Jump to ContentJump to Main Navigation
Show Summary Details
More options …

Proceedings on Privacy Enhancing Technologies

4 Issues per year

Open Access
See all formats and pricing
More options …

Analyzing Remote Server Locations for Personal Data Transfers in Mobile Apps

Mojtaba Eskandari / Bruno Kessler / Maqsood Ahmad / Anderson Santana de Oliveira / Bruno Crispo
Published Online: 2016-12-22 | DOI: https://doi.org/10.1515/popets-2017-0008


The prevalence of mobile devices and their capability to access high speed internet has transformed them into a portable pocket cloud interface. Being home to a wide range of users’ personal data, mobile devices often use cloud servers for storage and processing. The sensitivity of a user’s personal data demands adequate level of protection at the back-end servers. In this regard, the European Union Data Protection regulations (e.g., article 25.1) impose restriction on the locations of European users’ personal data transfer. The matter of concern, however, is the enforcement of such regulations. The first step in this regard is to analyze mobile apps and identify the location of servers to which personal data is transferred. To this end, we design and implement an app analysis tool, PDTLoc (Personal Data Transfer Location Analyzer), to detect violation of the mentioned regulations. We analyze 1, 498 most popular apps in the EEA using PDTLoc to investigate the data recipient server locations. We found that 16.5% (242) of these apps transfer users’ personal data to servers located at places outside Europe without being under the control of a data protection framework. Moreover, we inspect the privacy policies of the apps revealing that 51% of these apps do not provide any privacy policy while almost all of them contact the servers hosted outside Europe.

Keywords: Personal Data; Privacy; Mobile Apps; Cloud; Information Flow Analysis


  • [1] European commission - overview on binding corporate rules. http://ec.europa.eu/justice/data-protection/internationaltransfers/binding-corporate-rules/index_en.htm, 2016.Google Scholar

  • [2] European Commission - press release: EU-US Privacy Shield. http://europa.eu/rapid/press-release_IP-16-216_en.htm, 2016.Google Scholar

  • [3] Jagdish Prasad Achara, Franck Baudot, Claude Castelluccia, Geoffrey Delcroix, and Vincent Roca. Mobilitics: Analyzing privacy leaks in smartphones. ERCIM News, 2013(93), 2013.Google Scholar

  • [4] Tina Amirtha. Safe Harbor was for EU privacy: But how safe is US data in Europe? http://www.zdnet.com/article/safe-harbor-was-for-eu-privacy-but-how-safe-is-us-data-ineurope/, 2015.Google Scholar

  • [5] AppFigures. A tracking platform to monitor the sales and downloads of apps. http://AppFigures.com.Google Scholar

  • [6] Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel. Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. In ACM SIGPLAN Notices, volume 49, pages 259-269. ACM, 2014.Google Scholar

  • [7] Monir Azraoui, Kaoutar Elkhiyaoui, Melek Önen, Karin Bernsmed, Anderson Santana Oliveira, and Jakub Sendor.Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance: 9th International Workshop, DPM 2014, 7th International Workshop, SETOP 2014, and 3rd International Workshop, QASA 2014, Wroclaw, Poland, September 10-11, 2014. Revised Selected Papers, chapter A-PPL: An Accountability Policy Language, pages 319-326. Springer International Publishing, Cham, 2015.Google Scholar

  • [8] Walid Benghabrit, Hervé Grall, Jean-Claude Royer, Mohamed Sellami, Monir Azraoui, Kaoutar Elkhiyaoui, Melek Önen, Anderson Santana Oliveira, and Karin Bernsmed. Cloud Computing and Services Sciences: International Conference in Cloud Computing and Services Sciences, CLOSER 2014 Barcelona Spain, April 3-5, 2014 Revised Selected Papers, chapter From Regulatory Obligations to Enforceable Accountability Policies in the Cloud, pages 134-150. Springer International Publishing, Cham, 2015.Google Scholar

  • [9] Johnathon Burket, Lori Flynn, Will Klieber, Jonathan Lim, and William Snavely. Making DidFail Succeed: Enhancing the CERT Static Taint Analyzer for Android App Sets. 2015.Google Scholar

  • [10] Mary Carolan. Data protection commissioner to investigate max schrems claims. http://www.irishtimes.com/news/crime-and-law/courts/high-court/data-protectioncommissioner-to-investigate-max-schrems-claims-1.2398728, 2015.Google Scholar

