CrySP Speaker Series on Privacy

This speaker series is made possible by an anonymous charitable donation in memory of cypherpunks and privacy advocates Len Sassaman, Hugh Daniel, Hal Finney, and Caspar Bowden.

View the list of past and upcoming speakers


“Won’t Somebody Think of the Children?” Examining COPPA Compliance at Scale

Joel Reardon, University of Calgary

[Download (MP4)]

April 19, 2018 2:30pm, in DC 1304

Abstract

We present a scalable dynamic analysis framework that allows for the automatic evaluation of the privacy behaviors of Android apps. We use our system to analyze mobile apps’ compliance with the Children’s Online Privacy Protection Act (COPPA), one of the few stringent privacy laws in the U.S. Based on our automated analysis of popular free children’s apps, we found that a majority perform actions that are possible violations of COPPA, due to their use of third-party SDKs. While most of these SDKs offer configuration options to respect COPPA by disabling tracking and behavioral advertising, our data suggests that a majority of apps do not make use of these options. A further fifth collect data through SDKs whose terms of service outright prohibit their use in child-directed apps. Finally, we show that efforts by Google to limit tracking through the use of a resettable advertising ID have had little success with more than half transmitting other persistant identifiers alongside, negating the intended privacy-preserving properties.

Bio

Prof. Joel Reardon is an assistant professor at the University of Calgary. Prior to starting in Calgary, he did his Master’s at the University of Waterloo, doctoral degree at the ETH Zurich, and a post-doctoral year at the UC Berkeley and the International Computer Science Institute (ICSI). His research interests relate to security and privacy including issues for storage and compliance as well as systems to make it easier to use. He also loves mountains, bicycles, and writing poetry.


CrySP

Cryptography, Security, and Privacy Research Group
David R. Cheriton School of Computer Science
University of Waterloo
Waterloo, Ontario, Canada N2L 3G1
Tel: 519-888-4567 x36163
Fax: 519-885-1208

Contact | Feedback: crysp@cs.uwaterloo.ca | Cryptography, Security, and Privacy (CrySP)


Valid HTML 4.01! Valid CSS! Last modified: Monday, 13-Jul-2015 09:23:15 EDT

Menu: Show Hide