Abstract
Mobile apps have transformed many aspects of clinical practice and are becoming a commonplace in healthcare settings. The recent COVID-19 pandemic has provided the opportunity for such apps to play an important role in reducing the spread of the virus. Several types of COVID-19 apps have enabled healthcare professionals and governments to communicate with the public regarding the pandemic spread, coronavirus awareness, and self-quarantine measures. While these apps provide immense benefits for the containment of the spread, privacy and security of these digital tracing apps are at the center of public debate. To address this gap, we conducted an online survey of a midwestern region in the United State to assess people’s attitudes toward such apps and to examine their privacy and security concerns and preferences. Survey results from 1,550 participants indicate that privacy/security protections and trust play a vital role in people’s adoption of such apps. Furthermore, results reflect users’ preferences wanting to have control over their personal information and transparency on how their data is handled. In addition, personal data protection priorities selected by the participants were surprising and yet revealing of the disconnect between technologists and users. In this article, we present our detailed survey results as well as design guidelines for app developers to develop innovative human-centered technologies that are not only functional but also respectful of social norms and protections of civil liberties. Our study examines users’ preferences for COVID-19 apps and integrates important factors of trust, willingness, and preferences in the context of app development. Through our research findings, we suggest mechanisms for designing inclusive apps’ privacy and security measures that can be put into practice for healthcare-related apps, so that timely adoption is made possible.
- Icek Ajzen. 2011. The theory of planned behaviour: Reactions and reflections. Psychol Health. 26, 9 (2011), 1113--27.Google Scholar
Cross Ref
- Faiz Anuar and Ulrike Gretzel. 2011. Privacy concerns in the context of location-based services for tourism. In Proceedings of the 18th Annual Conference of the International Federation for Information Technologies in Travel and Tourism (ENTER’11).Google Scholar
- Kakoli Bandyopadhyay and Katherine A. Fraccastoro. 2007. The effect of culture on user acceptance of information technology. Commun. Assoc. Info. Syst. 19, 1 (2007), 23.Google Scholar
- Gaurav Bansal, David Gefen, et al. 2010. The impact of personal dispositions on information sensitivity, privacy concern and trust in disclosing health information online. Decis. Supp. Syst. 49, 2 (2010), 138--150.Google Scholar
Digital Library
- Mahmoud Barhamgi, Charith Perera, Chirine Ghedira, and Djamal Benslimane. 2018. User-centric privacy engineering for the internet of things. IEEE Cloud Comput. 5, 5 (2018), 47--57.Google Scholar
Cross Ref
- Mahmoud Barhamgi, Mu Yang, Chia-Mu Yu, Yijun Yu, Arosha K. Bandara, Djamal Benslimane, and Bashar Nuseibeh. 2017. Enabling end-users to protect their privacy. In Proceedings of the ACM Asia Conference on Computer and Communications Security. 905--907.Google Scholar
Digital Library
- Erlend Bergen, Dag F. Solberg, Torjus H. Sæthre, and Monica Divitini. 2018. Supporting the co-design of games for privacy awareness. In Proceeding sof the International Conference on Interactive Collaborative Learning. Springer, 888--899.Google Scholar
- David M. Blei. 2012. Probabilistic topic models. Commun. ACM 55, 4 (2012), 77--84.Google Scholar
Digital Library
- Kaitlin R. Boeckl and Naomi B. Lefkovitz. 2020. NIST privacy framework: A tool for improving privacy through enterprise risk management, version 1.0. NIST Publication.Google Scholar
