Towards Understanding the Influence of Personality on Mobile App Permission Settings

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10516)

Abstract

In this paper we investigate the question whether users’ personalities are good predictors for privacy-related permissions they would grant to apps installed on their mobile devices. We report on results of a large online study (n = 100) which reveals a significant correlation between the user’s personality according to the big five personality scores, or the IUIPC questionnaire, and the app permission settings they have chosen. We used machine learning techniques to predict user privacy settings based on their personalities and consequently introduce a novel strategy that simplifies the process of granting permissions to apps.

Keywords

Usable privacy Mobile privacy App privacy Machine learning 

References

  1. 1.
    Bachrach, Y., Kosinski, M., Graepel, T., Kohli, P., Stillwell, D.: Personality and patterns of Facebook usage. In: Proceedings of the 4th Annual ACM Web Science Conference, WebSci 2012, NY, USA, pp. 24–32 (2012). http://doi.acm.org/10.1145/2380718.2380722
  2. 2.
    Block, J.: A contrarian view of the five-factor approach to personality description. Psychol. Bull. 117, 187–215 (1995)CrossRefGoogle Scholar
  3. 3.
    Buchanan, T., Paine, C., Joinson, A.N., Reips, U.D.: Development of measures of online privacy concern and protection for use on the internet. J. Am. Soc. Inf. Sci. Technol. 58(2), 157–165 (2007). http://dx.doi.org/10.1002/asi.20459 CrossRefGoogle Scholar
  4. 4.
    Buhrmester, M., Kwang, T., Gosling, S.: Amazon’s mechanical turk: a new source of inexpensive, yet high-quality, data? Perspect. Psychol. Sci. 6(1), 3–5 (2011)CrossRefGoogle Scholar
  5. 5.
    Chen, J., Haber, E., Kang, R., Hsieh, G., Mahmud, J.: Making use of derived personality: the case of social media ad targeting. In: International AAAI Conference on Web and Social Media (2015). http://www.aaai.org/ocs/index.php/ICWSM/ICWSM15/paper/view/10508
  6. 6.
    Chia, P.H., Yamamoto, Y., Asokan, N.: Is this app. safe?: a large scale study on application permissions and risk signals. In: Proceedings of the 21st International Conference on World Wide Web, WWW 2012, NY, USA, pp. 311–320 (2012). http://doi.acm.org/10.1145/2187836.2187879
  7. 7.
    Costa, P., McCrae, R., Psychological Assessment Resources, I: Revised NEO Personality Inventory (NEO PI-R) and NEO Five-Factor Inventory (NEO-FFI). Psychological Assessment Resources (1992). https://books.google.co.in/books?id=mp3zNwAACAAJ
  8. 8.
    Fang, L., LeFevre, K.: Privacy wizards for social networking sites. In: Proceedings of the 19th International Conference on World Wide Web, WWW 2010, NY, USA, pp. 351–360 (2010). http://doi.acm.org/10.1145/1772690.1772727
  9. 9.
    Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, NY, USA, pp. 627–638 (2011). http://doi.acm.org/10.1145/2046707.2046779
  10. 10.
    Felt, A.P., Greenwood, K., Wagner, D.: The effectiveness of application permissions. In: Proceedings of the 2nd USENIX Conference on Web Application Development, WebApps 2011, p. 7. USENIX Association, Berkeley, CA, USA (2011). http://dl.acm.org/citation.cfm?id=2002168.2002175
  11. 11.
    Felt, A.P., Ha, E., Egelman, S., Haney, A., Chin, E., Wagner, D.: Android permissions: user attention, comprehension, and behavior. In: Proceedings of the Eighth Symposium on Usable Privacy and Security, SOUPS 2012, NY, USA, pp. 3:1–3:14 (2012). http://doi.acm.org/10.1145/2335356.2335360
  12. 12.
    Gosling, S.D., Rentfrow, P.J., Swann, W.B.: A very brief measure of the big-five personality domains. J. Res. Pers. 37(6), 504–528 (2003). http://dx.doi.org/10.1016/S0092-6566(03)00046-1 CrossRefGoogle Scholar
  13. 13.
    Harbach, M., Hettig, M., Weber, S., Smith, M.: Using personal examples to improve risk communication for security & privacy decisions. In: Proceedings of the 32rd Annual ACM Conference on Human Factors in Computing Systems, CHI 2014, NY, USA, pp. 2647–2656 (2014). http://doi.acm.org/10.1145/2556288.2556978
  14. 14.
    Ismail, Q., Ahmed, T., Kapadia, A., Reiter, M.K.: Crowdsourced exploration of security configurations. In: Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems, CHI 2015, NY, USA, pp. 467–476 (2015). http://doi.acm.org/10.1145/2702123.2702370
  15. 15.
    John, O.P., Srivastava, S.: The big five trait taxonomy: history, measurement, and theoretical perspectives. In: Pervin, L.A., John, O.P. (eds.) Handbook of Personality: Theory and Research, 2nd edn. pp. 102–138. Guilford Press, New York (1999). http://darkwing.uoregon.edu/~sanjay/pubs/bigfive.pdf
  16. 16.
