iPhones and Androids are tracking users' locations, there have been increasing concerns about what sorts of data in general smartphones and smartphone apps are collecting. How does a user know what information is being amassed and shared? (And don't say "by reading the Terms of Service," thanks.) How can they control this?Even before last week's revelations that
If you're an Android user, a new app under development by researchers at North Carolina State University can help. TISSA, short for Taming Information-Stealing Smartphone Applications, will give users more granular control of what personal information is available to the apps on their phones.
As it stands, Android apps must notify users about what information they'll be collecting. Then it's up to users to decide whether or not they want to install the app. That's not really much of a choice. The TISSA prototype is intended to give users another layer of permissions on top of the ones the Android OS already provides, so that even after you download an app, you still have more control over what information is shared.
In the current prototype, TISSA has four different privacy settings. The first of these is "Trusted," allowing users to mark certain apps as being safe to function normally. For apps that users are less confident in, TISSA will let them select from three other privacy settings: "Empty," "Bogus," and "Anonymized."
If a user selects "Empty," information that's requested by an app will return a message saying that the relevant information doesn't exist or isn't available. If a user selects "Bogus," the app will be provided with fake personal information. And if a user selected "Anonymized," the app will be given generalized information, such as your approximate location.
For example, weather apps require your data in order to provide you with an accurate local forecast. Rather than letting the phone give the app your exact location, TISSA could be programmed to send information about your general vicinity, say a 10-mile radius.
According to Xuxian Jiang, an assistant professor of computer science at the NC State and the leader of the project team, TISSA could be further modified to give even better control, specifying for example what type of data is okay and what isn't (such as sharing your contact list)
TISSA is currently just a prototype, but the researchers are exploring how to make it available to Android users. No work has started yet on porting the idea to iOS. The team will be presenting an academic paper on their research in June at the 4th International Conference on Trust and Trustworthy Computing.
Image credits: The Wall Street Journal