Advancing Android Privacy Assessments with Automation

TL;DR

This paper introduces the Assessor View, an automated tool designed to improve privacy assessments of Android apps by enhancing understanding and communication among stakeholders, aligning with evolving legal and security standards.

Contribution

The paper presents the Assessor View, a novel automated tool that bridges knowledge gaps and streamlines privacy assessments for Android applications.

Findings

Facilitates better stakeholder communication

Enhances understanding of data protection in Android apps

Supports compliance with GDPR and future regulations

Abstract

Android apps collecting data from users must comply with legal frameworks to ensure data protection. This requirement has become even more important since the implementation of the General Data Protection Regulation (GDPR) by the European Union in 2018. Moreover, with the proposed Cyber Resilience Act on the horizon, stakeholders will soon need to assess software against even more stringent security and privacy standards. Effective privacy assessments require collaboration among groups with diverse expertise to function effectively as a cohesive unit. This paper motivates the need for an automated approach that enhances understanding of data protection in Android apps and improves communication between the various parties involved in privacy assessments. We propose the Assessor View, a tool designed to bridge the knowledge gap between these parties, facilitating more effective privacy assessments of Android applications.