App privacy-related and security-related evaluation methods and results
| Privacy policy | Social media | Permissions requested | Data security | |||||
| Methods | Results | Methods | Results | Methods | Results | Methods | Results | |
| Bry et al 43 | Evaluated app store page and/or downloaded app manually | Privacy policy presence: Less than 5% of apps | Evaluated app store page and/or downloaded app manually | Login and/or password presence: Less than 5% of apps | ||||
| Cheng et al 24 | Evaluated app store page and/or downloaded app manually | Investigator-developed security assessment scale: 6% of apps rated as excellent; 10% of apps rated as good | ||||||
| Das et al 20 | Statistics calculated with web-based readability calculator | Privacy policy readability: average reading grade level (12.8) higher than average US adult level (8.0) | ||||||
| Liu et al 22 | Comparison of app library package names with libraries relevant to social networks | Potential for social medial sharing: 20% of apps | Examination of privacy grade as listed in online crowdsourced dataset | Potential for permission requests: 82% of apps use few permissions for unusual purposes; 10% may use permissions in this way | ||||
| Meyer et al 23 | Evaluated app store page and/or downloaded app manually | Social media links: 14% of apps | Evaluated app store page and/or downloaded app manually |
Permission requests:
100% of apps Requests for notifications (100%), files/photo storage (53%), phone (13%), microphone (8%), camera (7%); and location (4%). | ||||
| Musgrave et al 50 | Evaluated app store page and/or downloaded app manually | Login and/or password presence: 90% of apps required logins; 70% required passwords | ||||||
| Reyes et al 18 | Automated analysis of whether data transmissions are protected | Data encryption: 40% of apps do not use TLS* | ||||||
| Robinson et al 53 | Evaluated app store page and/or downloaded app manually | Social media links: 63% of apps | Evaluated app store page and/or downloaded app manually | Login and/or password presence: 0% of apps | ||||
| Sardi et al 21 | Evaluated app store page and/or downloaded app manually |
Privacy policy presence: 63% of apps Privacy policy content: 27% of privacy policies complied with international and federal laws including COPPA†, GDPR‡ and HIPAA§. | Evaluated app store page and/or downloaded app manually |
Social media links:
31% of apps | Evaluated app store page and/or downloaded app manually |
Login and/or password presence: 29% of apps Cloud storage backup option: 8% of apps | ||
| Schoeppe et al 54 | Evaluated app store page and/or downloaded app manually |
Social media links:
60% of apps | Evaluated app store page and/or downloaded app manually | Login and/or password presence: 20% of apps | ||||
| Schoffman et al 55 | Evaluated app store page and/or downloaded app manually |
Social media links:
16% of apps | ||||||
| Virani et al 58 | Evaluated app store page and/or downloaded app manually | Privacy policy presence: 100% of apps | Evaluated app store page and/or downloaded app manually | Login and/or password presence: 33%–100% of apps | ||||
| Weber et al 59 | Evaluated app store page and/or downloaded app manually |
Social media links:
Less than or equal to 35% of apps | Evaluated app store page and/or downloaded app manually | Login and/or password presence: 70% of apps | ||||
| Zarnowiecki et al 63 | Evaluated app store page and/or downloaded app manually |
Social media links:
25% of apps | Evaluated app store page and/or downloaded app manually | Login and/or password presence: 0% of apps | ||||
*Transport Layer Security.
†Children’s Online Privacy Protection Act.
‡General Data Protection Regulation.
§Health Insurance Portability and Accountability Act.