Respecting user privacy in mobiles: privacy by design permission system for mobile applications
in International Journal On Advances in Security
110 – 120
The Privacy by Design concept proposes to integrate the respect of user privacy into systems managing user data from the early design stage. This concept has increased in popularity and the European Union (EU) is enforcing it with a Data Protection Directive. Mobile applications have emerged onto the market and the current law and future directive is applicable to all mobile applications designed for EU users. By now it has been shown that mobile applications do not suit the Privacy by Design concept and lack transparency, consent and security. Current permission systems are judged as unclear for users. In this paper, we introduce a novel permission model suitable for mobile application that respects Privacy by Design. We show that such adapted permission system can improve not only the transparency and consent but also the security of mobile applications. Finally, we propose an example of the use of our system in mobile application.