TurtleGuard: Helping Android Users Apply Contextual Privacy Preferences

TitleTurtleGuard: Helping Android Users Apply Contextual Privacy Preferences
Publication TypeConference Paper
Year of Publication2017
AuthorsTsai, L., Wijesekera P., Reardon J., Reyes I., Chen J-W., Good N., Egelman S., & Wagner D.
Published inProceedings of SOUPS '17

Current mobile platforms provide privacy management interfaces to regulate how applications access sensitive data. Prior research has shown how these interfaces are insufficient from a usability standpoint: they do not account for context. In allowing for more contextual decisions, machine-learning techniques have shown great promise for designing systems that automatically make privacy decisions on behalf of the user. However, if such decisions are made automatically, then feedback mechanisms are needed to empower users to both audit those decisions and correct any errors. In this paper, we describe our user-centered approach towards designing a fully functional privacy feedback interface for the Android platform. We performed two large-scale user studies to research the usability of our design. Our second, 580-person validation study showed that users of our new interface were significantly more likely to both understand and control the selected set of circumstances under which applications could access sensitive data when compared to the default Android privacy settings interface.


This research was supported by the United States Department of Homeland Security’s Science and Technology Directorate under contract FA8750-16-C-0140, the Center for Long-Term Cybersecurity (CLTC) at UC Berkeley, the National Science Foundation under grants CNS-1318680 and CNS-1514457, Intel through the ISTC for Secure Computing, and the AFOSR under MURI award FA9550-12-1-0040. The content of this document does not necessarily reflect the position or the policy of the U.S. Government and no official endorsement should be inferred.

ICSI Research Group

Usable Security and Privacy