{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,14]],"date-time":"2026-04-14T00:43:29Z","timestamp":1776127409750,"version":"3.50.1"},"reference-count":48,"publisher":"Association for Computing Machinery (ACM)","issue":"1","license":[{"start":{"date-parts":[[2024,3,6]],"date-time":"2024-03-06T00:00:00Z","timestamp":1709683200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-sa\/4.0\/"}],"funder":[{"name":"NSF","award":["1801472"],"award-info":[{"award-number":["1801472"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["Proc. ACM Interact. Mob. Wearable Ubiquitous Technol."],"published-print":{"date-parts":[[2024,3,6]]},"abstract":"<jats:p>Apple and Google introduced their versions of privacy nutrition labels to the mobile app stores to better inform users of the apps' data practices. However, these labels are self-reported by developers and have been found to contain many inaccuracies due to misunderstandings of the label taxonomy. In this work, we present Matcha, an IDE plugin that uses automated code analysis to help developers create accurate Google Play data safety labels. Developers can benefit from Matcha's ability to detect user data accesses and transmissions while staying in control of the generated label by adding custom Java annotations and modifying an auto-generated XML specification. Our evaluation with 12 developers showed that Matcha helped our participants improved the accuracy of a label they created with Google's official tool for a real-world app they developed. We found that participants preferred Matcha for its accuracy benefits. Drawing on Matcha, we discuss general design recommendations for developer tools used to create accurate standardized privacy notices.<\/jats:p>","DOI":"10.1145\/3643544","type":"journal-article","created":{"date-parts":[[2024,3,6]],"date-time":"2024-03-06T13:12:36Z","timestamp":1709730756000},"page":"1-38","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":15,"title":["Matcha"],"prefix":"10.1145","volume":"8","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-0877-5727","authenticated-orcid":false,"given":"Tianshi","family":"Li","sequence":"first","affiliation":[{"name":"Northeastern University, Pittsburgh, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2125-0124","authenticated-orcid":false,"given":"Lorrie Faith","family":"Cranor","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9304-6080","authenticated-orcid":false,"given":"Yuvraj","family":"Agarwal","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9856-9654","authenticated-orcid":false,"given":"Jason I.","family":"Hong","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,3,6]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/3290605.3300233"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/2666356.2594299"},{"key":"e_1_2_1_3_1","volume-title":"Xiaoyuan Wu, Chris Kanich, and Adam J Aviv. Longitudinal analysis of privacy labels in the apple app store. arXiv preprint arXiv:2206.02658","author":"Balash David G","year":"2022","unstructured":"David G Balash, Mir Masood Ali, Xiaoyuan Wu, Chris Kanich, and Adam J Aviv. Longitudinal analysis of privacy labels in the apple app store. arXiv preprint arXiv:2206.02658, 2022."},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/msp.2014.70"},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.14722\/usec.2014.23006"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.14722\/usec.2014.23039"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/3377811.3380330"},{"key":"e_1_2_1_8_1","volume-title":"Jared Kaplan, Harri Edwards, Yuri Burda, Nicholas Joseph, Greg Brockman, et al. Evaluating large language models trained on code. arXiv preprint arXiv:2107.03374","author":"Chen Mark","year":"2021","unstructured":"Mark Chen, Jerry Tworek, Heewoo Jun, Qiming Yuan, Henrique Ponde de Oliveira Pinto, Jared Kaplan, Harri Edwards, Yuri Burda, Nicholas Joseph, Greg Brockman, et al. Evaluating large language models trained on code. arXiv preprint arXiv:2107.03374, 2021."},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/3132029"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.46743\/2160-3715\/2009.2856"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/3313831.3376442"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00043"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/2619091"},{"key":"e_1_2_1_14_1","unstructured":"Geoffrey A. Fowler. iphone app privacy labels are a great idea except when apple lets them deceive - the washington post. https:\/\/web.archive.org\/web\/20220630055538\/https:\/\/www.washingtonpost.com\/technology\/2021\/01\/29\/apple-privacy-nutrition-label\/ 1 2021. (Accessed on 08\/27\/2022)."},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSPW55150.2022.00028"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23089"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3472749.3474819"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1177\/1049732316665344"},{"key":"e_1_2_1_19_1","first-page":"977","volume-title":"24th USENIX Security Symposium (USENIX Security 15)","author":"Huang Jianjun","year":"2015","unstructured":"Jianjun Huang, Zhichun Li, Xusheng Xiao, Zhenyu Wu, Kangjie Lu, Xiangyu Zhang, and Guofei Jiang. {SUPOR}: Precise and scalable sensitive user input detection for android apps. In 24th USENIX Security Symposium (USENIX Security 15), pages 977--992, 2015."