datasets
7 rows
This data as json, copyable, CSV (advanced)
slug ▼ | title | description | url | sourceCodeUrl |
---|---|---|---|---|
do-they-track | Do they track? Automated analysis of Android apps for privacy violations | To get a grasp of how common and extensive data collection in Android apps really is, Malte and Benni developed a series of scripts to download, install and start Android apps in an emulator and to collect and analyse their network traffic. The apps were run for 60 seconds in an Android 11 emulator without any user input, meaning that no consent was given. | https://benjamin-altpeter.de/doc/presentation-android-privacy.pdf | |
informed-consent | Informed Consent? A Study of “Consent Dialogs” on Android and iOS | Consent dialogs have become ubiquitous with seemingly every website and app pleading users to agree to their personal data being processed and their behaviour being tracked, often with the help of tens or even hundreds of third-party companies. For his master’s thesis, Benni studied consent dialogs on Android and iOS in an automated and dynamic manner, analysing 4,388 popular apps from both platforms. Among other things, he measured the effect of the user’s choice in the consent dialog by comparing the traffic from before any interaction with the traffic after accepting and rejecting the dialog and analysing contacted trackers and transmitted data types. The apps were initially run for 60 seconds without interaction in an Android 11 emulator and on a physical iPhone 7 running iOS 14.8. In the runs of requests with a `runType` of `no-interaction`, nothing else was done. For the ones with `consent-dialog-accepted`, after 60 seconds, a discovered consent dialog was accepted and then they were left running without interaction for another 60 seconds. The same was done for the ones with `consent-dialog-rejected`, but the consent dialog was rejected here. | https://benjamin-altpeter.de/doc/thesis-consent-dialogs.pdf | https://github.com/baltpeter/thesis-mobile-consent-dialogs |
ios-watching-you | iOS watching you: Automated analysis of “zero-touch” privacy violations under iOS | As a follow-up project to the “Do they track?”, Benni also looked at the iOS ecosystem. He ended up analysing 1,001 apps from the top charts of the German App Store as of May 2021. The apps were run for 60 seconds without interaction on a physical iPhone 8 running iOS 14.5.1. | https://benjamin-altpeter.de/doc/presentation-ios-privacy.pdf | https://github.com/baltpeter/ios-privacy-violations |
monkey-april-2024 | Traffic collection for TrackHAR adapter work (April 2024) | For the TrackHAR adapter work, Benni ran another monkey traffic collection on 2,358 Android apps from the top charts in April 2024. The apps were run in an Android 11 emulator for 120 seconds, receiving random input from `adb monkey`, as such it is possible/likely that consent was given when requested. | https://github.com/tweaselORG/experiments/issues/2 | https://github.com/tweaselORG/experiments/tree/main/monkey-april-2024 |
monkey-july-2023 | Traffic collection for TrackHAR adapter work (July 2023) | For writing new adapters for TrackHAR and properly documenting the old ones, Benni ran a traffic collection on 804 apps on Android and 1062 apps on iOS from the top charts. The Android apps were run in an Android 11 emulator for 60 seconds, receving random input from `adb monkey`, as such it is possible/likely that consent was given when requested. The iOS apps were run on a physical iPhone X running iOS 15.6.1 for 60 seconds without any interaction. | https://github.com/tweaselORG/experiments/issues/1 | https://github.com/tweaselORG/experiments/tree/main/monkey-july-2023 |
web-monkey-september-2024 | Traffic collection for TrackHAR adapter work on websites (September 2024) | To start creating TrackHAR adapters for trackers active on the web, Benni a traffic collection on the top 10,000 websites in Germany as per the Chrome User Experience Report (CrUX) for August 2024. The websites were accessed in a headless Chromium browser using Playwright from a French IP address. All websites were accessed twice for 60 seconds each: The first time without any user interaction, the second time random user input was provided, meaning that it is possible/likely that consent was given when requested. | https://github.com/tweaselORG/experiments/issues/3 | https://github.com/tweaselORG/experiments/tree/main/web-monkey-september-2024 |
worrying-confessions | Worrying confessions: A look at data safety labels on Android | In 2022, the Google Play Store introduced a data safety section in order to give users accessible insights into apps’ data collection practices. To verify the declarations, Benni recorded the network traffic of 500 apps, finding more than one quarter of them transmitting tracking data not declared in their data safety label. The apps were run for 60 seconds in an Android 11 emulator without any user input. | https://www.datarequests.org/blog/android-data-safety-labels-analysis/ | https://github.com/datenanfragen/android-data-safety-label-analysis |
Advanced export
JSON shape: default, array, newline-delimited, object
CREATE TABLE "datasets" ( "slug" text, "title" text not null, "description" text not null, "url" text not null, "sourceCodeUrl" text, primary key("slug") ) without rowid;