Real Privacy Impact of Mobile Applications: Checks Through Static Analysis
摘要
This research proposes the design of a PET (Privacy-Enhancing Technologies) method and tool for analysing mobile applications and verifying compliance with privacy policies. The developed method will allow the comparison of the developers’ declarations on data protection with the requests to the system and the source code of the application, thus assessing the correspondence between permissions, data and resources. The main objective is to automate assistance to both developers and users, facilitating the verification of compliance and improving transparency in the use of personal data. Unlike previous studies, this work formally establishes the relationship between permissions, data and resources to identify privacy risks. To our knowledge, there are no equivalent tools for assessing compliance with the duty to inform.