Towards a Privacy Toolkit for Location Based Apps

The GPS location history of a smartphone can be used to draw deep conclusions about users. Most smartphones pass on this information by default without explaining the risks to users in a comprehensible way– and there is also a lack of detailed control options when sharing one’s own location. SIMPORT aims to develop forms of interaction that transparently inform users of digital services about the use of their personal location information and provide differentiated control options. With an open and generic software architecture, these new approaches should be easy to integrate into the services of (commercial) providers. This brings with it some challenges, for which SIMPORT is entering into dialogue with developers and other insiders of such services.

At rC3– the remote version of the Chaos Communication Congress, an international meeting of the hacker scene organized by the Chaos Computer Club, where technical and socio-political topics are presented and discussed in numerous lectures and workshops– we addressed these challenges. In a workshop entitled Towards a Privacy Toolkit for Location Based Apps, we exchanged ideas with around 15 developers and interested people and tried to work out together what is needed to build privacy-friendly apps with location access.

In an initial open discussion, some general problems emerged– participants noted that the issue of data protection is perceived very differently in different parts of the world and, for example, plays a much greater role in Europe than in the USA. At the same time, the question arises: Who is actually responsible? Why should developers have an interest in data protection?

The SIMPORT project tries to build bridges between these differences. A toolkit that is as simple as possible, but nevertheless comprehensive, can intervene here and provide a good incentive to keep any thresholds to topics such as data protection and the GDPR as low as possible for developers. What could the requirements for such a toolkit look like?

In concrete terms, during the workshop we took on some design tasks for a positive user experience and discussed forms of interaction that can grant the aforementioned control options of data privacy. With regard to the user interface, we found that current apps provide very little information about what actually happens with user data. When giving permission for location services, there should be transparent and understandable access to such information before an access request is even made. On the other hand, revoking this permission is usually not possible within the app and requires using the operating system settings, which makes revocation (as opposed to consent) unnecessarily difficult.

An impulse from the workshop to provide users with a uniform control mechanism is a data privacy cockpit: an overview of all permissions within an app, which reflects to users in an understandable and transparent way which data uses were permitted for a service and which were not. By means of short explanations in simple language with direct reference to detailed information (which data goes when and why to whom?) within this cockpit, the data flow can be controlled uniformly from the user’s point of view. A constant challenge is to formulate all explanations in a way that is both as detailed and understandable as possible, without bogging down users with legal/technical terminology– with the goal of complete transparency for all potential users.

Draft of the Data Privacy Cockpit

But the technical perspective on the topic also poses some challenges, which were discussed in the workshop: What can a technical approach look like? What is most helpful for developers to make apps privacy-friendly and transparent from the user’s point of view? Various phases of the development cycle were addressed that could be supported by software – for example, tools could be helpful that intervene when creating new app projects (e.g., within Android Studio or XCode) and preconfigure projects according to developer specifications. For example, a structured, formatted privacy policy could represent such a specification and create a preconfigured project framework that already implements corresponding privacy conditions in the form of app permissions or, for example, required dialogues and thus facilitates the development of privacy-compliant applications. Likewise, from the participants’ point of view, easily integrable libraries that provide ready-made forms of interaction for informed consent of user data would be a good aid for developing privacy-friendly apps – while such forms of interaction still need to be identified and created.

With these and many other contributions, challenges and new questions from this workshop, we have gained a valuable impression that brings us one step closer to the goal of making users sovereign over their data. We look forward to expanding this dialogue in future workshops!



C3 – /