{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,6]],"date-time":"2026-01-06T13:49:41Z","timestamp":1767707381527,"version":"3.41.0"},"publisher-location":"Cham","reference-count":46,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319929248"},{"type":"electronic","value":"9783319929255"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-92925-5_20","type":"book-chapter","created":{"date-parts":[[2018,6,8]],"date-time":"2018-06-08T13:48:35Z","timestamp":1528465715000},"page":"301-313","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":11,"title":["A Comparative Study of Android and iOS Mobile Applications\u2019 Data Handling Practices Versus Compliance to Privacy Policy"],"prefix":"10.1007","author":[{"given":"Sophia","family":"Kununka","sequence":"first","affiliation":[]},{"given":"Nikolay","family":"Mehandjiev","sequence":"additional","affiliation":[]},{"given":"Pedro","family":"Sampaio","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,6,9]]},"reference":[{"key":"20_CR1","doi-asserted-by":"crossref","unstructured":"Sarma, B., Li, N., Gates, C., Potharaju, R., Nita-Rotaru, C., Molloy, I.: Android permissions: a perspective combining risks and benefits. In: 17th ACM Symposium on Access Control Models and Technologies, pp. 13\u201322 (2012)","DOI":"10.1145\/2295136.2295141"},{"key":"20_CR2","unstructured":"Thurm, S., Kane, Y.: Your Apps Are Watching You. Wall Street Journal. http:\/\/online.wsj.com\/news\/articles\/SB10001424052748704694004576020083703574602?mg=reno64-wsj&url=http%3A%2F%2Fonline.wsj.com%2Farticle%2FSB10001424052748704694004576020083703574602.html. Accessed 2010"},{"key":"20_CR3","doi-asserted-by":"publisher","first-page":"1198","DOI":"10.1016\/j.scico.2011.07.009","volume":"77","author":"N Papanikolaou","year":"2012","unstructured":"Papanikolaou, N., Creese, S., Goldsmith, M.: Refinement checking for privacy policies. Sci. Comput. Program. 77, 1198\u20131209 (2012)","journal-title":"Sci. Comput. Program."},{"key":"20_CR4","unstructured":"European Union Directive: EUR-Lex. Access to European Union Law. http:\/\/eur-lex.europa.eu\/search.html?qid=1516438784094&text=GDPR&scope=EURLEX&type=quick&lang=en. Accessed 2017"},{"key":"20_CR5","volume-title":"Privacy and Freedom","author":"A Westin","year":"1967","unstructured":"Westin, A.: Privacy and Freedom. Atheneum Publishers, New York (1967)"},{"key":"20_CR6","doi-asserted-by":"crossref","unstructured":"Anton, A.I., Reese, A.: Analyzing web site privacy requirements using a privacy goal taxonomy. In: IEEE Joint Requirements Engineering Conference, vol. 9, pp. 23\u201331, Essen (2001)","DOI":"10.1109\/ICRE.2002.1048502"},{"issue":"1\u20132","key":"20_CR7","doi-asserted-by":"publisher","first-page":"203","DOI":"10.1016\/j.ijhcs.2005.04.019","volume":"63","author":"C Jensen","year":"2005","unstructured":"Jensen, C., Potts, C., Jensen, C.: Privacy practices of internet users: self-report versus observed behavior. Int. J. Hum Comput Stud. 63(1\u20132), 203\u2013227 (2005)","journal-title":"Int. J. Hum Comput Stud."},{"key":"20_CR8","doi-asserted-by":"publisher","first-page":"401","DOI":"10.1007\/s00779-008-0214-3","volume":"13","author":"N Sadeh","year":"2009","unstructured":"Sadeh, N., Hong, J., Cranor, L., Fette, I., Kelley, P., Prabaker, M., Rao, J.: Understanding and capturing people\u2019s privacy policies in a mobile social networking application. Pers. Ubiquit. Comput. 13, 401\u2013412 (2009)","journal-title":"Pers. Ubiquit. Comput."