As smartphone users wake up to the dangers of apps snaffling data they would rather not share, researchers at Microsoft have come up with a neat solution to the problem that could be used to bake a balance of content personalisation and privacy into its Windows Phone operating system.
Many of today's most popular smartphone apps reliant on harvesting information about users to deliver a personalised service, according to Ben Livshits of Microsoft Research.
But unless users are aware of the extent of this information, they risk handing over more data than they bargained for, as app makers harvest user data and transmit it to their own datacentres.
A case in point is photo-sharing service Path, which caused a furore earlier this year after users realised the app had sent the contents of their address book back to the firm while Apple and Google where also caught up in the issue.
So Livshits and his colleague Drew Davidson of the University of Wisconsin developed MoRePriv.
It designed to be used with the Windows Phone system to build up a picture of the user, and defines the level of data sharing allowed on the phone according to a set of pre-established roles, such as technophile or business user.
“MoRePriv advocates leaving user data on the mobile device, under the control of the user,” they said.
This change in perspective means users retain control of their data and cloud providers will not fall foul of data protection or privacy laws.
MoRePriv analyses the use applications such as email, SMS and Facebook to establish a persona for the user – this persona is not intended to exactly match the user, but provides a means to establish rules for data sharing based on their profile.
“The use of personas limits the potential for user tracking: while persona information can be shared by apps to perform server-based personalisation, for instance, it is not enough to link the user across multiple interactions,” the researchers said.
The researchers then used Amazon's Mechanical Turk to establish how these different categories of user would have to sharing data in various circumstances before testing the system using a Windows Phone running the Mango version of the operating system.
They found that the system was able to reduce the permissions given to 73 per cent of apps that wanted some access to data, providing the user with greater privacy without crippling the apps that they want to use.
It remains to be seen if the tool could be extended to other systems, but it could be a key step on the road to providing device owners with more control over how their data is stored and secured, and kept away from organisations with unknown motives.
08 May 2012