Uncovering Relationships between Android Developers, User Privacy, and Developer Willingness to Reduce Fingerprinting Risks
Abstract
The major mobile platforms, Android and iOS, have introduced
changes that restrict user tracking to improve user privacy, yet
apps continue to covertly track users via device fingerprinting. We
study the opportunity to improve this dynamic with a case study on
mobile fingerprinting that evaluates developers’ perceptions of how
well platforms protect user privacy and how developers perceive
platform privacy interventions. Specifically, we study developers’
willingness to make changes to protect users from fingerprinting
and how developers consider trade-offs between user privacy and
developer effort. We do this via a survey of 246 Android developers,
presented with a hypothetical Android change that protects users
from fingerprinting at the cost of additional developer effort.
We find developers overwhelmingly (89%) support this change,
even when they anticipate significant effort, yet prefer the change
be optional versus required. Surprisingly, developers who use fingerprinting are six times more likely to support the change, despite being most impacted by it. We also find developers are most concerned about compliance and enforcement. In addition, our results
show that while most rank iOS above Android for protecting user
privacy, this distinction significantly reduces among developers
very familiar with fingerprinting. Thus there is an important opportunity for platforms and developers to collaboratively build privacy protections, and we present actionable ways platforms can facilitate
this.
changes that restrict user tracking to improve user privacy, yet
apps continue to covertly track users via device fingerprinting. We
study the opportunity to improve this dynamic with a case study on
mobile fingerprinting that evaluates developers’ perceptions of how
well platforms protect user privacy and how developers perceive
platform privacy interventions. Specifically, we study developers’
willingness to make changes to protect users from fingerprinting
and how developers consider trade-offs between user privacy and
developer effort. We do this via a survey of 246 Android developers,
presented with a hypothetical Android change that protects users
from fingerprinting at the cost of additional developer effort.
We find developers overwhelmingly (89%) support this change,
even when they anticipate significant effort, yet prefer the change
be optional versus required. Surprisingly, developers who use fingerprinting are six times more likely to support the change, despite being most impacted by it. We also find developers are most concerned about compliance and enforcement. In addition, our results
show that while most rank iOS above Android for protecting user
privacy, this distinction significantly reduces among developers
very familiar with fingerprinting. Thus there is an important opportunity for platforms and developers to collaboratively build privacy protections, and we present actionable ways platforms can facilitate
this.
