Personal and Ubiquitous Computing

, Volume 22, Issue 2, pp 345–364 | Cite as

Supporting users to take informed decisions on privacy settings of personal devices

  • Ilaria TorreEmail author
  • Odnan Ref Sanchez
  • Frosina Koceva
  • Giovanni Adorni
Original Article


Today, personal information has never been this prone to risk given the current advancement in technologies especially on personal devices. These devices are able to provide services to individuals; however, they also collect huge amount of personal information which may be used to infer sensitive private information. Among these personal devices, fitness trackers have the potential to capture the most personal user information. We conducted an analysis on fitness trackers and built a case study based on Fitbit wearables, its Android application, and the third party applications that provide further services by accessing Fitbit data and exchanging data with its application, given the user’s permission. Specifically, we analyzed the case of Lose It! third party application. Then, we applied a framework for user privacy protection in the IoT, which we have defined in our previous work, to this specific case and validated our design choices using controlled experiments. The contribution of the paper is twofold: showing the risks for privacy due to the possible correlation of shared data to infer undisclosed personal information and presenting an approach to support users in managing privacy configuration settings. The ultimate aim of this study is to outline new challenges for IoT development by (i) emphasizing the need to protect users against inference attacks coming from the supposedly trusted third parties and (ii) making the process of information sharing more informative and the users more aware of the related risks.


Privacy management Wearable devices Inference attacks Personal data management Personal data control 


