Mobile applications (hereafter, apps) collect a plethora of information
regarding the user behavior and his device through third-party analytics
libraries. However, the collection and usage of such data raised several
privacy concerns, mainly because the end-user – i.e., the actual owner of the
data – is out of the loop in this collection process. Also, the existing
privacy-enhanced solutions that emerged in the last years follow an “all or
nothing” approach, leaving the user the sole option to accept or completely
deny the access to privacy-related data.

This work has the two-fold objective of assessing the privacy implications on
the usage of analytics libraries in mobile apps and proposing a data
anonymization methodology that enables a trade-off between the utility and
privacy of the collected data and gives the user complete control over the
sharing process. To achieve that, we present an empirical privacy assessment on
the analytics libraries contained in the 4500 most-used Android apps of the
Google Play Store between November 2020 and January 2021. Then, we propose an
empowered anonymization methodology, based on MobHide, that gives the end-user
complete control over the collection and anonymization process. Finally, we
empirically demonstrate the applicability and effectiveness of such
anonymization methodology thanks to HideDroid, a fully-fledged anonymization
app for the Android ecosystem.

By admin