Examining Privacy Statements of Mobile Applications Popular Among University Students



Rajapaksha, Sammani; Puhtila, Panu; Heino, Timi; Rauti, Sampsa

Rocha, Alvaro; Ferrás, Carlos; Calvo, Hiram

International Conference on Information Technology and Systems

PublisherSpringer Nature Switzerland

2025

 Lecture Notes in Networks and Systems

Information Technology and Systems: ICITS 2025, Volume 1

1447

111

126

978-3-031-93108-6

978-3-031-93109-3

2367-3370

2367-3389

DOIhttps://doi.org/10.1007/978-3-031-93109-3_10

https://doi.org/10.1007/978-3-031-93109-3_10

https://research.utu.fi/converis/portal/detail/Publication/504809081


In this paper, we study the data protection sections (DPS) used in 20 applications available at the Apples’ App Store, and compare them to the privacy policies (PP) these same applications present, to determine whether there are discrepancies between the two. As the DPS is often the first and only privacy statement the user reads, our aim is to establish whether it expresses the extent of data collection happening in the application in a truthful manner. On the other hand, we are also assessing the extent of data collection happening in these applications to determine whether it is justified considering the nature of the applications. Our sample applications have been chosen based on popularity among media studies students at the University of Turku, gauged by a survey we conducted. Our findings indicate that there are discrepancies between DPSs and PPs, in addition to which majority of the applications we examined collect data on a concerning scale, ranging from personal phone contacts of the users and health information to location data. Often the justifications or purposes for this data collection are opaque and obscure, at best.



This research has been funded by Academy of Finland project 327397, IDA – Intimacy in Data-Driven Culture.


Last updated on 20/11/2025 12:42:37 PM