Large-scale App privacy governance

作     者：Zitong LI Zhuoya FAN Junxu LIU Leixia WANG Xiaofeng MENG Zitong LI;Zhuoya FAN;Junxu LIU;Leixia WANG;Xiaofeng MENG

作者机构：School of InformationRenmin University of ChinaBeijing 100872China 

出 版 物：《Frontiers of Engineering Management》 (工程管理前沿（英文版）)

年 卷 期：2022年第9卷第4期

页      面：640-652页

学科分类：12[管理学] 02[经济学] 0202[经济学-应用经济学] 1201[管理学-管理科学与工程(可授管理学、工学学位)] 

基　　金：This work was partially supported by the National Natural Science Foundation ofChina(Grant Nos.62172423 91846204 and 61941121). 

主　　题：privacy risk Privacy Level quantification large-scale App governance 

摘      要：Recently,the problem of mobile applications(Apps)leaking users’private information has aroused wide concern.As the number of Apps continuously increases,effective large-scale App governance is a major challenge.Currently,the government mainly filters out Apps with potential privacy problems manually.Such approach is inefficient with limited searching scope.In this regard,we propose a quantitative method to filter out problematic Apps on a large scale.We introduce Privacy Level(P-Level)to measure an App’s probability of leaking privacy.P-Level is calculated on the basis of Permission-based Privacy Value(P-Privacy)and Usage-based Privacy Value(U-Privacy).The former considers App permission setting,whereas the latter considers App usage.We first illustrate the privacy value model and computation results of both values based on real-world dataset.Subsequently,we introduce the P-Level computing model.We also define the P-Level computed on our dataset as the PL standard.We analyze the distribution of average usage and number of Apps under the levels given in the PL standard,which may provoke insights into the large-scale App governance.Through P-Privacy,U-Privacy,and P-Level,potentially problematic Apps can be filtered out efficiently,thereby making up for the shortcoming of being manual.