Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Privacy Bills of Materials: A Transparent Privacy Information Inventory for Collaborative Privacy Notice Generation in Mobile App Development

Zhen Tao, Shidong Pan, Zhenchang Xing, Xiaoyu Sun, Omar Haggag, John Grundy, Jingjie Li, Liming Zhu

TL;DR

This paper addresses the difficulty of producing authentic, regulation-compliant privacy notices for mobile apps, especially in complex, multi-role teams. It introduces Privacy Bills of Materials (PriBOM), a BOM-inspired, UI-widget–centered inventory designed to unify privacy information across roles and support collaborative, transparent privacy-notice generation. A modular pre-fill pipeline combines static analysis (Android-specific) and privacy notice analysis to align PriBOM with code practices, policies, and privacy labels, demonstrating practicality in DevOps contexts. A human evaluation with 150 participants shows PriBOM is broadly useful, with strong perceived intuitiveness and potential for cross-role collaboration, while also highlighting role-based differences and areas for refinement and broader adoption.

Abstract

Privacy regulations mandate that developers must provide authentic and comprehensive privacy notices, e.g., privacy policies or labels, to inform users of their apps' privacy practices. However, due to a lack of knowledge of privacy requirements, developers often struggle to create accurate privacy notices, especially for sophisticated mobile apps with complex features and in crowded development teams. To address these challenges, we introduce Privacy Bills of Materials (PriBOM), a systematic software engineering approach that leverages different development team roles to better capture and coordinate mobile app privacy information. PriBOM facilitates transparency-centric privacy documentation and specific privacy notice creation, enabling traceability and trackability of privacy practices. We present a pre-fill of PriBOM based on static analysis and privacy notice analysis techniques. We demonstrate the perceived usefulness of PriBOM through a human evaluation with 150 diverse participants. Our findings suggest that PriBOM could serve as a significant solution for providing privacy support in DevOps for mobile apps.

Privacy Bills of Materials: A Transparent Privacy Information Inventory for Collaborative Privacy Notice Generation in Mobile App Development

TL;DR

This paper addresses the difficulty of producing authentic, regulation-compliant privacy notices for mobile apps, especially in complex, multi-role teams. It introduces Privacy Bills of Materials (PriBOM), a BOM-inspired, UI-widget–centered inventory designed to unify privacy information across roles and support collaborative, transparent privacy-notice generation. A modular pre-fill pipeline combines static analysis (Android-specific) and privacy notice analysis to align PriBOM with code practices, policies, and privacy labels, demonstrating practicality in DevOps contexts. A human evaluation with 150 participants shows PriBOM is broadly useful, with strong perceived intuitiveness and potential for cross-role collaboration, while also highlighting role-based differences and areas for refinement and broader adoption.

Abstract

Privacy regulations mandate that developers must provide authentic and comprehensive privacy notices, e.g., privacy policies or labels, to inform users of their apps' privacy practices. However, due to a lack of knowledge of privacy requirements, developers often struggle to create accurate privacy notices, especially for sophisticated mobile apps with complex features and in crowded development teams. To address these challenges, we introduce Privacy Bills of Materials (PriBOM), a systematic software engineering approach that leverages different development team roles to better capture and coordinate mobile app privacy information. PriBOM facilitates transparency-centric privacy documentation and specific privacy notice creation, enabling traceability and trackability of privacy practices. We present a pre-fill of PriBOM based on static analysis and privacy notice analysis techniques. We demonstrate the perceived usefulness of PriBOM through a human evaluation with 150 diverse participants. Our findings suggest that PriBOM could serve as a significant solution for providing privacy support in DevOps for mobile apps.
Paper Structure (24 sections, 6 figures, 6 tables)

This paper contains 24 sections, 6 figures, 6 tables.

Table of Contents

  1. Introduction
  2. Privacy Notice Generation for Mobile Apps
  3. Status Quo
  4. Formative Study
  5. The PriBOM Approach
  6. Motivation of PriBOM
  7. Design of PriBOM
  8. Benifits of PriBOM
  9. Pre-fill of PriBOM
  10. Static Analysis
  11. Privacy Notice Analysis
  12. Human Evaluation
  13. User Study Design
  14. Participant Recruitment
  15. Ethics Considerations
  16. ...and 9 more sections

Figures (6)

  • Figure 1: Use cases of PriBOM. (1) A privacy information inventory indexed by UI widgets, providing transparent privacy documentation. (2) A privacy communication platform between different roles in the development team. (3) A systematic solution for collaborative privacy notice generation.
  • Figure 2: (a) and (b) are the interfaces of Appprivacypolicygenerator, one of the most popular APPGs, according to Pan et al. pantrap, on collecting Personally Identifiable Information (PII) and Third-party Libraries (TPL) usages. (c) is a screenshot of Matcha li2024matcha, one of the Code-based IDE Plugins (CIDEP), from its JetBrains plugin page MatchaJetBrainspluginpage.
  • Figure 3: An overview of PriBOM in the usage scenario. The interaction between app users and UI components triggers data practices. These practices are disclosed to users through privacy notices such as the privacy policy. PriBOM helps development team create accurate privacy notices by documenting privacy information related to specific UI components.
  • Figure 4: The pipeline of our static analysis module.
  • Figure 5: Examples of the differences of agreement scores regarding survey statements among different roles.
  • ...and 1 more figures