- Samuel Brack, Leonie Reichert, and Björn Scheuermann. 2020. Decentralized contact tracing using a DHT and blind signatures. IACR Cryptol. ePrint Arch. 2020 (2020), 398.Google Scholar
- Diego Buenaño-Fernandez, Mario González, David Gil, and Sergio Luján-Mora. 2020. Text mining of open-ended questions in self-assessment of university teachers: An LDA topic modeling approach. IEEE Access 8 (2020), 35318--35330.Google Scholar
Cross Ref
- Ann Cavoukian et al. 2009. Privacy by design: The 7 foundational principles. Info. Privacy Commiss. Ont. Can. 5 (2009). https://www.ipc.on.ca/wp-content/uploads/Resources/7foundationalprinciples.pdf.Google Scholar
- Ann Cavoukian, Angus Fisher, Scott Killen, and David A. Hoffman. 2010. Remote home healthcare technologies: How to ensure privacy? Build it in: Privacy by design. Ident. Info. Soc. 3, 2 (2010), 363--378.Google Scholar
- Justin Chan, Shyam Gollakota, Eric Horvitz, Joseph Jaeger, Sham Kakade, Tadayoshi Kohno, John Langford, Jonathan Larson, Sudheesh Singanamalla, Jacob Sunshine, et al. 2020. Pact: Privacy sensitive protocols and mechanisms for mobile contact tracing. Retrieved from https://arXiv:2004.03544.Google Scholar
- Hyunghoon Cho, Daphne Ippolito, and Yun William Yu. 2020. Contact tracing mobile apps for COVID-19: Privacy considerations and related trade-offs. Retrieved from https://arXiv:2003.11511.Google Scholar
- Kevin Anthony Hoff and Masooda Bashir. 2015. Trust in automation: Integrating empirical evidence on factors that influence trust. Hum. Fact. 57, 3 (2015), 407--434.Google Scholar
Cross Ref
- Marcello Ienca and Effy Vayena. 2020. On the responsible use of digital data to tackle the COVID-19 pandemic. Nature Med. 26, 4 (2020), 463--464.Google Scholar
Cross Ref
- Nirmal Kandel, Stella Chungong, Abbas Omaar, and Jun Xing. 2020. Health security capacities in the context of COVID-19 outbreak: An analysis of International Health Regulations annual report data from 182 countries. Lancet 395, 10229 (2020), 1047--1053.Google Scholar
Cross Ref
- Gabriel Kaptchuk, Eszter Hargittai, and Elissa M. Redmiles. 2020. How good is good enough for COVID19 apps? The influence of benefits, accuracy, and privacy on willingness to adopt. Retrieved from https://arXiv:2005.04343.Google Scholar
- Bandana Kar, Rick C. Crowsey, and Joslyn J. Zale. 2013. The myth of location privacy in the United States: Surveyed attitude versus current practices. Profession. Geogr. 65, 1 (2013), 47--64.Google Scholar
Cross Ref
- Douglas J. Leith and Stephen Farrell. 2020. Coronavirus contact tracing app privacy: What data is shared by the singapore opentrace app. Retrieved from https://www.scss.tcd.ie/Doug.Leith/pubs/opentrace_privacy.pdf.Google Scholar
- Joseph K. Liu, Man Ho Au, Tsz Hon Yuen, Cong Zuo, Jiawei Wang, Amin Sakzad, Xiapu Luo, and Li Li. 2020. Privacy-preserving COVID-19 contact tracing app: A zero-knowledge proof approach. IACR Cryptol. ePrint Arch. 2020 (2020), 528.Google Scholar
- Anna U. Morgan, Mohan Balachandran, David Do, Doreen Lam, Andrew Parambath, Krisda H. Chaiyachati, Nancy M. Bonalumi, Susan C. Day, Kathleen C. Lee, and David A. Asch. 2020. Remote monitoring of patients with Covid-19: Design, implementation, and outcomes of the first 3,000 patients in COVID watch. NEJM Catal. Innovat. Care Deliv. 1, 4 (2020).Google Scholar
- N. Nair. 2001. Childhood tuberculosis: Public health and contact tracing. Paediatr. Resp. Rev. 2, 2 (2001), 97--102.Google Scholar
- Steve Quirolgico, Jeffrey Voas, Tom Karygiannis, Christoph Michael, and Karen Scarfone. 2015. Vetting the Security of Mobile Applications. U.S. Department of Commerce, National Institute of Standards and Technology.Google Scholar
- Julie M. Robillard, Aaron W. Li, Shilpa Jacob, Dan Wang, Xin Zou, and Jesse Hoey. 2017. Co-creating emotionally aligned smart homes using social psychological modeling. In Proceedings of the 4th International Workshop on Sensor-based Activity Recognition and Interaction. 1--6.Google Scholar
