TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

Privacy Tech | This app uses machine learning to help users find the best privacy settings Related reading: Canadian security, privacy startup raises $100M in funding round



Chances are, if you have a smartphone, you likely have a wide variety of apps filling up your screen. You likely have apps for your social media accounts, your bank, and maybe a GPS app to help you find the closest restaurant.

While everyone may be flocking to Facebook, Google Maps, and PayPal, users' views about their app settings and permissions will probably differ.

This was the impetus behind the creation of the Privacy Assistant app, a tool created by Carnegie Mellon University researchers to help users of rooted Android phones - where the user unlocks the phone's operating system to better customize the device - find the proper settings and permissions fitting their habits.

Carnegie Mellon University Professor Norman Sadeh, CIPT, headed up the creation of the app, as his team has been conducting research on the ways apps share information with advertising networks and how users felt about such sharing.

While many people expressed discomfort about having their information shared with advertisers, it wasn’t a universal mindset, he found.

“One of the challenges about privacy is not every one feels the same about these scenarios. If everyone did feel the same way, things would be very easy,” said Sadeh. “You’d basically configure things in accordance with the way one feels. Obviously, that’s not the case, and that has been reflected in the number of settings iOS and Android has been making available to users over the years.”

As Sadeh and his team delved deeper into their research, they found machine learning can be used to predict a user’s preferred settings. The Privacy Assistant app works by analyzing the types of apps users have on their phone. From this analysis, the app will ask between three to five questions, depending on how the user responds.

Here's an example: “In general, do you feel comfortable with Social apps accessing your Camera?” or, “In general, do you feel comfortable with Finance apps accessing your Location?”  Below the question resides apps installed on the phone, and three choices: “not sure,” “mostly ok,” and “mostly no.”


Screen shot of the Privacy Assistant in action

These questions help Privacy Assistant sort users into one of seven clusters, or the profile best describing her setting preferences. The seven clusters cover the wide spectrum of views towards settings and permissions.

“You are going to have clusters of people who are very permissive, and will pretty much grant anything that is being asked. You have a cluster of people who are very conservative, and they will, by and large, try to deny anything. The vast majority of the population is somewhere in between,” said Sadeh. “There are clusters that are going to say, I am willing to let location be visible for apps that really need it to work, like a navigation app, but I am not willing to share my location with advertising networks.”

After a user has been sorted into her cluster, she can examine the recommendations made by Privacy Assistant. Users will have the ability to sort through the recommendations offered in seven different categories: location, contacts, messages, phone call data, camera, calendar, and microphone.

Once one of the categories has been chosen, the user will see a list of apps. Any recommendations made by Privacy Assistant will be marked by an exclamation point. The user will then have the ability to adjust the permission from the app.


Contacts view of the Privacy Assistant

Building the clusters was far from a trivial task. Users are likely not willing to share their settings information, and it is likely users are unaware their apps are locked into settings not matching their preferences. The Carnegie Mellon team developed a protocol to increase user awareness of their settings, and used machine learning algorithms to analyze the collected data. While the task is not an easy one to accomplish, Sadeh credits his team’s prior experience conducting similar efforts across different domains for getting the app off the ground.

One area of focus for the app was ensuring it had a clean interface, an issue plaguing other apps attempting to perform a similar function. “This is often overlooked by people in this space, but if you want your tool to be usable by a large number of people, you have got to really pay attention to the design of your interface and come up with something that is very clean," said Sadeh. “A few other people have been building apps to try and have users manage their permissions, and if you look at the interfaces that they have developed, they are cluttered and not leveraging machine learning the way we do, so they are not able to make recommendations that are useful as we do.”

Privacy Assistant is only available on rooted Android phones, which Sadeh knows is a small percentage of the total Android market. Sadeh said other users cannot use the app at this time due to Android's strict nature toward allowing third parties to tinker with the settings and permissions.

Google and Samsung have both funded portions of the research and expressed their support for the team’s efforts.

Whether the tech companies’ enthusiasm translates to wider exposure for Privacy Assistant remains to be seen. Sadeh said conversations are taking place to determine whether the public at large will be able to use their tool. The team is exploring whether they can release a variation of the app to normal Android phones, albeit without the ability alert permissions within the app.

Sadeh has received positive feedback from those who have used Privacy Assistant, and he hopes to obtain a wider audience to offer more users the ability to tackle their settings and permissions head on.

“I don’t think that there’s any other way of empowering people to really control their settings,” said Sadeh. “There are just too many of them, and you really need machine learning to help people in this space.”


If you want to comment on this post, you need to login.