As part of our work to facilitate social media transparency at the Applied Social Media Lab at the Berkman Klein Center for Internet & Society, we are investigating the unintended potential privacy implications of granting device permissions to social media applications.
Smartphone apps often request data permissions from users. For example, an app might request access to a user's photos or calendar events or contact list. These permission requests allow us to control which apps have access to our data, but not the end use of our data. Granting these permissions can seem innocuous to us as humans - but what can apps learn about us through our data? And does the privacy leakage get worse when combining multiple device permission types using modern data processing power to extract insights? In the Permissions Explorer project, we examine how bad the privacy problem is, giving users concrete insights into the surprising things that apps can glean, even from data that seems mundane. For vulnerable populations, understanding what kinds of inference capabilities are possible is all the more important.
Our hope is that by providing transparency into how users might be exposing sensitive data from mobile devices without realizing it, we can empower individuals, no matter their technical expertise/understanding, to practice good permission hygiene.
Zoe is a Principal Engineer at the Applied Social Media Lab. Her work focuses on preserving news media, facilitating platform transparency, and building public interest technology. She is particularly interested in how the collection, movement, and regulation of data impacts our digital rights.
Sarah Radway is a PhD student in computer science at Harvard University. She is an NSF Graduate Research Fellow, and her research focuses on systems security and privacy.