What’s the deal with privacy apps? A comprehensive exploration of user perception and usability Hala Assal School of Computer Science Carleton University HalaAssal@scs.carleton.ca Stephanie Hurtado School of Computer Science Carleton University Stephanie.Hurtado@carleton.ca Ahsan Imran School of Computer Science Carleton University Ahsan.Imran@carleton.ca Sonia Chiasson School of Computer Science Carleton University Chiasson@scs.carleton.ca ABSTRACT We explore mobile privacy through a survey and through us- ability evaluation of three privacy-preserving mobile appli- cations. Our survey explores users’ knowledge of privacy risks, as well as their attitudes and motivations to protect their privacy on mobile devices. We found that users have incomplete mental models of privacy risks associated with such devices. And, although participants believe they are primarily responsible for protecting their own privacy, there is a clear gap between their perceived privacy risks and the defenses they employ. For example, only 6% of participants use privacy-preserving applications on their mobile devices, but 83% are concerned about privacy. Our usability studies show that mobile privacy-preserving tools fail to fulfill funda- mental usability goals such as learnability and intuitiveness— potential reasons for their low adoption rates. Through a better understanding of users’ perception and attitude towards pri- vacy risks, we aim to inform the design of privacy-preserving mobile applications. We look at these tools through users’ eyes, and provide recommendations to improve their usability and increase user-acceptance. CCS Concepts •Security and privacy → Usability in security and privacy; •Human-centered computing → HCI design and evaluation methods; INTRODUCTION Mobile privacy is becoming an increasing concern in today’s society as more people are using their mobile devices to per- form daily online activities and access sensitive accounts. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from permissions@acm.org. MUM ’15, November 30-December 02, 2015, Linz, Austria © 2015 ACM. ISBN 978-1-4503-3605-5/15/11. . . $15.00 DOI: http://dx.doi.org/10.1145/2836041.2836044 Statistics show that the number of global mobile users sur- passed the number of desktop users in 2014, with an increas- ing number of people switching to mobile devices for their daily online activities [15]. In this paper, we present a comprehensive look at the topic of mobile privacy. We particularly focus on three privacy as- pects: private/secure messaging, privacy-aware photosharing, and anonymity. First, we seek to assess users’ knowledge of mobile privacy and determine whether users rely on privacy- preserving applications (apps henceforth) to protect their pri- vacy. Second, for users who do not, we discern whether they are consciously rejecting the use of such apps. Third, we evaluate the usability of one representative app in each of the aforementioned privacy aspects. We conducted an online survey with 285 participants to in- vestigate users’ knowledge of privacy risks associated with the use of mobile devices, their privacy concerns, steps they take to protect their privacy, and their preferences and attitudes towards privacy-preserving apps. The survey uncovered some interesting results. For example, only 10% of the participants have taken measures to protect their anonymity. Additionally, the majority of participants regarded usability aspects to be a major requirement for privacy-preserving apps. In addition, we evaluated the usability of three representative privacy preserving tools: ChatSecure [1], ObscuraCam [5], and Tor [8] for mobile (particularly Orbot [6], and Proxy- Mob [3]). All these tools were graded A (excellent privacy sensitivity) on the Privacy Grade website [17], based on their privacy-related behaviours. ChatSecure is an Off-the-Record Messaging application allowing two users to have an encrypted conversation; preventing eavesdropping by third parties. This app scored all seven stars on the Electronic Frontier Founda- tion (EFF) Secure Messaging Scorecard [7], which evaluates the security of messaging technologies. ObscuraCam is a se- cure camera app that keeps metadata associated with pictures and videos private, by removing identifying data, such as the user’s location, mobile, and camera information. We chose this app because it allows obscuring photos, as well as remov- ing private information from them. Tor is an Onion Routing