A Two-Pillar Approach to Analyze the Privacy Policies and Resource Access Behaviors of Mobile Augmented Reality Applications
- David Harborth, Chair of Mobile Business and Multilateral Security, Goethe University Frankfurt am Main, Frankfurt am Main, Germany
- Majid Hatamian, Chair of Mobile Business and Multilateral Security, Goethe University, Frankfurt am Main, Germany
- Welderufael B. Tesfay, Chair of Mobile Business and Multilateral Security, Goethe University, Frankfurt am Main, Germany
- Kai Rannenberg, Chair of Mobile Business and Multilateral Security, Goethe University, Frankfurt, Germany
AbstractAugmented reality (AR) gained much public attention since the success of Pokémon Go in 2016. Technology companies like Apple or Google are currently focusing primarily on mobile AR (MAR) technologies, i.e. applications on mobile devices, like smartphones or tablets. Associated privacy issues have to be investigated early to foster market adoption. This is especially relevant since past research found several threats associated with the use of smartphone applications. Thus, we investigate two of the main privacy risks for MAR application users based on a sample of 19 of the most downloaded MAR applications for Android. First, we assess threats arising from bad privacy policies based on a machine-learning approach. Second, we investigate which smartphone data resources are accessed by the MAR applications. Third, we combine both approaches to evaluate whether privacy policies cover certain data accesses or not. We provide theoretical and practical implications and recommendations based on our results.
Return to previous page