much information these apps are actually collecting,” Sadeh said. “The settings we have available on smartphones are very limited when it comes to giving us the ability to deny access to this information.”
The 23 research subjects used their android smartphones to participate in a three-phase program. First, researchers added features to an already-existing permission manager program for Android phones called “AppOps.” The program collected data on the subject’s cellphone activity for a week. Next, subjects were given access to AppOps, where they could change their privacy settings.
During this phase, 22 participants made adjustment to their privacy settings through AppOps, for a total 272 restricted permission changes.
In the third and final phase of the study, the smartphone users received daily “privacy nudge” messages. These messages reported how many times apps shared information such as the user’s location, contact lists and call history. Participants learned that apps shared their locations more than 6,200 times in two weeks, Sadeh said.
“That was much higher than I had expected,” Sadeh said, “and most people were equally surprised, with many of them actually denying access to this information.”
While receiving these “privacy nudges” during an eight-day period, users made an additional 122 permission changes to 47 total apps.
“And so these nudges basically increase awareness,” Sadeh said. “People realize what’s going on and they motivate people to revisit their settings. Without them, people have no idea what’s being collected and therefore they’re not motivated to go and modify anything.”
According to Sadeh, AppOps is no longer available on Andriod phones. He said Android users have no way to control how their private information is accessed after downloading an app, while iPhone users have limited access under their “settings” app.