Carnegie Mellon University

Fall 2018 Capstone Projects

Evaluation of Mobile Privacy and Security:  Mobile App Privacy Score

Sponsored:       Redmorph Inc.
Presented by:   Fan Yang, Jianlan Zhu
Advisor:            Timothy Libert

Fan etc

Nowadays, mobile applications suffer from tremendous user-privacy issues. With the popularity of mobile apps, users’ data is shared between a large variety of entities. Problems like targeted advertising and information leakage are common privacy violations among mobile applications.  What makes it even worse is that, according to research, few users have an idea of the complicated issues. Even users are aware of some of their personal data has been improperly used, they have no idea of how bad the situation is and no choice but to accept them.  Related studies have done plenty of work to identify privacy issues exist in current mobile applications. Researchers have taken many metrics like privacy policies, permission requested, code analysis, data transmission into consideration to evaluate mobile apps’ privacy performance. But average users still have a difficult time understanding the issues because few studies have put forward a straightforward scoring system. 

Executive Summary:  Evaluation of Mobile Privacy and Security:  Mobile App Privacy Score.

Evaluating Privacy Enhancing Technologies for Organizations

Sponsor:           Netflix, Inc.
Presented by:   Ao Chen, Jeremy Thomas
Advisor:            Nicolas Christin

Ao etc

Given the changing perspective on privacy in today’s society, organizations must adapt to a growing set of requirements and constraints on practices that impact privacy. Individual choices about privacy, exposure of broken privacy practices, and expanding regulations force organizations towards expanding the influence of accepted principles of privacy throughout
business operations. All of these factors encourage the use of technologies to provide stronger privacy guarantees and to directly address the privacy challenges these requirements create in an effective and efficient manner.  To better understand the use of privacy enhancing technologies (PETs) by organizations, we interviewed a set of privacy experts working across various industries and in multiple disciplines. We conducted 20 interviews of privacy experts from September 2018 to November 2018. We interviewed most participants over the phone or through video conferencing applications, and typically the interviews lasted 30 to 60 minutes. 

Executive Summary: Evaluating Privacy Enhancing Technologies for Organizations

View the final report here.

Designing Privacy Controls for Older Facebook Users

Sponsor:           Facebook
Presented by:  Yama Ahmadullah, Zhuo Chen, David Edelstein
Advisor:            Lorrie Cranor

Yama etc

At Facebook’s request we investigated the particular privacy concerns of seniors (age 65+) regarding Facebook and to develop proposed remedies.

Information Gathering
We built off of existing research and prior attempts to develop privacy aids for older users to construct interviews and surveys to find places for improvement in Facebook’s existing experience. We conducted 15 semi-structured interviews to identify privacy concerns senior users have on Facebook. Then, from our results, we developed a survey to find which concerns were most important and to find promising ways to provide senior users with better control of their security and privacy. Ultimately, we got 79 completed surveys. Seniors were eager to share their concerns with us, and were pleased that a company like Facebook was interested in learning how they felt. 

Executive Summary: Designing Privacy Controls for Older Facebook User