Privacy on the smartphone is possible, as is shown by the Privacy Friendly Apps (PFAs) for Android: Together with students, the SECUSO research group of Karlsruhe Institute of Technology (KIT) has developed more than 30 apps for Android phones. They request authorizations required for functioning only and do not contain any tracking mechanisms. For these PFAs, SECUSO has now been granted the first Digital Autonomy Award by the Digital Autonomy Hub that is funded by the Federal Ministry of Education and Research.
Every day, we all are feeding our smartphones with large data volumes: We are having conversations in the form of words, texts, and images, we are storing notes, photos, and videos. We are planning appointments and administrating contacts. Access to these partly highly sensitive data is subject to so-called authorizations. For example, any app accessing the camera needs the respective authorization. During installation or in other contexts, however, many apps request authorizations to access private smartphone data, although this is not required for their functioning. Some weather apps or QR code scanners, for instance, request access to the address book or to private photos. In addition, many apps contain so-called trackers that continuously collect data, analyze the user behavior, and create profiles of persons without them being aware of it. The data collected can be used for targeted advertising, but may also be stolen by hackers.
Students Are Largely Involved in the Development of Apps
The PFAs developed by KIT’s research group SECUSO (Security – Usability – Society) guarantee more privacy. The research group headed by Professor Melanie Volkamer is affiliated to KIT’s Institute of Applied Informatics and Formal Description Methods. Students were and are significantly involved in the development of PFAs suited for Android smartphones. “Through programming exercises or graduation theses, students come to know security and privacy aspects of Android app development,” Volkamer says. “Still, the challenge is to combine app development with academic education. Students without the relevant experience should also be able to take part.”
The PFAs only request the authorizations required for functioning, do not contain any tracking mechanisms, and, hence, do not collect any usage data. “The data collected are stored locally on the smartphone,” says Christopher Beckmann. The scientist is member of the SECUSO research group and responsible for the Privacy Friendly Apps Lab. “Clearly defined data will be transmitted to third providers only, if this is absolutely necessary for functioning.” The source code of every PFA is published on the GitHub platform.
Apps Range from the Pedometer to the Password Generator
Currently, more than 30 PFAs are offered in the areas of tools, fitness and health, games, and security, including a flashlight, to-do-list, pedometer, active break, sudoku, mental arithmetic trainer, password generator, and WiFi manager. For its PFAs, SECUSO has now received the Digital Autonomy Award that is granted for the first time in 2022 by the Digital Autonomy Hub. It coordinates an interdisciplinary network of 43 institutes and organization, is funded by the Federal Ministry of Education and Research under the program “Miteinander durch Innovation” (together through innovation), and implemented by the Gesellschaft für Informatik e.V. (Society for Informatics) and AlgorithmWatch.
It is SECUSO’s declared goal to continuously further develop the PFAs and to expand the group of users. For this reason, SECUSO looks for interested persons, who wish to help the Privacy Friendly Apps team by supporting one or several apps or by providing staff or funds.