{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,29]],"date-time":"2026-01-29T22:22:42Z","timestamp":1769725362593,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":22,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,11,19]],"date-time":"2023-11-19T00:00:00Z","timestamp":1700352000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Shenyang Science and Technology Plan","award":["22322335"],"award-info":[{"award-number":["22322335"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,11,19]]},"DOI":"10.1145\/3689941.3695777","type":"proceedings-article","created":{"date-parts":[[2024,11,19]],"date-time":"2024-11-19T23:23:06Z","timestamp":1732058586000},"page":"11-17","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["Privacy Policy Compliance in Miniapps: An Analytical Study"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0003-8552-0696","authenticated-orcid":false,"given":"Yuyang","family":"Han","sequence":"first","affiliation":[{"name":"Beijing Eletronic Science and Technology Institute, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-9754-8077","authenticated-orcid":false,"given":"Zilong","family":"Xiao","sequence":"additional","affiliation":[{"name":"Beijing Eletronic Science and Technology Institute, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1789-8414","authenticated-orcid":false,"given":"Zhiqiang","family":"Wang","sequence":"additional","affiliation":[{"name":"Beijing Eletronic Science and Technology Institute, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8765-053X","authenticated-orcid":false,"given":"Jianyi","family":"Zhang","sequence":"additional","affiliation":[{"name":"Beijing Eletronic Science and Technology Institute, Beijing, China"}]}],"member":"320","published-online":{"date-parts":[[2024,11,19]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2002. ePrivacy Directive. https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/?uri=CELEX%3A32002L0058"},{"key":"e_1_3_2_1_2_1","unstructured":"2018. General Data Protection Regulation. https:\/\/gdpr-info.eu\/"},{"key":"e_1_3_2_1_3_1","unstructured":"2020. California Consumer Privacy Act. https:\/\/oag.ca.gov\/privacy\/ccpa"},{"key":"e_1_3_2_1_4_1","unstructured":"2023. California Privacy Rights Act(CPRA). https:\/\/www.caprivacy.org\/"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3607199.3607236"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/3605762.3624432"},{"key":"e_1_3_2_1_7_1","volume-title":"Minitracker: Large-scale sensitive information tracking in mini apps","author":"Li Wei","year":"2023","unstructured":"Wei Li, Borui Yang, Hangyu Ye, Liyao Xiang, Qingxiao Tao, Xinbing Wang, and Chenghu Zhou. 2023. Minitracker: Large-scale sensitive information tracking in mini apps. IEEE Transactions on Dependable and Secure Computing (2023)."},{"key":"e_1_3_2_1_8_1","volume-title":"WeMinT: Tainting Sensitive Data Leaks in WeChat Mini-Programs. In 2023 38th IEEE\/ACM International Conference on Automated Software Engineering (ASE). IEEE, 1403--1415","author":"Meng Shi","year":"2023","unstructured":"Shi Meng, Liu Wang, Shenao Wang, Kailong Wang, Xusheng Xiao, Guangdong Bai, and Haoyu Wang. 2023. WeMinT: Tainting Sensitive Data Leaks in WeChat Mini-Programs. In 2023 38th IEEE\/ACM International Conference on Automated Software Engineering (ASE). IEEE, 1403--1415."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE48619.2023.00086"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"crossref","unstructured":"Chao Wang Yue Zhang and Zhiqiang Lin. 2023. Uncovering and Exploiting Hidden APIs in Mobile Super Apps. arXiv:2306.08134 [cs.CR]","DOI":"10.1145\/3576915.3616676"},{"key":"e_1_3_2_1_11_1","volume-title":"Do as you say: Consistency detection of data practice in program code and privacy policy in mini-app. arXiv preprint arXiv:2302.13860","author":"Wang Yin","year":"2023","unstructured":"Yin Wang, Ming Fan, Junfeng Liu, Junjie Tao, Wuxia Jin, Qi Xiong, Yuhao Liu, Qinghua Zheng, and Ting Liu. 2023. Do as you say: Consistency detection of data practice in program code and privacy policy in mini-app. arXiv preprint arXiv:2302.13860 (2023)."