  1. 1.
    Cisco Systems, Inc (2016) Cisco visual networking index: forecast and methodology, 2015–2020. White Paper 1–22Google Scholar
  2. 2.
    The Nielsen Company (US) (2015) LLC, so many apps, so much more time for entertainmentGoogle Scholar
  3. 3.
    Ge Y, Deng B, Sun Y, Tang L, Sheng D, Zhao Y, Xie G, Salamatian K (2016) A comprehensive investigation of user privacy leakage to android applications. In: Proceedings of the 25th IEEE international conference on computer communication and networks (ICCCN), pp 1–6Google Scholar
  4. 4.
    Mayer JR, Mitchell JC (2012) Third-party web tracking: policy and technology. In: IEEE symposium on security and privacy (SP), pp 413–427Google Scholar
  5. 5.
    Pultier A, Harrand N, Brandtzæg PB (2016) Privacy in mobile apps. In: SINTEF ICT networked systems and services, pp 1–24Google Scholar
  6. 6.
    Rutledge R, Massey A, Antón A (2016) Privacy impacts of IoT devices: a SmartTV case study. In: Proceedings of the 24th IEEE international requirements engineering conference workshops (REW), pp 261–270Google Scholar
  7. 7.
    Tomy S, Pardede E (2016) Controlling privacy disclosure of third party applications in online social networks. International Journal of Web Information Systems 12(2):215–241CrossRefGoogle Scholar
  8. 8.
    Hoang NP, Asano Y, Yoshikawa M (2016) Your neighbors are my spies: location and other privacy concerns in dating apps. In: Proceedings of the 18th IEEE international conference on advanced communication technology (ICACT), pp 715–721Google Scholar
  9. 9.
    Torre I, Koceva F, Sanchez OR, Adorni G (2016) A framework for personal data protection in the IoT. In: Proceedings of the 11th IEEE international conference on internet technology and secured transactions (ICITST), pp 384–391Google Scholar
  10. 10.
    Haris M, Haddadi H, Hui P (2014) Privacy leakage in mobile computing: tools, methods, and characteristics. arXiv:1410.4978, pp 1–22
  11. 11.
    Wu J, Wu Y, Yang M, Wu Z, Luo T, Wang Y (2015) POSTER: biTheft: stealing your secrets by bidirectional covert channel communication with zero-permission android application. In: Proceedings of the 22nd ACM SIGSAC conference on computer and communications security, pp 1690–1692Google Scholar
  12. 12.
    Faruki P, Bharmal A, Laxmi V, Ganmoor V, Gaur MS, Conti M, Rajarajan M (2015) Android security: a survey of issues, malware penetration, and defenses. IEEE Commun Surv Tutorials 17(2):998–1022CrossRefGoogle Scholar
  13. 13.
    Heuser S, Negro M, Pendyala PK, Sadeghi AR (2016) Droidauditor: forensic analysis of application-layer privilege escalation attacks on android. In: Proceedings of the 20th international conference on financial cryptography and data security, pp 1–12Google Scholar
  14. 14.
    Mustafa T, Sohr K (2015) Understanding the implemented access control policy of Android system services with slicing and extended static checking. Int J Inf Secur 14(4):347–366CrossRefGoogle Scholar
  15. 15.
    Backes M, Bugiel S, Hammer C, Schranz O, von Styp-Rekowsky P (2015) Boxify: full-fledged app sandboxing for stock android. In: USENIX security, pp 691–706Google Scholar
  16. 16.
    Zhang W, Li X, Xiong N, Vasilakos AV (2016) Android platform-based individual privacy information protection system. Pers Ubiquit Comput 20(6):875–884CrossRefGoogle Scholar
  17. 17.
    Li L, Bartel A, Bissyandé TF, Klein J, Le Traon Y, Arzt S, Rasthofer S, Bodden E, Octeau D, McDaniel P (2015) Iccta: detecting inter-component privacy leaks in android apps. In: Proceedings of the 37th IEEE press international conference on software engineering, vol 1, pp 280–291Google Scholar
  18. 18.
    Gisdakis S, Giannetsos T, Papadimitratos P (2016) Android privacy C (R) ache: reading your external storage and sensors for fun and profit. In: Proceedings of the 1st ACM workshop on privacy-aware mobile computing, pp 1–10Google Scholar
  19. 19.
    Mylonas A, Theoharidou M, Gritzalis D (2013) Assessing privacy risks in android: a user-centric approach. International workshop on risk assessment and risk-driven testing. Springer International Publishing, pp 21–37Google Scholar
  20. 20.
    Chia PH, Yamamoto Y, Asokan N (2012) Is this app safe?: a large scale study on application permissions and risk signals. In: Proceedings of the 21st ACM international conference on world wide web, pp 311–320CrossRefGoogle Scholar
  21. 21.
    Zhou X, Demetriou S, He D, Naveed M, Pan X, Wang X, Gunter CA, Nahrstedt K (2013) Identity, location, disease and more: inferring your secrets from android public resources. In: Proceedings of the 20th ACM conference on computer & communications security, pp 1017–1028Google Scholar
  22. 22.
    Felt AP, Ha E, Egelman S, Haney A, Chin E, Wagner D (2012) Android permissions: user attention, comprehension, and behavior. In: Proceedings of the eighth ACM symposium on usable privacy and security (SOUPS), pp 1–14Google Scholar
