Tracking is a highly privacy-invasive data collection practice that has been ubiquitous in
mobile apps for many years due to its role in supporting advertising-based revenue models …

While the literature on permissions from the end-user perspective is rich, there is a lack of
empirical research on why developers request permissions, their conceptualization of …

We investigate the privacy compliance processes followed by developers of child-directed
mobile apps. While children's online privacy laws have existed for decades in the US, prior …

Third-party tracking, the collection and sharing of behavioural data about individuals, is a
significant and ubiquitous privacy threat in mobile apps. The EU General Data Protection …

Virtual reality (VR) is an emerging technology that enables new applications but also
introduces privacy risks. In this paper, we focus on Oculus VR (OVR), the leading platform in …

At the end of 2020, Apple introduced privacy nutritional labels, requiring app developers to
state what data is collected by their apps and for what purpose. In this paper, we take an in …

Mobile applications leaking personal information is a well established observation pre and
post GDPR. The legal requirements for personal data collection in the context of tracking are …

Since December 2020, the Apple App Store has required all developers to create a privacy
label when submitting new apps or app updates. However, there has not been a …

TLS certificate pinning is a security mechanism used by applications (apps) to protect their
network traffic against malicious certificate authorities (CAs), in-path monitoring, and other …

To improve user experience, Alexa now allows users to consent to data sharing via voice
rather than directing them to the companion smartphone app. While verbal consent …