The Price of Free: Privacy Leakage in Personalized Mobile In‐App Ads
Abstract
ln-app advertising is an essential part of the ecosystem of free mobile applications.
On the surface, this creates a win-win situation where app developers can profit from their work
without charging the users. Meanwhile, ad networks employ personalization to improve the effectiveness/profitability of their ad placement. This need for serving personalized
advertisements in turn motivates ad networks to collect profile data about users. As such, "free"
apps are only free in monetary terms; they come with the price of potential privacy concerns.
The question is, how much data are users giving away in exchange for "free apps"? In this
paper, we study how much of the user's interest and demographic information is known to
major ad networks on the mobile platform. We also study whether personalized ads can be
used by the hosting apps to reconstruct some of the user information collected by the ad
network. By collecting more than 200 real user profiles and the ads seen by surveyed users, we
found that in-app advertising can leak potentially sensitive user information to any app that hosts personalized ads, and ad networks' current protection mechanisms are not sufficient for
safe-guarding users' sensitive personal information.