  23. 23.
    Carminati B, Colombo P, Ferrari E, Sagirlar G (2016) Enhancing user control on personal data usage in internet of things ecosystems. In: Proceedings of the IEEE international conference in services computing (SCC), pp 291–298Google Scholar
  24. 24.
    Crabtree A, Lodge T, Colley J, Greenhalgh C, Mortier R, Haddadi H (2016) Enabling the new economic actor: data protection, the digital economy, and the databox. Journal of Personal and Ubiquitous Computing 20(6):947–957CrossRefGoogle Scholar
  25. 25.
    Denning DE, Schlorer J (1983) Inference controls for statistical databases. Comput J 16(7):69–82Google Scholar
  26. 26.
    Heatherly R, Kantarcioglu M, Thuraisingham B (2013) Preventing private information inference attacks on social networks. IEEE Trans Knowl Data Eng 25(8):1849–1862CrossRefGoogle Scholar
  27. 27.
    Carmagnola F, Osborne F, Torre I (2014) User data discovery and aggregation: the CS-UDD algorithm. J Inf Sci 270:41–72CrossRefGoogle Scholar
  28. 28.
    Ahmadinejad SH, Fong PW, Safavi-Naini R (2016) Privacy and utility of inference control mechanisms for social computing applications. In: Proceedings of the 11th ACM Asia conference on computer and communications security, pp 9–840Google Scholar
  29. 29.
    Yan T, Lu Y, Zhang N (2015) Privacy disclosure from wearable devices. In: Proceedings of the ACM Workshop on Privacy-Aware Mobile Computing (PAMCO’15), pp 13–18Google Scholar
  30. 30.
    Parate EA, Chiu MC, Chadowitz C, Ganesan D, Kalogerakis E (2014) Risq: Recognizing smoking gestures with inertial sensors on a wristband. In: Proceedings of the ACM 12th annual international conference on mobile systems, applications, and services, pp 149–161Google Scholar
  31. 31.
    Dong Y, Hoover A, Scisco J, Muth E (2012) A new method for measuring meal intake in humans via automated wrist motion tracking. Journal on Applied Psychophysiology and Biofeedback 37(3):205–215CrossRefGoogle Scholar
  32. 32.
    Kelly D, Curran K, Caulfield B (2017) Automatic prediction of health status using smartphone derived behaviour profiles. IEEE Journal of Biomedical and Health Informatics pp 1–10Google Scholar
  33. 33.
    Haddadi H, Brown I (2014) Quantified self and the privacy challenge. SCL Technology Law Futures Forum pp 1–2Google Scholar
  34. 34.
    Motahari SG, Jones Q (2013) System and method for protecting user privacy using social inference protection techniques, google patents.
  35. 35.
    Chakraborty S, Shen C, Raghavan KR, Shoukry Y, Millar M, Srivastava MB (2014) Ipshield: a framework for enforcing context-aware privacy. In: Proceedings of the 11th USENIX symposium on networked systems design and implementation (NSDI), pp 143–156Google Scholar
  36. 36.
    Razaghpanah A, Vallina-Rodriguez N, Sundaresan S, Kreibich C, Gill P, Allman M, Paxson V (2015) Haystack: in situ mobile traffic analysis in user space. arXiv:1510.01419v1, pp 1–13
  37. 37.
    Ren J, Rao A, Lindorfer M, Legout A, Choffnes D (2016) Recon: revealing and controlling PII leaks in mobile network traffic. In: Proceedings of the 14th annual international conference on ACM mobile systems, applications, and services, pp 361–374Google Scholar
  38. 38.
    Ardagna CA, Livraga G, Samarati P (2012) Protecting privacy of user information in continuous location-based services. In: Proceedings of 15th IEEE international conference on computational science and engineering (CSE), pp 162–169Google Scholar
  39. 39.
    Acquisti A, John LK, Loewenstein G (2012) The impact of relative standards on the propensity to disclose. J Mark Res 49(2):160–174CrossRefGoogle Scholar
  40. 40.
    Watson J, Lipford HR, Besmer A (2015) Mapping user preference to privacy default settings. ACM Transactions on Computer-Human Interaction (TOCHI) 22(6):1–20. Art.32CrossRefGoogle Scholar
  41. 41.
    Vescovi M, Moiso C, Pasolli M, Cordin L, Antonelli F (2015) Building an eco-system of trusted services via user control and transparency on personal data. In: IFIP international conference on trust management. Springer International Publishing, pp 240– 250Google Scholar
  42. 42.
    Chaudhry A, Crowcroft J, Howard H, Madhavapeddy A, Mortier R, Haddadi H, McAuley D (2015) Personal data: thinking inside the box. In: Proceedings of the fifth decennial aarhus conference on critical alternatives. Aarhus University Press, pp 29– 32Google Scholar
  43. 43.
    Zyskind G, Nathan O (2015) Decentralizing privacy: using blockchain to protect personal data. IEEE Security and Privacy Workshops (SPW), pp 180–184Google Scholar
  44. 44.
    Wisniewski PJ, Knijnenburg BP, Lipford HR (2017) Making privacy personal: profiling social network users to inform privacy education and nudging. Int J Hum Comput Stud 98:95–108CrossRefGoogle Scholar
  45. 45.
    Knijnenburg BP, Kobsa A, Jin H (2013) Dimensionality of information disclosure behavior. Int J Hum Comput Stud 71(12):1144–1162CrossRefGoogle Scholar
