This study empirically analyzed 1,000 Android apps, finding that privacy policies are often vague and frequently fail to align with the actual sensitive data logged by the applications.

This study empirically analyzed 41 mobile gaming apps, finding that while device ID disclosures were relatively consistent, location and personal information disclosures showed significant mismatches…

PolicyGapper is an LLM-based tool that automatically detects inconsistencies and omissions between a mobile app's Google Play Data Safety Section and its official Privacy Policy, identifying thousands…

This study proposes a negotiation framework, using composite indices (RBTI and CATI), to explain how youth navigate competing privacy pressures when using smart voice assistants, finding that high usa…

The paper proposes and evaluates DePRa, a system that democratizes privacy assessment by making everyday users active evaluators of mobile app data access, showing its potential to complement expert a…

This study investigated user reactions to inferred personal information from their own ChatGPT histories, finding that acceptability is governed by context-sensitive norms regarding generation, retent…

The paper introduces MyPhoneBench, a new framework that demonstrates that current phone-use agents often fail to respect user privacy, even when successfully completing simple tasks, primarily due to…

The paper introduces LLUMI, an open-source framework that improves LLM writing assistance for mental health support using community feedback, demonstrating comparable performance to proprietary models…

This study investigates user perceptions of privacy risks associated with GenAI smartphones, finding that users express heightened concerns across the entire data lifecycle and suggest comprehensive,…

The study surveyed Android developers to assess their willingness to adopt changes that mitigate device fingerprinting risks, finding that developers overwhelmingly support privacy protections even wi…

The paper introduces PrivacySIM, an evaluation suite that benchmarks how well LLMs can simulate individual user privacy decisions based on persona attributes, finding that while conditioning improves…

The paper introduces the PrivacyIceberg framework to systematically categorize and empirically demonstrate the high risk of automated, deep personal profiling using LLM agents, revealing a significant…

This study empirically demonstrates that privacy exposure in mobile gaming apps is primarily driven by complex, configuration-level SDK ecosystems rather than just the permissions the app explicitly r…

The paper analyzes Android's permission system and finds that two legacy mechanisms—permission groups and normal-level custom permissions—allow apps to silently gain excessive permissions and expose s…

PrivacyAssist is a multi-agent LLM framework that detects inconsistencies between user-granted app permissions and the app's actual data collection practices, finding that most apps are not fully tran…

The study finds exploratory evidence that gender moderates how youth perceive privacy risks and benefits, influencing their protective behavior when using smart voice assistants.

The paper investigates how digital devices in U.S. prisons create privacy and security risks for incarcerated users, finding that pervasive surveillance and arbitrary policies negatively impact their…

The paper introduces PHTV-Scout, a novel framework that analyzes Douyin and Kwai data, revealing a high prevalence of potentially harmful teen videos, particularly CSE imagery, and demonstrating that…

The paper empirically investigates the lead marketing ecosystem, revealing a highly non-compliant system that aggressively collects, shares, and monetizes sensitive personal data through deceptive bro…

The paper finds that while LLMs can detect distress regardless of delusional framing, they significantly fail to intervene safely when distress is intertwined with delusion, suggesting a critical reco…