Keywords:  Security Engineering and Design, Vulnerable Populations, Privacy,

2018

Privacy Analysis at Scale: A Study of COPPA Compliance

Serge Egelman, Research Director, International Computer Science Institute, UC Berkeley
Irwin Reyes, Researcher, International Computer Science Institute, UC Berkeley
Primal Wijesekera, Staff Research Scientist, International Computer Science Institute, UC Berkeley
Amit Elazari, Lecturer/Director, School of Information, UC Berkeley|Intel

This research team has launched a successful platform for detecting violations of the ChildrenÂ’s Online Privacy Protection Act (COPPA) at scale by automatically observing the behaviors of tens of thousands of free Android apps. They also have developed a website for use by parents, who can review the privacy behaviors of apps to make more informed choices, as well as regulators, who can take actions against bad actors. With this grant, they will develop a testing API to help developers prevent privacy violations in their apps prior to release, and they will expand their tools for use in virtualized environments and introduce crowdsourced user input, which will allow them to execute and inspect many mobile apps simultaneously.