Digital Library
- Tushar Kanti Saha Santa Maria Shithil and Tanusree Sharma. [n.d.]. A dynamic data placement policy for heterogeneous Hadoop cluster. In 2017 4th International Conference on Advances in Electrical Engineering (ICAEE'17). IEEE, 302--307.Google Scholar
- Oshani Seneviratne and Lalana Kagal. 2014. Enabling privacy through transparency. In Proceedings of the 12th Annual International Conference on Privacy, Security and Trust. IEEE, 121--128.Google Scholar
Cross Ref
- Tanusree Sharma, John C. Bambenek, and Masooda Bashir. 2020. Preserving privacy in cyber-physical-social systems: An anonymity and access control approach. [Online]. Retrieved from https://www.ideals.illinois.edu/handle/2142/106049.Google Scholar
- Tanusree Sharma and Masooda Bashir. 2020. Are PETs (privacy enhancing technologies) giving protection for smartphones?--A case study. Retrieved from https://arXiv:2007.04444.Google Scholar
- Tanusree Sharma and Masooda Bashir. 2020. Privacy apps for smartphones: An assessment of users’ preferences and limitations. In Proceedings of the International Conference on Human-Computer Interaction. Springer, 533--546.Google Scholar
Digital Library
- Tanusree Sharma and Masooda Bashir. 2020. Use of apps in the COVID-19 response and the loss of privacy protection. Nature Med. 26 (2020), 1165--1167.Google Scholar
Cross Ref
- Lucy Simko, Ryan Calo, Franziska Roesner, and Tadayoshi Kohno. 2020. COVID-19 contact tracing and privacy: Studying opinion and preferences. Retrieved from https://arXiv:2005.06056.Google Scholar
- Daniel J. Solove. 2012. Introduction: Privacy self-management and the consent dilemma. Harv. L. Rev. 126 (2012), 1880.Google Scholar
- Murugiah Souppaya and Karen Scarfone. 2013. Guidelines for managing the security of mobile devices in the enterprise. NIST Spec. Pub. 800 (2013), 124.Google Scholar
- Carmela Troncoso, Mathias Payer, Jean-Pierre Hubaux, Marcel Salathé, James Larus, Edouard Bugnion, Wouter Lueks, Theresa Stadler, Apostolos Pyrgelis, Daniele Antonioli, et al. 2020. Decentralized privacy-preserving proximity tracing. Retrieved from https://arXiv:2005.12273.Google Scholar
- Tyler M. Yasaka, Brandon M. Lehrich, and Ronald Sahyouni. 2020. Peer-to-Peer contact tracing: Development of a privacy-preserving smartphone app. JMIR mHealth uHealth 8, 4 (2020), e18936.Google Scholar
- Xiao Yue, Huiju Wang, Dawei Jin, Mingqiang Li, and Wei Jiang. 2016. Healthcare data gateways: Found healthcare intelligence on blockchain with novel privacy risk control. J. Med. Syst. 40, 10 (2016), 218.Google Scholar
Digital Library
Index Terms
Enabling User-centered Privacy Controls for Mobile Applications: COVID-19 Perspective
Recommendations
Enhancing User Privacy on Android Mobile Devices via Permissions Removal
HICSS '14: Proceedings of the 2014 47th Hawaii International Conference on System SciencesAndroid mobile devices are becoming a popular alternative to computers. The rise in the number of tasks performed on smartphones means sensitive information is stored on the devices. Consequently, Android devices are a potential vector for criminal ...
An Explorative Study of the Mobile App Ecosystem from App Developers' Perspective
WWW '17: Proceedings of the 26th International Conference on World Wide WebWith the prevalence of smartphones, app markets such as Apple App Store and Google Play has become the center stage in the mobile app ecosystem, with millions of apps developed by tens of thousands of app developers in each major market. This paper ...
Mobile Applications for Control and Self Management of Diabetes: A Systematic Review
Mobile applications (apps) can be very useful software on smartphones for all aspects of people's lives. Chronic diseases, such as diabetes, can be made manageable with the support of mobile apps. Applications on smartphones can also help people with ...






Comments