},{"key":"20_CR9","unstructured":"Cellan-Jones, R.: BBC. http:\/\/www.bbc.co.uk\/news\/technology-30234789. Accessed 2014"},{"issue":"2","key":"20_CR10","first-page":"281","volume":"10","author":"R Liu","year":"2015","unstructured":"Liu, R., Cao, J., Yang, L.: Smartphone privacy in mobile computing: Issues, methods and systems. Inf. Media Technol. 10(2), 281\u2013293 (2015)","journal-title":"Inf. Media Technol."},{"key":"20_CR11","doi-asserted-by":"crossref","unstructured":"Wei, X., Gomez, L., Neamtiu, I., Faloutsos, M.: Permission evolution in the Android ecosystem. In: ACSAC 2012 Proceedings of the 28th Annual Computer Security Applications Conference, Florida, pp. 31\u201340 (2012)","DOI":"10.1145\/2420950.2420956"},{"key":"20_CR12","doi-asserted-by":"crossref","unstructured":"Grace, M., Zhou, W., Jiang, X., Sadeghi, A.: Unsafe exposure analysis of mobile in-app advertisements. ACM, Arizona (2012)","DOI":"10.1145\/2185448.2185464"},{"key":"20_CR13","unstructured":"Book, T., Pridgen, A., Wallach, D.: Longitudinal Analysis of Android Ad Library (2013)"},{"key":"20_CR14","unstructured":"Ashnis: noeticforce. http:\/\/noeticforce.com\/app-permissions-android-vs-ios. Accessed 2016"},{"key":"20_CR15","unstructured":"Hoffman, C.: How -To Geek. https:\/\/www.howtogeek.com\/177711\/ios-has-app-permissions-too-and-theyre-arguably-better-than-androids\/. Accessed 2013"},{"key":"20_CR16","doi-asserted-by":"crossref","unstructured":"Benenson, Z., Gassmann, F., Reinfelder, L.: Android and iOS users\u2019 differences concerning security and privacy. In: Human Factors in Computing Systems, pp. 817\u2013822 (2013)","DOI":"10.1145\/2468356.2468502"},{"key":"20_CR17","doi-asserted-by":"crossref","unstructured":"Felt, A.P., Finifter, M., Chin, E., Hanna, S., Wagner, D.: A survey of mobile malware in the wild. In: SPSM (2011)","DOI":"10.1145\/2046614.2046618"},{"key":"20_CR18","volume-title":"iPhone Privacy","author":"N Seriot","year":"2010","unstructured":"Seriot, N.: iPhone Privacy. Black Hat, USA (2010)"},{"key":"20_CR19","unstructured":"Bonnington, C.: First Instance of iOS App Store Malware Detected. http:\/\/www.wired.com. Accessed 2012"},{"key":"20_CR20","unstructured":"Egele, M., Kruegel, C., Kirda, E., Vigna, G.: PiOS: detecting privacy leaks in iOS applications. In: NDSS, pp. 177\u2013183 (2011)"},{"issue":"1","key":"20_CR21","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1108\/19355181200200001","volume":"17","author":"C Liu","year":"2002","unstructured":"Liu, C., Arnett, K.P.: An examination of privacy policies in Fortune 500 web sites. Am. J. Bus. 17(1), 13\u201322 (2002)","journal-title":"Am. J. Bus."},{"key":"20_CR22","unstructured":"Wetherall, D., Choffnes, D., Greenstein, B., Han, S., Hornyack, P., Jung, J., Schechter, S., Wang, X.: Privacy revelations for web and mobile apps. In: HotOS, vol. XIII (2011)"},{"key":"20_CR23","unstructured":"Van-Alsenoy, B., Verdoodt, V., Heyman, R., Wauters, E., Ausloos, J., Acar, G.: https:\/\/www.law.kuleuven.be\/citip\/en\/news\/item\/facebooks-revised-policies-and-terms-v1-2.pdf. Accessed 2015"},{"key":"20_CR24","unstructured":"Zang, J., Dummit, K., Graves, J., Lisker, P., Sweeney, L.: Who knows what about me? A survey of behind the scenes personal data sharing to third parties by mobile apps. In: Technology Science (2015)"},{"issue":"e1","key":"20_CR25","doi-asserted-by":"crossref","first-page":"e28","DOI":"10.1136\/amiajnl-2013-002605","volume":"22","author":"A Sunyaev","year":"2015","unstructured":"Sunyaev, A., Dehling, T., Taylor, P., Mandl, K.: Availability and quality of mobile health app privacy policies. J. Am. Med. Inf. Assoc. 