Can Smartphones and Privacy Coexist?
Assessing Technologies and Regulations Protecting Personal Data on Android and iOS Devices
ResearchPublished Oct 27, 2016
As smartphones become more ubiquitous around the globe, policymakers inevitably have to grapple with issues related to the security and privacy of these devices. This report assesses smartphone users' privacy from technical and regulatory perspectives. It describes a literature review, experiments on the two major smartphone platforms (Google's Android and Apple's iOS), and federal regulation for protecting privacy in the United States.
Assessing Technologies and Regulations Protecting Personal Data on Android and iOS Devices
ResearchPublished Oct 27, 2016
As smartphones become more ubiquitous around the globe, policymakers inevitably have to grapple with issues related to the security and privacy of these devices. To aid in this understanding, in 2015, the Defense Advanced Research Projects Agency (DARPA) commissioned a team of researchers from the Massachusetts Institute of Technology (MIT) Lincoln Laboratory and the RAND Corporation to assess smartphone users' privacy from both technical and regulatory perspectives. This report documents the team's approach and findings. On the technical side, it describes a literature review and experiments performed by MIT Lincoln Laboratory investigating the state of privacy of the two major smartphone platforms in 2015: Google's Android and Apple's iOS. On the regulatory side, this report describes a review by RAND of major federal regulatory mechanisms for protecting privacy in the United States and provides a tool to understand both privacy regulation and technology.
While privacy-preserving technology is improving, users' privacy concerns have not been fully addressed by the technology itself. Appropriate regulatory protections also play a role in protecting smartphone users' privacy. Currently, many gaps exist between regulation and technology: The two are not adequately paired to provide the desired protections. We believe that many of these gaps can be identified using a tool that the project team developed for policymakers. By combining technical and regulatory components associated with smartphone privacy, this matrix-based tool will help policymakers guide directions for future research and assess the impact of technical and regulatory solutions that have been or will be implemented.
This report documents research findings resulting from collaboration between Massachusetts Institute of Technology (MIT) Lincoln Laboratory and the RAND Corporation. The RAND portion of this research was sponsored by Office of the Defense Advanced Research Projects Agency (DARPA) and conducted within the Acquisition and Technology Policy Center of the RAND National Defense Research Institute, a federally funded research and development center sponsored by the Office of the Secretary of Defense, the Joint Staff, the Unified Combatant Commands, the Department of the Navy, the Marine Corps, the defense agencies, and the defense Intelligence Community.
This publication is part of the RAND research report series. Research reports present research findings and objective analysis that address the challenges facing the public and private sectors. All RAND research reports undergo rigorous peer review to ensure high standards for research quality and objectivity.
This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited; linking directly to this product page is encouraged. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial purposes. For information on reprint and reuse permissions, please visit www.rand.org/pubs/permissions.
RAND is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.