This is a paper that I drafted in my spare time that relates to the work I’ve done with mobile technology and law enforcement. I got to thinking that the method we were using to track information about the various stakeholders and how data are collected and shared could have wider applicability. I’ve submitted this to a journal, but until I hear back I will leave it here as a post.
Abstract— In today’s mobile application marketplace, the ability of consumers to make informed choices regarding their privacy is extremely limited. Consumers largely rely on privacy policies and app permission mechanisms, but these do an inadequate job of conveying how information will be collected, used, stored, and shared. Mobile application developers go largely unrewarded for making apps more privacy conscious as it is difficult to communicate these features to consumers while they are searching for a new app. This paper provides an overview of a framework designed to help consumers make informed choices, and an incentive mechanism to encourage app developers to implement it. This framework includes machine readable privacy policies encouraged by mobile app stores and enhanced by user software agents. Such a framework would provide the foundation required for more advanced forms of privacy management to develop.