Effect of User Expectation on Mobile App Privacy: A Field Study

Runtime permission managers for mobile devices allow requests to be performed at the time in which permissions are required, thus enabling the user to grant/deny requests in context according to their expectations. However, in order to avoid cognitive overload, second and subsequent requests are usually automatically granted without user intervention/awareness. This paper explores whether these automated decisions fit user expectations. We performed a field study with 93 participants to collect their privacy decisions, the surrounding context and whether each request was expected. The collected 65261 permission decisions revealed a strong misalignment between apps’ practices and expectation as almost half of requests are unexpected by users. This ratio strongly varies with the requested permission, the category and visibility of the requesting application and the user itself; that is, expectation is subjective to each individual. Moreover, privacy decisions are most strongly correlated with user expectation, but such correlation is also highly personal. Finally, Android’s default permission manager would have violated the privacy of our participants 15% of the time.