22(e1), e28\u2013e33 (2015)","journal-title":"J. Am. Med. Inf. Assoc."},{"issue":"3","key":"20_CR26","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1007\/s00766-003-0183-z","volume":"9","author":"AI Ant\u00f3n","year":"2004","unstructured":"Ant\u00f3n, A.I., Earp, J.B.: A requirements taxonomy for reducing Web site privacy vulnerabilities. Requirements Eng. 9(3), 169\u2013185 (2004)","journal-title":"Requirements Eng."},{"key":"20_CR27","doi-asserted-by":"crossref","unstructured":"Rosen, S., Qian, Z., Mao, Z.M.: Approfiler: a flexible method of exposing privacy-related behavior in android applications to end users. In: 32 Annual ACM Conference on Human factors in Computing Systems, pp. 2347\u20132356 (2014)","DOI":"10.1145\/2435349.2435380"},{"key":"20_CR28","unstructured":"QSR: What is NVivo?. http:\/\/www.qsrinternational.com\/what-is-nvivo. Accessed 2017"},{"key":"20_CR29","doi-asserted-by":"publisher","first-page":"597","DOI":"10.1177\/0038038597031003015","volume":"31","author":"D Armstrong","year":"1997","unstructured":"Armstrong, D., Gosling, A., Weinman, J., Marteau, T.: The place of inter-rater reliability in qualitative research: an empirical study. Sociology 31, 597\u2013606 (1997)","journal-title":"Sociology"},{"key":"20_CR30","doi-asserted-by":"crossref","unstructured":"Krishnamurthy, B., Wills, C.E.: On the leakage of personally identifiable information via online social networks. In: 2nd ACM Workshop on Online Social Networks, pp. 7\u201312 (2009)","DOI":"10.1145\/1592665.1592668"},{"key":"20_CR31","first-page":"1814","volume":"86","author":"P Schwartz","year":"2011","unstructured":"Schwartz, P., Solove, D.: PII problem: privacy and a new concept of personally identifiable information. NYUL Rev 86, 1814 (2011)","journal-title":"NYUL Rev"},{"key":"20_CR32","unstructured":"Harris, K.: Privacy on the go, FTC (2013)"},{"key":"20_CR33","unstructured":"CalOPPA: California Online Privacy Protection Act (CalOPPA). http:\/\/consumercal.org. http:\/\/consumercal.org\/about-cfc\/cfc-education-foundation-2014\/what-should-i-know-about-privacy-policies\/california-online-privacy-protection-act-caloppa\/. Accessed 2015"},{"key":"20_CR34","unstructured":"TermsFeed: Privacy Policies are Mandatory by Law. https:\/\/termsfeed.com\/blog\/privacy-policy-mandatory-law\/. Accessed 2017"},{"key":"20_CR35","unstructured":"European Union Directive.: EUR-Lex. Access to European Union Law. http:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/?uri=CELEX:31995L0046. Accessed 2017"},{"issue":"6221","key":"20_CR36","doi-asserted-by":"publisher","first-page":"536","DOI":"10.1126\/science.1256297","volume":"347","author":"Y Montjoye","year":"2015","unstructured":"Montjoye, Y., Radaelli, L., Singh, V.K.: Unique in the shopping mall on the reidentifiability of credit card metadata. Science 347(6221), 536\u2013539 (2015)","journal-title":"Science"},{"key":"20_CR37","unstructured":"Malin, B.: Betrayed by my shadow: learning data identify via trail matching. J. Priv. Technol. (2005)"},{"key":"20_CR38","first-page":"1219","volume":"86","author":"EJ Janger","year":"2002","unstructured":"Janger, E.J., Schwartz, P.M.: The Gramm-Leach-Bliley Act, Information privacy and the limits of default rules. Minnesota Law Rev. 86, 1219\u20131230 (2002)","journal-title":"Minnesota Law Rev."