Skip to main content

Interdependent Privacy Issues Are Pervasive Among Third-Party Applications

  • 630 Accesses

Part of the Lecture Notes in Computer Science book series (LNSC,volume 13140)


Third-party applications are popular: they improve and extend the features offered by their respective platforms, whether being mobile OS, browsers or cloud-based tools. Although some privacy concerns regarding these apps have been studied in detail, the phenomenon of interdependent privacy, when a user shares others’ data with an app without their knowledge and consent. Through careful analysis of permission models and multiple platform-specific datasets, we show that interdependent privacy risks are enabled by certain permissions in all platforms studied, and actual apps request these permissions instantiating these risks. We also identify potential risk signals, and discuss solutions which could improve transparency and control for users, developers and platform owners.


  • Interdependent privacy
  • Third-party apps
  • Permissions
  • Android
  • Browser extensions
  • Google Workspace
  • Risk signal

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-93944-1_5
  • Chapter length: 17 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
USD   59.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-93944-1
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   79.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.


  1. 1.

  2. 2.

  3. 3.

  4. 4.

  5. 5.

  6. 6.

  7. 7.

  8. 8.

    e.g. Firefox:

  9. 9.

  10. 10.

  11. 11.

  12. 12.

  13. 13.

  14. 14.

  15. 15.


  1. Arzt, S., et al.: FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. ACM SIGPLAN Not. 49(6), 259–269 (2014)

    CrossRef  Google Scholar 

  2. Biczók, G., Chia, P.H.: Interdependent privacy: let me share your data. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 338–353. Springer, Heidelberg (2013).

    CrossRef  Google Scholar 

  3. Boyd, D.: Networked privacy. Surveill. Soc. 10(3/4), 348 (2012)

    CrossRef  Google Scholar 

  4. Chia, P.H., Yamamoto, Y., Asokan, N.: Is this app safe?: a large scale study on application permissions and risk signals. In: Mille, A., Gandon, F., Misselis, J., Rabinovich, M., Staab, S. (eds.) Proceedings of the 21st World Wide Web Conference 2012, WWW 2012, Lyon, France, 16–20 April 2012, pp. 311–320. ACM (2012).

  5. Fragkaki, E., Bauer, L., Jia, L., Swasey, D.: Modeling and enhancing Android’s permission system. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 1–18. Springer, Heidelberg (2012).

    CrossRef  Google Scholar 

  6. Gibler, C., Crussell, J., Erickson, J., Chen, H.: AndroidLeaks: automatically detecting potential privacy leaks in Android applications on a large scale. In: Katzenbeisser, S., Weippl, E., Camp, L.J., Volkamer, M., Reiter, M., Zhang, X. (eds.) Trust 2012. LNCS, vol. 7344, pp. 291–307. Springer, Heidelberg (2012).

    CrossRef  Google Scholar 

  7. Gnesi, S., Matteucci, I., Moiso, C., Mori, P., Petrocchi, M., Vescovi, M.: My data, your data, our data: managing privacy preferences in multiple subjects personal data. In: Preneel, B., Ikonomou, D. (eds.) APF 2014. LNCS, vol. 8450, pp. 154–171. Springer, Cham (2014).

    CrossRef  Google Scholar 

  8. Harkous, H., Aberer, K.: “If you can’t beat them, join them”: a usability approach to interdependent privacy in cloud apps. CoRR abs/1702.08234 (2017).

  9. Humbert, M., Ayday, E., Hubaux, J., Telenti, A.: Addressing the concerns of the lacks family: quantification of kin genomic privacy. In: Sadeghi, A., Gligor, V.D., Yung, M. (eds.) 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013, Berlin, Germany, 4–8 November 2013, pp. 1141–1152. ACM (2013).

  10. Humbert, M., Trubert, B., Huguenin, K.: A survey on interdependent privacy. ACM Comput. Surv. 52(6), 122:1–122:40 (2020).

  11. Jia, L., et al.: Run-time enforcement of information-flow properties on Android. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 775–792. Springer, Heidelberg (2013).

    CrossRef  Google Scholar 

  12. Kamleitner, B., Mitchell, V.: Your data is my data: a framework for addressing interdependent privacy infringements. J. Public Policy Market. 38(4), 433–450 (2019)

    CrossRef  Google Scholar 

  13. Kelley, P.G., Cranor, L.F., Sadeh, N.: Privacy as part of the app decision-making process. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 3393–3402 (2013)

    Google Scholar 

  14. King, J., Lampinen, A., Smolen, A.: Privacy: is there an app for that? In: Proceedings of the Seventh Symposium on Usable Privacy and Security, pp. 1–20 (2011)

    Google Scholar 

  15. Olteanu, A., Huguenin, K., Dacosta, I., Hubaux, J.: Consensual and privacy-preserving sharing of multi-subject and interdependent data. In: 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, 18–21 February 2018. The Internet Society (2018).

  16. Olteanu, A., Huguenin, K., Shokri, R., Humbert, M., Hubaux, J.: Quantifying interdependent privacy risks with location data. IEEE Trans. Mob. Comput. 16(3), 829–842 (2017).

  17. Parker, G.G., Van Alstyne, M.W.: Two-sided network effects: a theory of information product design. Manag. Sci. 51(10), 1494–1504 (2005)

    CrossRef  Google Scholar 

  18. Pu, Y., Grossklags, J.: Towards a model on the factors influencing social app users’ valuation of interdependent privacy. Proc. Priv. Enhancing Technol. 2016(2), 61–81 (2016).

  19. Reardon, J., Feal, Á., Wijesekera, P., On, A.E.B., Vallina-Rodriguez, N., Egelman, S.: 50 ways to leak your data: an exploration of apps’ circumvention of the android permissions system. In: 28th USENIX Security Symposium (USENIX Security 2019), pp. 603–620 (2019)

    Google Scholar 

  20. Squicciarini, A.C., Shehab, M., Paci, F.: Collective privacy management in social networks. In: Quemada, J., León, G., Maarek, Y.S., Nejdl, W. (eds.) Proceedings of the 18th International Conference on World Wide Web, WWW 2009, Madrid, Spain, 20–24 April 2009, pp. 521–530. ACM (2009).

  21. Such, J.M., Porter, J., Preibusch, S., Joinson, A.: Photo privacy conflicts in social media: a large-scale empirical study. In: Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems, pp. 3821–3832 (2017)

    Google Scholar 

  22. Symeonidis, I., Biczók, G., Shirazi, F., Pérez-Solà, C., Schroers, J., Preneel, B.: Collateral damage of Facebook third-party applications: a comprehensive study. Comput. Secur. 77, 179–208 (2018).

  23. Wang, N., Xu, H., Grossklags, J.: Third-party apps on Facebook: privacy and the illusion of control. In: Proceedings of the 5th ACM Symposium on Computer Human Interaction for Management of Information Technology, pp. 1–10 (2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations


Corresponding authors

Correspondence to Shuaishuai Liu or Gergely Biczók .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2022 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Liu, S., Herendi, B., Biczók, G. (2022). Interdependent Privacy Issues Are Pervasive Among Third-Party Applications. In: Garcia-Alfaro, J., Muñoz-Tapia, J.L., Navarro-Arribas, G., Soriano, M. (eds) Data Privacy Management, Cryptocurrencies and Blockchain Technology. DPM CBT 2021 2021. Lecture Notes in Computer Science(), vol 13140. Springer, Cham.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-93943-4

  • Online ISBN: 978-3-030-93944-1

  • eBook Packages: Computer ScienceComputer Science (R0)