},{"key":"e_1_3_2_1_12_1","unstructured":"XinHua. 2016. Data Security Law. https:\/\/www.gov.cn\/xinwen\/2016--11\/07\/content_5129723.htm"},{"key":"e_1_3_2_1_13_1","unstructured":"XinHua. 2021. Cybersecurity Law. https:\/\/www.gov.cn\/xinwen\/2021-06\/11\/content_5616919.htm"},{"key":"e_1_3_2_1_14_1","unstructured":"XinHua. 2021. The Personal Information Protection Law (PIPL). https:\/\/www.gov.cn\/xinwen\/2021-08\/20\/content_5632486.htm"},{"key":"e_1_3_2_1_15_1","volume-title":"Sok: Decoding the super app enigma: The security mechanisms, threats, and trade-offs in os-alike apps. arXiv preprint arXiv:2306.07495","author":"Yang Yuqing","year":"2023","unstructured":"Yuqing Yang, Chao Wang, Yue Zhang, and Zhiqiang Lin. 2023. Sok: Decoding the super app enigma: The security mechanisms, threats, and trade-offs in os-alike apps. arXiv preprint arXiv:2306.07495 (2023)."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3548606.3560597"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3605762.3624434"},{"key":"e_1_3_2_1_18_1","volume-title":"A small leak will sink many ships: Vulnerabilities related to mini-programs permissions. In 2023 IEEE 47th Annual Computers, Software, and Applications Conference (COMPSAC)","author":"Zhang Jianyi","unstructured":"Jianyi Zhang, Leixin Yang, Yuyang Han, Zixiao Xiang, and Xiali Hei. 2023. A small leak will sink many ships: Vulnerabilities related to mini-programs permissions. In 2023 IEEE 47th Annual Computers, Software, and Applications Conference (COMPSAC). IEEE, 595--606."},{"key":"e_1_3_2_1_19_1","volume-title":"Identity Confusion in WebView-based Mobile App-in-app Ecosystems. In 31st USENIX Security Symposium (USENIX Security 22)","author":"Zhang Lei","year":"2022","unstructured":"Lei Zhang, Zhibo Zhang, Ancong Liu, Yinzhi Cao, Xiaohan Zhang, Yanjun Chen, Yuan Zhang, Guangliang Yang, and Min Yang. 2022. Identity Confusion in WebView-based Mobile App-in-app Ecosystems. In 31st USENIX Security Symposium (USENIX Security 22). USENIX Association, Boston, MA, 1597--1613. https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/zhang-lei"},{"key":"e_1_3_2_1_20_1","volume-title":"Understanding Privacy Over-collection in WeChat Sub-app Ecosystem. arXiv preprint arXiv:2306.08391","author":"Zhang Xiaohan","year":"2023","unstructured":"Xiaohan Zhang, Yang Wang, Xin Zhang, Ziqi Huang, Lei Zhang, and Min Yang. 2023. Understanding Privacy Over-collection in WeChat Sub-app Ecosystem. arXiv preprint arXiv:2306.08391 (2023)."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3616591"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2024.3390553"}],"event":{"name":"CCS '24: ACM SIGSAC Conference on Computer and Communications Security","location":"Salt Lake City UT USA","acronym":"CCS '24","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the ACM Workshop on Secure and Trustworthy Superapps"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3689941.3695777","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3689941.3695777","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:17:31Z","timestamp":1750295851000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3689941.3695777"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,19]]},"references-count":22,"alternative-id":["10.1145\/3689941.3695777","10.1145\/3689941"],"URL":"https:\/\/doi.org\/10.1145\/3689941.3695777","relation":{},"subject":[],"published":{"date-parts":[[2023,11,19]]},"assertion":[{"value":"2024-11-19","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}