    Jung, J., Han, S., Wetherall, D.: Short paper: enhancing mobile application permissions with runtime feedback and constraints. In: Proceedings of the Second ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM 2012, NY, USA, pp. 45–50 (2012). http://doi.acm.org/10.1145/2381934.2381944
  17. 17.
    Kelley, P.G., Consolvo, S., Cranor, L.F., Jung, J., Sadeh, N., Wetherall, D.: A conundrum of permissions: installing applications on an android smartphone. In: Blyth, J., Dietrich, S., Camp, L.J. (eds.) FC 2012. LNCS, vol. 7398, pp. 68–79. Springer, Heidelberg (2012). doi:10.1007/978-3-642-34638-5_6 CrossRefGoogle Scholar
  18. 18.
    Kelley, P.G., Cranor, L.F., Sadeh, N.: Privacy as part of the app. decision-making process. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI 2013, NY, USA, pp. 3393–3402 (2013). http://doi.acm.org/10.1145/2470654.2466466
  19. 19.
    Kumaraguru, P., Cranor, L.F.: Privacy indexes: a survey of westin’s studies. ISRI Technical report (2005)Google Scholar
  20. 20.
    Lin, J., Liu, B., Sadeh, N., Hong, J.I.: Modeling users’ mobile app. privacy preferences: restoring usability in a sea of permission settings. In: Symposium On Usable Privacy and Security (SOUPS 2014), pp. 199–212. USENIX Association, Menlo Park, CA, July 2014. https://www.usenix.org/conference/soups2014/proceedings/presentation/lin
  21. 21.
    Liu, B., Andersen, M.S., Schaub, F., Almuhimedi, H., Zhang, S.A., Sadeh, N., Agarwal, Y., Acquisti, A.: Follow my recommendations: a personalized privacy assistant for mobile app. permissions. In: Twelfth Symposium on Usable Privacy and Security (SOUPS 2016), pp. 27–41. USENIX Association, Denver, CO, June 2016. https://www.usenix.org/conference/soups2016/technical-sessions/presentation/liu
  22. 22.
    Liu, B., Lin, J., Sadeh, N.: Reconciling mobile app. privacy and usability on smartphones: could user privacy profiles help? In: Proceedings of the 23rd International Conference on World Wide Web, WWW 2014, NY, USA, pp. 201–212 (2014). http://doi.acm.org/10.1145/2566486.2568035
  23. 23.
    Lugano, G., Saariluoma, P.: To share or not to share: supporting the user decision in mobile social software applications. In: Conati, C., McCoy, K., Paliouras, G. (eds.) UM 2007. LNCS, vol. 4511, pp. 440–444. Springer, Heidelberg (2007). doi:10.1007/978-3-540-73078-1_61 CrossRefGoogle Scholar
  24. 24.
    Malhotra, N.K., Kim, S.S., Agarwal, J.: Internet users’ information privacy concerns (IUIPC): the construct, the scale, and a causal model. Info. Sys. Research 15(4), 336–355 (2004). http://dx.doi.org/10.1287/isre.1040.0032 CrossRefGoogle Scholar
  25. 25.
    Olmstead, K., Atkinson, M.: The next web. Android users have an average of 95 apps installed on their phones, according to yahoo aviate data (2015). http://www.pewinternet.org/2015/11/10/an-analysis-of-android-app-permissions/. Accessed 01 Feb 2016
  26. 26.
    Olmstead, K., Atkinson, M.: Pew research center. An analysis of android app. Permissions (2015). http://www.pewinternet.org/2015/11/10/an-analysis-of-android-app-permissions/. Accessed 01 Feb 2016
  27. 27.
    Patil, S., Le Gall, Y., Lee, A.J., Kapadia, A.: My privacy policy: exploring end-user specification of free-form location access rules. In: Blyth, J., Dietrich, S., Camp, L.J. (eds.) FC 2012. LNCS, vol. 7398, pp. 86–97. Springer, Heidelberg (2012). doi:10.1007/978-3-642-34638-5_8 CrossRefGoogle Scholar
  28. 28.
    Ravichandran, R., Benisch, M., Kelley, P.G., Sadeh, N.: Capturing social networking privacy preferences: can default policies help alleviate tradeoffs between expressiveness and user burden? In: Proceedings of the 5th Symposium on Usable Privacy and Security, SOUPS 2009, NY, USA, p. 47:1 (2009). http://doi.acm.org/10.1145/1572532.1572587
  29. 29.
    Smith, H.J., Milberg, S.J.: Information privacy: measuring individuals’ concerns about organizational practices. MIS Q. 20(2), 167–196 (1996). http://dx.doi.org/10.2307/249477 CrossRefGoogle Scholar
  30. 30.
    Woodruff, A., Pihur, V., Acquisti, A., Consolvo, S., Schmidt, L., Brandimarte, L.: Would a privacy fundamentalist sell their DNA for $1000.. if nothing bad happened thereafter? a study of the westin categories, behavior intentions, and consequences. In: Proceedings of the Tenth Symposium on Usable Privacy and Security (SOUPS). ACM, NY (2014). iApp SOUPS Privacy Award Winner. https://www.usenix.org/conference/soups2014/proceedings/presentation/woodruff
  31. 31.
    Xu, R., Frey, R.M., Vuckovac, D., Ilic, A.: Towards understanding the impact of personality traits on mobile app adoption - a scalable approach. In: Becker, J., vom Brocke, J., de Marco, M. (eds.) ECIS (2015). http://dblp.uni-trier.de/db/conf/ecis/ecis2015.html#XuFVI15

Copyright information

© IFIP International Federation for Information Processing 2017

Authors and Affiliations

  1. 1.DFKI, Saarland Informatics CampusSaarbrückenGermany

Personalised recommendations