},{"issue":"5","key":"20_CR39","doi-asserted-by":"publisher","first-page":"521","DOI":"10.1016\/j.clsr.2014.07.008","volume":"30","author":"L Yue","year":"2014","unstructured":"Yue, L.: User control of personal information concerning mobile-app: Notice and consent? Comput. Law Secur. Rev. 30(5), 521\u2013529 (2014)","journal-title":"Comput. Law Secur. Rev."},{"key":"20_CR40","doi-asserted-by":"crossref","unstructured":"Earp, J.B., Vail, M., Anton, A.I.: Privacy policy representation in web-based healthcare. In: 40th Annual Hawaii International Conference, p. 138 (2007)","DOI":"10.1109\/HICSS.2007.445"},{"key":"20_CR41","doi-asserted-by":"crossref","unstructured":"Cranor, L., Kelley, P.G., Cesca, L., Bresee, J.: Standardizing privacy notices: an online study of the nutrition label approach. In: SIGCHI Conference, pp. 1573\u20131582 (2010)","DOI":"10.1145\/1753326.1753561"},{"key":"20_CR42","doi-asserted-by":"crossref","unstructured":"Kununka, S., Mehandjiev, N., Sampaio, P., Vassilopoulou, K.: End user comprehension of privacy policy. In: International Symposium on End User Development, pp. 135\u2013149, Eindhoven (2017)","DOI":"10.1007\/978-3-319-58735-6_10"},{"key":"20_CR43","doi-asserted-by":"crossref","unstructured":"Wei, T.E., Jeng, A.B., Lee, H.M., Chen, C.H., Tien, C.W.: Android privacy. In: Machine Learning and Cybernetics (ICMLC), pp. 1830\u20131837 (2012)","DOI":"10.1109\/ICMLC.2012.6359654"},{"key":"20_CR44","unstructured":"Van-Alsenoy, B.: Accessed 2015"},{"key":"20_CR45","unstructured":"Schwartz, P.M., Solove, D.: Notice and choice. In: The Second NPLAN\/BMSG Meeting on Digital Media and Marketing to Children (2009)"},{"issue":"1","key":"20_CR46","first-page":"22","volume":"22","author":"A Sunyaev","year":"2014","unstructured":"Sunyaev, A., Dehling, T., Taylor, P., Mandl, K.: Availability and quality of mobile health app privacy policies. J. Am. Med. Inf. Assoc. 22(1), 22\u201333 (2014)","journal-title":"J. Am. Med. Inf. Assoc."}],"container-title":["IFIP Advances in Information and Communication Technology","Privacy and Identity Management. The Smart Revolution"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-92925-5_20","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,5]],"date-time":"2025-07-05T01:35:16Z","timestamp":1751679316000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-92925-5_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319929248","9783319929255"],"references-count":46,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-92925-5_20","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"type":"print","value":"1868-4238"},{"type":"electronic","value":"1868-422X"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"9 June 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"Privacy and Identity","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Summer School on Privacy and Identity Management","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Ispra","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Italy","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2017","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 September 2017","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 September 2017","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"privacy-identity2017","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.ifip-summerschool.org\/ifip-summerschool2017\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}