  46. 46.
    Lin J, Amini S, Hong JI, Sadeh N, Lindqvist J, Zhang J (2012) Expectation and purpose: understanding users’ mental models of mobile app privacy through crowdsourcing. In: Proceedings of the 14th ACM conference on ubiquitous computing, pp 501–510Google Scholar
  47. 47.
    Cisco Systems, Inc (2016) The Zettabyte Era: trends and analysis. White PaperGoogle Scholar
  48. 48.
    Fitbit Inc (2017) Fitbit surge fitness super watch.
  49. 49.
    Garmin Ltd. (2017) Sports & recreation—health & fitness.
  50. 50.
    Jawbone (2017) We’re taking trackers where they’ve never been before.
  51. 51.
  52. 52.
    Szczekocka E, Gromada J, Filipowska A, Jankowiak P, Kałuzny P, Brun A, Portugal JM, Staiano J (2016) Managing personal information: a telco perspective. In: Proceedings of the 19th international innovations in clouds, internet and networks (ICIN), pp 1–8Google Scholar
  53. 53.
    Sun Y, Yan H, Lu C, Bie R, Zhou Z (2014) Constructing the web of events from raw data in the web of things. Journal of Mobile Information Systems 10:105–125CrossRefGoogle Scholar
  54. 54.
    Pearl J (1985) Bayesian networks: a model of self-activated memory for evidential reasoning, University of California (Los Angeles). In: Proceedings of the 7th annual conference of the cognitive science society, pp 1–22Google Scholar
  55. 55.
    Acid S, de Campos LM, Fernández-Luna JM, Rodríguez S, Rodríguez JM, Salcedo JL (2004) A comparison of learning algorithms for Bayesian networks: a case study based on data from an emergency medical service. ACM Journal of Artificial Intelligence in Medicine 30(3):215–232CrossRefGoogle Scholar
  56. 56.
    Holmes D, Jain L (2008) Innovations in Bayesian networks: theory and applications, studies in computational intelligence, vol 156. Springer, New York, USACrossRefGoogle Scholar
  57. 57.
    Friedman N, Linial M, Nachman I, Pe’er D (2000) Using Bayesian networks to analyze expression data. J Comput Biol 7(3-4):601–620CrossRefGoogle Scholar
  58. 58.
    Scutari M (2010) Learning Bayesian networks with the bnlearn r package. J Stat Softw 35(3)Google Scholar
  59. 59.
    Korb KB, Nicholson AE (2010) Bayesian artificial intelligence. CRC PressGoogle Scholar
  60. 60.
    Neapolitan RE (2004) Learning Bayesian networks, vol 38. Pearson Prentice Hall, Upper Saddle River, NJGoogle Scholar
  61. 61.
    Pearl J (2000) Causality: models, reasoning and inference. Cambridge University Press, Cambridge, UK, p 384zbMATHGoogle Scholar
  62. 62.
    Su C, Andrew A, Karagas M, Borsuk ME (2012) Overview of Bayesian network approaches to model gene-environment interactions and cancer susceptibility. (Doctoral dissertation, International Environmental Modelling and Software Society (iEMSs)), pp 1–7Google Scholar
  63. 63.
    Scutari M, Denis JB (2014) Bayesian networks: with examples in R. CRC PressGoogle Scholar
  64. 64.
    Furberg R, Brinton J, Keating M, Ortiz A (2016) Crowd-sourced fitbit datasets 03.12.2016-05.12.2016 data set. Zenodo.
  65. 65.
    Witten I, Frank E (2005) Data mining: practical machine learning tools and techniques, 2nd edn. Elsevier Inc.Google Scholar
  66. 66.
    Jaynes E (1957) Information theory and statistical mechanics. American Physical Society (APS) Journals 620–630Google Scholar
  67. 67.
    Phillips S, Anderson R, Schapire R (2006) Maximum entropy modeling of species geographic distributions. International Journal on Ecological Modelling and Systems Ecology 190(3–4):231–259CrossRefGoogle Scholar
  68. 68.
    Wolf PA, D’agostino RB, Belanger AJ, Kannel WB (1991) Probability of stroke: a risk profile from the Framingham study. J Am Heart Assoc 22(3):312–318Google Scholar
  69. 69.
    Palatini P, Julius S (1997) Heart rate and the cardiovascular risk. J Hypertens 15(1):3–17CrossRefGoogle Scholar
  70. 70.
    Nauman M, Khan S, Zhang X (2010) Apex: extending android permission model and enforcement with user-defined runtime constraints. In: Proceedings of the 5th ACM symposium on information, computer and communications security, pp 328–332Google Scholar
  71. 71.
    Garson D (2012) Creating simulated datasets. Asheboro: North Carolina State University and G, David Garson and Statistical Associates Publishing, pp 1–15Google Scholar
  72. 72.
    Zhang L, Zhu D, Yang Z, Sun L, Yang M (2016) A survey of privacy protection techniques for mobile devices. Journal of Communications and Information Networks, Springer 1(4):86–92CrossRefGoogle Scholar

Copyright information

© Springer-Verlag London Ltd. 2017

Authors and Affiliations

  • Ilaria Torre
    • 1
    Email author
  • Odnan Ref Sanchez
    • 1
  • Frosina Koceva
    • 1
  • Giovanni Adorni
    • 1
  1. 1.Department of Computer Science, Bioengineering, Robotics and Systems Engineering, (DIBRIS)University of GenoaGenoaItaly

Personalised recommendations