Part of a healthy privacy practice is engaging online with intent, making sure that when we share, we SEE clearly. But even the most privacy-conscious among us may not realize that how we interact with cloud-based software and websites can have a dramatic impact on how much we’re sharing. For instance, did you know that choosing to use a company’s app versus its mobile website might have a profound impact on how much information you’re unintentionally “leaking” online?
Investigating the Privacy Difference
If you had no idea your choice of app versus mobile website might result in a different amount of personally identifying information finding its way into the world, you’re not alone. Until recently, no serious study had compared the two.
Researchers at Northeastern University have just published an academically thorough paper, “Should You Use the App for That?: Comparing the Privacy Implications of App- and Web-based Online Services” (PDF), aimed at clarifying the question. Answering the question is complex in part because the researchers needed to define what constitutes an “information leak.” For the purposes of the paper, they determined a PII (Personally Identifying Information) leak would be:
• Transmitted over the internet unencrypted, thus exposing the data to eavesdroppers
• Sent to third parties (encrypted or plain text), and is not required for logging into the service, thus exposing users to profiling.
TechRepublic provides a overview of the paper here. David Choffnes, one of the paper’s authors, summarizes their findings:
“We expected that apps would leak more identifiers because apps have more direct access to that information. And overall that’s true. But we found that typically apps leak just one more identifier than a website for the same service. In fact, we found that in 40 percent of cases websites leak more types of information than apps.”
The upshot? There’s no go-to choice for a greater degree of privacy. There is, however, help in making choices for individual apps versus websites. Researchers developed an interactive online tool to help you make informed choices between apps versus websites. The tool’s interface allows you to prioritize which pieces of personal information you care about most, such as birthday, email address, device information, gender, location, and unique identifiers, among others. It also makes explicit which pieces of information apps versus websites leak, based on the researcher’s criteria in the paper.
Tools for Transparency
The latest Pew Research Study suggests online privacy concerns are widespread in America. Findings in “The state of privacy in post-Snowden America” reveal:
• Americans express a consistent lack of confidence about the security of everyday communication channels and the organizations that control them.
• Many Americans struggle to understand the nature and scope of data collected about them.
• Fully 91% of adults agree or strongly agree that consumers have lost control of how personal information is collected and used by companies.
• For most Americans who are making decisions about sharing their information in return for a product, service or other benefit, the context and conditions of the transactions matter.
To help address these concerns, we need tools to help us make authentic, informed choices about our privacy. Mobile privacy is certainly ground zero when it comes to protecting our personal information. Efforts like the Northeastern University study are an important step in raising awareness and creating transparency, as are complementary tools such as app rating systems.
There may not be simple answers to complex privacy issues, but with advocacy we should be able to leverage technology to bring greater clarity to the choices we make.
Comments