  • [11] F. Di Cerbo, D. F. Some, L. Gomez, and S. Trabelsi. Ppl v2.0: Uniform data access and usage control on cloud and mobile. In TEchnical and LEgal aspects of data pRivacy and SEcurity, 2015 IEEE/ACM 1st International Workshop on, pages 2-7, May 2015.Google Scholar

  • [12] Shauvik Roy Choudhary, Alessandra Gorla, and Alessandro Orso. Automated Test Input Generation for Android: Are We There Yet?(E). In Automated Software Engineering (ASE), 2015 30th IEEE/ACM International Conference on, pages 429-440. IEEE, 2015.Google Scholar

  • [13] Fred Chung. Custom Class Loading in Dalvik. http: //android-developers.blogspot.it/2011/07/custom-classloading- in-dalvik.html.Google Scholar

  • [14] Court of Justice of the European Union. The court of justice declares that the commission’s us safe harbour decision is invalid. http://curia.europa.eu/jcms/upload/docs/application/pdf/2015-10/cp150117en.pdf , 2015.Google Scholar

  • [15] Anthony Desnos and Patrik Lantz. Droidbox: An android application sandbox for dynamic analysis (2011). https://code.google.com/p/droidbox, 2014.Google Scholar

  • [16] Serge Egelman, Adrienne Porter Felt, and David Wagner.Choice architecture and smartphone privacy: There’sa price for that. In The economics of information security and privacy, pages 211-236. Springer, 2013.Google Scholar

  • [17] William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon P Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N Sheth. TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Transactions on Computer Systems (TOCS), 32(2):5, 2014.Google Scholar

  • [18] Ericsson. Europe mobility report appendix. http://www. ericsson.com/ res/docs/2014/emr-november2014-regionalappendices- europe.pdf , 2014.Google Scholar

  • [19] European Court of Justice. Commission Decision of 26 july 2000 pursuant to directive 95/46/ec of the european parliament and of the council on the adequacy of the protection provided by the safe harbour privacy principles and related frequently asked questions issued by the us department of commerce. Official Journal L 215 , 25/08/2000 P. 0007 - 0047 URL: http://eur-lex.europa.eu/LexUriServ/ LexUriServ.do?uri=CELEX:32000D0520:EN:HTML, 2000.Google Scholar

  • [20] Clint Gibler, Jonathan Crussell, Jeremy Erickson, and Hao Chen. AndroidLeaks: automatically detecting potential privacy leaks in android applications on a large scale. Springer, 2012.Google Scholar

  • [21] Google. Monkey Tool. http://developer.android.com/tools/ help/monkey.html, 2015.Google Scholar

  • [22] Ben Gruver. Smali/Baksmali Tool. https://github.com/JesusFreke/smali/wiki, 2015.Google Scholar

  • [23] Dominik Herrmann and Jens Lindemann. Obtaining personal data and asking for erasure: Do app vendors and website owners honour your privacy rights? CoRR, abs/1602.01804, 2016.Google Scholar

  • [24] Paul De Hert and Vagelis Papakonstantinou. The proposed data protection Regulation replacing Directive 95/46/EC: A sound system for the protection of individuals. Computer Law & Security Review, 28(2):130-142, 2012.Google Scholar

  • [25] Johannes Hoffmann, Martin Ussath, Thorsten Holz, and Michael Spreitzenbarth. Slicing Droids: Program Slicing for Smali Code. In Proceedings of the 28th Annual ACM Symposium on Applied Computing, SAC ’13, pages 1844-1851, New York, NY, USA, 2013. ACM.Google Scholar

  • [26] IBM. Watson libraries for analysis. http://wala.sourceforge.net/wiki/index.php. Google Scholar

  • [27] IDC Press Release. Smartphone os marketshare. http: //www.idc.com/prodserv/smartphone-os-market-share.jsp.Google Scholar

  • [28] IPaddressAPI.com. An ip location api solution. http://www.ipaddressapi.com/ , 2015.Google Scholar

  • [29] Jinyung Kim, Yongho Yoon, Kwangkeun Yi, Junbum Shin, and SWRD Center. ScanDal: Static analyzer for detecting privacy leaks in android applications. MoST, 12, 2012.Google Scholar

