App privacy-related and security-related evaluation methods and results
| Privacy policy | Social media | Permissions requested | Data security | |||||
| Methods | Results | Methods | Results | Methods | Results | Methods | Results | |
| Bry et al43 | Evaluated app store page and/or downloaded app manually | Privacy policy presence: Less than 5% of apps | Evaluated app store page and/or downloaded app manually | Login and/or password presence: Less than 5% of apps | ||||
| Cheng et al24 | Evaluated app store page and/or downloaded app manually | Investigator-developed security assessment scale: 6% of apps rated as excellent; 10% of apps rated as good | ||||||
| Das et al20 | Statistics calculated with web-based readability calculator | Privacy policy readability: average reading grade level (12.8) higher than average US adult level (8.0) | ||||||
| Liu et al22 | Comparison of app library package names with libraries relevant to social networks | Potential for social medial sharing: 20% of apps | Examination of privacy grade as listed in online crowdsourced dataset | Potential for permission requests: 82% of apps use few permissions for unusual purposes; 10% may use permissions in this way | ||||
| Meyer et al23 | Evaluated app store page and/or downloaded app manually | Social media links: 14% of apps | Evaluated app store page and/or downloaded app manually | Permission requests: 100% of apps Requests for notifications (100%), files/photo storage (53%), phone (13%), microphone (8%), camera (7%); and location (4%). | ||||
| Musgrave et al50 | Evaluated app store page and/or downloaded app manually | Login and/or password presence: 90% of apps required logins; 70% required passwords | ||||||
| Reyes et al18 | Automated analysis of whether data transmissions are protected | Data encryption: 40% of apps do not use TLS* | ||||||
| Robinson et al53 | Evaluated app store page and/or downloaded app manually | Social media links: 63% of apps | Evaluated app store page and/or downloaded app manually | Login and/or password presence: 0% of apps | ||||
| Sardi et al21 | Evaluated app store page and/or downloaded app manually | Privacy policy presence: 63% of apps Privacy policy content: 27% of privacy policies complied with international and federal laws including COPPA†, GDPR‡ and HIPAA§. | Evaluated app store page and/or downloaded app manually | Social media links: 31% of apps | Evaluated app store page and/or downloaded app manually | Login and/or password presence: 29% of apps Cloud storage backup option: 8% of apps | ||
| Schoeppe et al54 | Evaluated app store page and/or downloaded app manually | Social media links: 60% of apps | Evaluated app store page and/or downloaded app manually | Login and/or password presence: 20% of apps | ||||
| Schoffman et al55 | Evaluated app store page and/or downloaded app manually | Social media links: 16% of apps | ||||||
| Virani et al58 | Evaluated app store page and/or downloaded app manually | Privacy policy presence: 100% of apps | Evaluated app store page and/or downloaded app manually | Login and/or password presence: 33%–100% of apps | ||||
| Weber et al59 | Evaluated app store page and/or downloaded app manually | Social media links: Less than or equal to 35% of apps | Evaluated app store page and/or downloaded app manually | Login and/or password presence: 70% of apps | ||||
| Zarnowiecki et al63 | Evaluated app store page and/or downloaded app manually | Social media links: 25% of apps | Evaluated app store page and/or downloaded app manually | Login and/or password presence: 0% of apps | ||||
*Transport Layer Security.
†Children’s Online Privacy Protection Act.
‡General Data Protection Regulation.
§Health Insurance Portability and Accountability Act.