David Harborth, Goethe University Frankfurt am Main; Alisa Frik, ICSI, University of California Berkeley
Augmented reality (AR), and specifically mobile augmented reality (MAR) gained much public attention after the success of Pokémon Go in 2016, and since then has found application in online games, social media, entertainment, real estate, interior design, and other services. MAR apps are highly dependent on real time context-specific information provided by the different sensors and data processing capabilities of smartphones (e.g., LiDAR, gyroscope or object recognition). This dependency raises crucial privacy issues for end users. We evaluate whether the existing access permission systems, initially developed for non-AR apps, as well as proposed new permissions, relevant for MAR apps, provide sufficient and clear information to the users. We address this research goal in two online survey-based experiments with a total of 581 participants. Based on our results, we argue that it is necessary to increase transparency about MAR apps' data practices by requesting users' permissions to access certain novel and privacy invasive resources and functionalities commonly used in MAR apps, such as speech and face recognition. We also find that adding justifications, contextualized to the data collection practices of the app, improves transparency and can mitigate privacy concerns, at least in the context of data utilized to the users' benefit. Better understanding of the app's practices and lower concerns, in turn, increase the intentions to grant permissions. We provide recommendations for better transparency in MAR apps.
SOUPS 2021 Open Access Videos Sponsored by
Ethyca
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {David Harborth and Alisa Frik},
title = {Evaluating and Redefining Smartphone Permissions with Contextualized Justifications for Mobile Augmented Reality Apps},
booktitle = {Seventeenth Symposium on Usable Privacy and Security (SOUPS 2021)},
year = {2021},
isbn = {978-1-939133-25-0},
pages = {513--534},
url = {https://www.usenix.org/conference/soups2021/presentation/harborth},
publisher = {USENIX Association},
month = aug
}