Mobile App Privacy in Software Engineering Research: A Systematic Mapping Study

Mobile applications (apps) have become deeply personal, constantly demanding access to privacy-sensitive information in exchange for more personalized user experiences. Such privacy-invading practices have generated major multidimensional and unconventional privacy concerns among app users. To address these concerns, the research on mobile app privacy has experienced rapid growth over the past decade. In general, this line of research is aimed at systematically exposing the privacy practices of apps and proposing solutions to protect the privacy of mobile app users. In this survey paper, we conduct a systematic mapping study of 54 Software Engineering (SE) primary studies on mobile app privacy. Our objectives are to a) explore trends in SE app privacy research, b) categorize existing evidence, and c) identify potential directions for future research. Our results show that existing literature can be divided into four main categories: privacy policy, requirements, user perspective, and leak detection. Furthermore, our survey reveals an imbalance between these categories; majority of existing research focuses on proposing tools for detecting privacy leaks, with less studies targeting privacy requirements and policy and even less on user perspective. Finally, our survey exposes several gaps in existing research and suggests areas for improvement.