"I'm not for sale" -- Perceptions and limited awareness of privacy risks by digital natives about location data

TL;DR

This study investigates how digital natives perceive and manage privacy risks associated with mobile location data. Using a mixed-methods design, it combines a behavior/perception questionnaire with a risk-demonstration platform that visualizes location traces and applies differential privacy to illustrate risk-utility trade-offs. Results reveal prevalent privacy-misspractices, limited risk awareness, and a notable uplift in risk understanding after exposure to the visualization, with many participants indicating intent to adjust permissions and adopt PETs. The work offers practical recommendations for enhancing transparency and control through centralized permission management and per-app risk feedback, contributing to the design of more usable privacy technologies for location data.

Abstract

Although mobile devices benefit users in their daily lives in numerous ways, they also raise several privacy concerns. For instance, they can reveal sensitive information that can be inferred from location data. This location data is shared through service providers as well as mobile applications. Understanding how and with whom users share their location data -- as well as users' perception of the underlying privacy risks --, are important notions to grasp in order to design usable privacy-enhancing technologies. In this work, we perform a quantitative and qualitative analysis of smartphone users' awareness, perception and self-reported behavior towards location data-sharing through a survey of n=99 young adult participants (i.e., digital natives). We compare stated practices with actual behaviors to better understand their mental models, and survey participants' understanding of privacy risks before and after the inspection of location traces and the information that can be inferred therefrom. Our empirical results show that participants have risky privacy practices: about 54% of participants underestimate the number of mobile applications to which they have granted access to their data, and 33% forget or do not think of revoking access to their data. Also, by using a demonstrator to perform inferences from location data, we observe that slightly more than half of participants (57%) are surprised by the extent of potentially inferred information, and that 47% intend to reduce access to their data via permissions as a result of using the demonstrator. Last, a majority of participants have little knowledge of the tools to better protect themselves, but are nonetheless willing to follow suggestions to improve privacy (51%). Educating people, including digital natives, about privacy risks through transparency tools seems a promising approach.

Figures (9)

• Figure 1: Screenshot of the demonstration's interface. Clicking on a POI yields attendance statistics.
• Figure 2: Illustration of the defense mechanism. Here the red lines show the initial traces, and the black lines represent the traces after the application of the noise.
• Figure 3: Inference performed by the platform. The left-hand side shows inference from raw data while the right-hand side presents the reduced risks after the application of the defense mechanism (i.e., geo-indistinguishability Andr_s_2013). The noisy version hardly yields the gender, smooths the personality traits, makes the daily and weekly attendance statistics unusable, and infers inaccurate POIs.
• Figure 4: Plot of the Internet User’s Information Privacy Concerns (IUIPC) distribution of participants.
• Figure 5: Participants tend to underestimate the number of apps that have access to the location (Q3 against Q8).