Systematic Evaluation and User Study of Privacy of Default Apps in Apple's Mobile Ecosystem

TL;DR

This study systematically evaluated the privacy settings of default apps in Apple's ecosystem, revealing documentation issues, user misunderstandings, and privacy risks, with insights from user interviews.

Contribution

It provides a comprehensive analysis of default app privacy configurations and user perceptions, highlighting gaps in documentation and user understanding.

Findings

Default apps often have vague privacy instructions.

Users cannot easily disable default apps from accessing data.

Default apps can cause privacy tensions in families.

Abstract

Users need to configure default apps when they first start using their devices. The privacy configurations of the default apps do not always match what users think they have initially enabled. We first systematically evaluated the privacy configurations of default apps. We discovered serious issues with the documentation of the default apps. Based on these findings, we explored users' experiences with an interview study (N=15). Our findings from both studies show that: the instructions of setting privacy configurations of default apps are vague and lack required steps; users were unable to disable default apps from accessing their personal information; users assumed they were being tracked by some default apps; default apps may cause tensions in family relationships because of information sharing. Our results illuminate on the privacy and security implications of configuring the privacy of default apps and how users perceive and understand the mobile ecosystem.