Exploring decision making with Android’s runtime permission dialogs using in-context surveys

Authors: 

Bram Bonné, Hasselt University; Sai Teja Peddinti, Igor Bilogrevic, and Nina Taft, Google Inc.
IAPP SOUPS Privacy Award!

Abstract: 

A great deal of research on the management of user data on smartphones via permission systems has revealed significant levels of user discomfort, lack of understanding, and lack of attention. The majority of these studies were conducted on Android devices before runtime permission dialogs were widely deployed. In this paper we explore how users make decisions with runtime dialogs on smartphones with Android 6.0 or higher. We employ an experience sampling methodology in order to ask users the reasons influencing their decisions immediately after they decide. We conducted a longitudinal survey with 157 participants over a 6 week period.

We explore the grant and denial rates of permissions, overall and on a per permission type basis. Overall, our participants accepted 84% of the permission requests. We observe differences in the denial rates across permissions types; these vary from 23% (for microphone) to 10% (calendar). We find that one of the main reasons for granting or denying a permission request depends on users' expectation on whether or not an app should need a permission. A common reason for denying permissions is because users know they can change them later. Among the permissions granted, our participants said they were comfortable with 90% of those decisions — indicating that for 10% of grant decisions users may be consenting reluctantly. Interestingly, we found that women deny permissions twice as often as men.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {205166,
author = {Bram Bonn{\'e} and Sai Teja Peddinti and Igor Bilogrevic and Nina Taft},
title = {Exploring decision making with {Android{\textquoteright}s} runtime permission dialogs using in-context surveys},
booktitle = {Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017)},
year = {2017},
isbn = {978-1-931971-39-3},
address = {Santa Clara, CA},
pages = {195--210},
url = {https://www.usenix.org/conference/soups2017/technical-sessions/presentation/bonne},
publisher = {USENIX Association},
month = jul
}

Presentation Audio