More than one billion people around the world are active on social networking sites such as Facebook and Twitter, and more than a billion people have smart phones. To mark “Data Privacy Day” professors at Carnegie Mellon’s School of Computer Science hosted a panel examining how mobile apps and social networking impact user privacy. The consensus was that as of now, mobile privacy is unchartered territory.
“The lack of regulation, I think ends up being a big problem, it’s kind of a free-for-all. There’s very little control of what apps actually collect on your phone, what they do with it, and whatever data that is collected, how it’s further shared,” said Lorrie Cranor, associate professor of computer science, engineering and public policy.
Websites and app developers are in a sort of self-regulation mode at the moment. Cranor said more regulation going forward would be beneficial in protecting peoples’ privacy. One of her recommendations is that apps make privacy terms clearer. She added studies have been done in which researchers watch people download apps.
“Nobody stops and reads those little permissions things that come up on the screen, personally I don’t even read them, you just want to get on with what you’re doing,” she said, “and that is something that the companies that want to collect data from us are able to exploit.”
Who is doing what?
Which apps collect personal data are not always made clear, and are sometimes not the ones people expect. With that in mind, researchers are working to document peoples’ expectations of privacy in regard to mobile apps.
“As an example, most people don’t expect Angry Birds to collect location data, but in reality it actually does, so that is an example of a big gap between expectation and reality. Whereas if I said, well Google Maps collects your location data too, it’s like ‘duh, that’s obvious, because it shows your location,’ so you don’t actually have to communicate that as strongly as the other one because people already know that.
While the issue of privacy will be around for a while, the CMU panelists said the end of online privacy is not guaranteed.
“My sense is that things are very exciting right now and going forward we’re going to see a number of technological changes that challenge us in ways that require us to adapt as human beings, require us to adapt our legal system like we’ve always done for hundreds of years,” said Travis Breaux, assistant professor of computer science.
The panel was part of Data Privacy Day, which is celebrated globally to bring awareness of privacy and to enable people to better understand the evolving practices of privacy and data collections and management, and to empower people to better protect themselves online and on their phones.