Protecting Childrens Personal Information Using Contextual Integrity Theory
- Slides: 13
Protecting Children’s Personal Information: Using Contextual Integrity Theory to Examine Information Boundary on Mobile Devices Ying Chen*, Sencun Zhu*, Yilu Zhou+, Heng Xu* *The Pennsylvania State University +Fordham University
Children’s Privacy Risk with Mobile Use • 25% of toddlers used their parents’ smartphones in 2011 • 48% of American children aged between 6 and 12 want i. Pad for Christmas gift • Nearly 10% children get first mobile phone by the age 5
Children’s Privacy Risk with Mobile Use • Children’s personal information (CPI) can be easily leaked via mobile use • Sharing CIP on mobile devices to third-parties exposes children to risks such as cyber-solicitation • Only 13% of mobile apps have privacy policies regarding collection and distribution of children’s personal information
Parents Unaware of Privacy Risks
Let strangers know these information is dangerous for children • Where are you at this moment? • How can I bond with you?
Contextual Integrity Theory as a Theoretical Framework • We use the contextual integrity theory to examine information boundaries on mobile platforms • We aim at developing quantitative measures of privacy risks on children’s mobile apps • We propose context-based mobile privacy controls, and perform a case study to examine the information boundaries among the top 49 coloring apps
Contextual Integrity Theory as a Theoretical Framework • Nissenbaum’s theory of contextual integrity argues that privacy concerns are not absolute but largely depend on the context. • In general, contextual integrity conceptualizes privacy as the flow of information of a certain type (attributes) about a subject from a sender to a recipient, governed by a particular transmission principle in a given context.
Four Elements O Context (where) O Temporal status O Location O Surrounding roles O Transmission principles (how) O Privacy policy? O Require login to use the service? O Collect unnecessary attributes? O Attributes (what) O Location O Contact O Calendar O Audio O Camera O Actors-recipients (whom) O Users O Apps/websites O Advertising networks O Analytic third parties
Case Study • Exploiting contextual integrity theory to • Establish a context-based access control mechanism on mobile platforms • Quantitatively measure privacy risks of children’s mobile apps
Context-based Access Control on Mobile Platforms • The safety level of disclosing CPI on mobile devices highly depends on the context • When children use mobile devices in risky times, unprotected locations, or without guardians’ companion, mobile platforms should automatically limit the disclosure of CPI • Rules can be designed on mobile platforms to limit disclosure of certain types of CPI under certain context
Quantitative Privacy Risk Measures on Mobile Apps • Measure the privacy risk levels of mobile apps with three dimensions in contextual integrity: 1. actors, 2. attributes, and 3. transmission principles • We conducted an experiment to show the proposed method can effectively measure apps’ privacy risks and help parents choose safe apps for their children.
Case study # of Collected Information Types 12 10 Noted: Bubble Size = # of violations of transmission principles 21 Bubble Label = App rank 8 26 31 6 29 7 4 32 48 6 44 11 46 1 2 15 12 45 35 38 27 34 23 41 22 33 3 49 17 40 47 20 2 13 24 19 0 -1 1 -2 4 3 5 5 7 9 11 13 15 # of Information Recipients 17 19
Thanks! Protecting Children’s Personal Information: Using Contextual Integrity Theory to Examine Information Boundary on Mobile Devices Ying Chen, Sencun Zhu, Yilu Zhou, Heng Xu
Contextual integrity
Contextual integrity
Contextual integrity definition
Contextual style
Moli texaschildrens
Christian childrens fund
Childrens services
Walsall childrens services
Levine childrens
National sovereignty and childrens day
Multi agency assessment
World book day quiz
Childrens university of manchester
Longman children's dictionary