},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/3287051"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1572532.1572538"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1753326.1753561"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2470654.2466466"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3531146.3533116"},{"key":"e_1_2_1_25_1","unstructured":"Li Li Alexandre Bartel Jacques Klein Yves Le Traon Steven Arzt Siegfried Rasthofer Eric Bodden Damien Octeau and Patrick Mcdaniel. I know what leaked in your pocket: uncovering privacy leaks on android apps with static taint analysis. arXiv preprint arXiv:1404.7431 2014."},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3287056"},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3432919"},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/3478097"},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3491102.3502012"},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3491101.3519739"},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/3526113.3545661"},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3485532"},{"key":"e_1_2_1_33_1","first-page":"543","article-title":"The cost of reading privacy policies","volume":"4","author":"McDonald Aleecia M","year":"2008","unstructured":"Aleecia M McDonald and Lorrie Faith Cranor. The cost of reading privacy policies. I\/S: A Journal of Law and Policy for the Information Society, 4:543, 2008.","journal-title":"I\/S: A Journal of Law and Policy for the Information Society"},{"key":"e_1_2_1_34_1","first-page":"225","volume-title":"Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019","author":"Mhaidli Abraham H","year":"2019","unstructured":"Abraham H Mhaidli, Yixin Zou, and Florian Schaub. \"we can't live without {Them!}\" app developers' adoption of ad networks and their considerations of consumer risks. In Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019), pages 225--244, 2019."},{"key":"e_1_2_1_35_1","first-page":"993","volume-title":"24th USENIX Security Symposium (USENIX Security 15)","author":"Nan Yuhong","year":"2015","unstructured":"Yuhong Nan, Min Yang, Zhemin Yang, Shunfan Zhou, Guofei Gu, and XiaoFeng Wang. {UIPicker}: {User-Input} privacy identification in mobile applications. In 24th USENIX Security Symposium (USENIX Security 15), pages 993--1008, 2015."},{"key":"e_1_2_1_36_1","volume-title":"The design of everyday things: Revised and expanded edition. Basic books","author":"Norman Don","year":"2013","unstructured":"Don Norman. The design of everyday things: Revised and expanded edition. Basic books, 2013."},{"key":"e_1_2_1_37_1","first-page":"543","volume-title":"Proceedings of the 22nd USENIX security symposium","author":"Octeau Damien","year":"2013","unstructured":"Damien Octeau, Patrick McDaniel, Somesh Jha, Alexandre Bartel, Eric Bodden, Jacques Klein, and Yves Le Traon. Effective inter-component communication mapping in android with epicc: An essential step towards holistic security analysis. In Proceedings of the 22nd USENIX security symposium, pages 543--558, 2013."},{"key":"e_1_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1017\/9781316831960.021"},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.56553\/popets-2022-0061"},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3491102.3502123"},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/3489465"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/2750858.2805833"},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1080\/01621459.1927.10502953"},{"key":"e_1_2_1_44_1","volume-title":"Lalaine: Measuring and characterizing non-compliance of apple privacy labels at scale. arXiv preprint arXiv:2206.06274","author":"Xiao Yue","year":"2022","unstructured":"Yue Xiao, Zhengyi Li, Yue Qin, Jiale Guan, Xiaolong Bai, Xiaojing Liao, and Luyi Xing. Lalaine: Measuring and characterizing non-compliance of apple privacy labels at scale. arXiv preprint arXiv:2206.06274, 2022."},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.56553\/popets-2022-0106"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3379337.3415900"},{"key":"e_1_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/3491102.3517615"},{"key":"e_1_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2021.24100"}],"container-title":["Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3643544","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3643544","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T13:02:01Z","timestamp":1755867721000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3643544"}},"subtitle":["An IDE Plugin for Creating Accurate Privacy Nutrition Labels"],"short-title":[],"issued":{"date-parts":[[2024,3,6]]},"references-count":48,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2024,3,6]]}},"alternative-id":["10.1145\/3643544"],"URL":"https:\/\/doi.org\/10.1145\/3643544","relation":{},"ISSN":["2474-9567"],"issn-type":[{"value":"2474-9567","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,3,6]]},"assertion":[{"value":"2024-03-06","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}