PrivacyStreams Helps Developers Create Privacy-Friendly Apps
Researchers at Carnegie Mellon and Peking universities have created a service called PrivacyStreams that enables app developers to access smartphone data they need for app functionality, while assuring users that private information is not being sold to an online marketer or otherwise revealed.
A sleep monitor app, for instance, might need to access the smartphone's microphone, but only to register loudness, not to monitor conversations. An app developer could simply sample the microphone feed every minute or so, use software in the PrivacyStreams library to transform the raw data to loudness and then send just the loudness data back to the smartphone for use by the app.
"We're creating a new way of doing programming that makes it easier for the developer and also enhances privacy," said Jason Hong, associate professor of computer science in Carnegie Mellon University's 's Human-Computer Interaction Institute. "And while PrivacyStreams is geared to mobile apps, I think we can apply the same idea to the internet of things, or to accessing historical data."
The researchers presented their findings at Ubicomp 2017, the ACM International Joint Conference on Pervasive and Ubiquitous Computing earlier this month in Maui, Hawaii.
"We're assuming that most app developers aren't malicious and they don't want to violate anyone's privacy; safeguarding privacy just isn't always the thing that's uppermost in their minds," said Yuvraj Agarwal, assistant professor of computer science in CMU's Institute for Software Research. "So if the developer wants to do the right thing, how do we help them? By saving them time."
The PrivacyStreams library includes a number of programs that can transform personal data into a desired output. A weather app, for instance, might need to access a smartphone's location, but the output would only need to identify a city, a neighborhood or other locality for a forecast.
"Instead of developers having to figure out all of this code themselves, we just give it to them," Hong said.
Developers also have the opportunity to describe what the data is being used for, which can help users decide whether to install the app, or provide permission to access certain data, said Yao Guo, associate professor of computer science at Peking University. Because PrivacyStreams is set up as a pipeline - raw data streams to the service, then is transformed and transmitted back to the app that requested it — the process can be audited to ensure the data is used as described, he added.
If the library proves popular with developers, the researchers say it may someday be possible for PrivacyStreams to certify that apps using the service are using sensitive information responsibly, providing additional guidance to users considering downloading an app.
In addition to Hong, Agarwal and Guo, the research team included Professor Gang Huang and Ph.D. student Yuanchun Li of Peking University; Fanglin Chen and Toby Jia-Jun Li, Ph.D. students in the Human-Computer Interaction Institute; and Matthew Fredrikson, assistant professor of computer science in the CMU Computer Science Department.
The National Key Research and Development Program, the National Natural Science Foundation of China, the National Science Foundation, the China Scholarship Council and Google supported this research.