Data Privacy in Mobile Applications: A Path to Transparency and User Awareness
Abstract
This thesis examines the current state of data privacy within mobile applications on the
Android platform, focusing on the transparency of data collection practices, the adequacy
of user controls, and the effectiveness of regulatory frameworks like the General Data
Protection Regulation (GDPR). Through a comprehensive analysis of various popular
Android applications, this study identifies common data collection methods, assesses the
transparency of data collection practices, and evaluates the permissions and trackers
used by these applications.
The research includes a static and dynamic technical analysis of various Android apps to
inspect the behavior of these apps regarding data handling and privacy practices. The
findings reveal significant discrepancies between the privacy claims made by app de-
velopers in the Google Play Store, and the actual data collection and sharing practices
uncovered during the analysis. Furthermore, the study highlights a general lack of ro-
bust privacy controls, allowing for extensive data collection and surveillance, often without
explicit user consent.
This thesis contributes to the broader cybersecurity field by providing empirical evidence
that many Android applications do not sufficiently protect user privacy. It also offers prac-
tical recommendations for improving privacy practices in mobile app development and
calls for stricter enforcement of existing data protection laws as well as enhanced privacy
controls in the Android operating system.
Given the pervasive nature of mobile apps and their integration into daily life, this re-
search underscores the urgent need for greater transparency and user empowerment in
the management and control of personal data. This study not only enriches academic
discussions around data privacy but also serves as a valuable resource for policymakers,
developers, and users aiming to enhance data protection in the digital age.