  • [30] Li Li, Alexandre Bartel, Tegawendé F Bissyandé, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, and Patrick McDaniel. IccTA: Detecting inter-component privacy leaks in Android apps. In Proceedings of the 37th International Conference on Software Engineering-Volume 1, pages 280-291. IEEE Press, 2015.Google Scholar

  • [31] Long Lu, Zhichun Li, Zhenyu Wu, Wenke Lee, and Guofei Jiang. Chex: statically vetting android apps for component hijacking vulnerabilities. In Proceedings of the 2012ACM conference on Computer and communications security, pages 229-240. ACM, 2012.Google Scholar

  • [32] Damien Octeau, Patrick McDaniel, Somesh Jha, Alexandre Bartel, Eric Bodden, Jacques Klein, and Yves Le Traon. Effective inter-component communication mapping in android with epicc: An essential step towards holistic security analysis.Effective Inter-Component Communication Mapping in Android with Epicc: An Essential Step Towards Holistic Security Analysis, 2013.Google Scholar

  • [33] Vaibhav Rastogi, Yan Chen, and William Enck. AppsPlayground: automatic security analysis of smartphone applications.In Proceedings of the third ACM conference on Data and application security and privacy, pages 209-220. ACM, 2013.Google Scholar

  • [34] European Parliament. Directive 95/46/ec of the european parliament and of the Council of 24 october 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. http://eur-lex.europa.eu/eli/dir/1995/46/oj.Google Scholar

  • [35] IDC Press Release. Worldwide smartphone market will see the first single-digit growth year on record, according to idc. http://www.idc.com/getdoc.jsp?containerId=prUS40664915, 2015.Google Scholar

  • [36] Brian Cantwell Smith. Procedural Reflection in Programming Languages. PhD thesis, Massachusetts Institute of Technology, Laboratory for Computer Science, 1982.Google Scholar

  • [37] David Sounthiraraj, Justin Sahs, Garret Greenwood, Zhiqiang Lin, and Latifur Khan. Smv-hunter: Large scale, automated detection of ssl/tls man-in-the-middle vulnerabilities in android apps. In In Proceedings of the 21st Annual Network and Distributed System Security Symposium (NDSS’14. Citeseer, 2014.Google Scholar

  • [38] The Tcpdump Group. TCP-Dump. http://www.tcpdump.org/, 2015.Google Scholar

  • [39] Connor Tumbleson and Ryszard Wisniewski. APK tool - a tool for reverse engineering android apk files. http:// ibotpeaches.github.io/Apktool/ .Google Scholar

  • [40] Raja Vallée-Rai, Phong Co, Etienne Gagnon, Laurie Hendren, Patrick Lam, and Vijay Sundaresan. Soot-a Java bytecode optimization framework. In Proceedings of the 1999 conference of the Centre for Advanced Studies on Collaborative research, page 13. IBM Press, 1999. Google Scholar

  • [41] VirusTotal. Free online virus, malware and url scanner. https://www.virustotal.com.Google Scholar

  • [42] Fengguo Wei, Sankardas Roy, Xinming Ou, et al. Amandroid: A precise and general inter-component data flow analysis framework for security vetting of android apps. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pages 1329-1341. ACM, 2014.Google Scholar

  • [43] Zhemin Yang, Min Yang, Yuan Zhang, Guofei Gu, Peng Ning, and X Sean Wang. Appintent: Analyzing sensitive data transmission in android for privacy leakage detection. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 1043-1054. ACM, 2013.Google Scholar

  • [44] Sara Zaske. Germany’s privacy leaders gather to discuss suspending us safe harbor. http://www.zdnet.com/article/germanys-privacy-leaders-gather-to-discuss-suspending-ussafe-harbor/, 2015.Google Scholar

  • [45] Yury Zhauniarovich, Maqsood Ahmad, Olga Gadyatskaya, Bruno Crispo, and Fabio Massacci. Stadyna: addressing the problem of dynamic code updates in the security analysis of android applications. In Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, pages 37-48. ACM, 2015.Google Scholar

  • [46] Cong Zheng, Shixiong Zhu, Shuaifu Dai, Guofei Gu, Xiaorui Gong, Xinhui Han, and Wei Zou. Smartdroid: an automatic system for revealing ui-based trigger conditions in android applications. In Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices, pages 93-104. ACM, 2012.Google Scholar

  • [47] Yibing Zhongyang, Zhi Xin, Bing Mao, and Li Xie. DroidAlarm: an all-sided static analysis tool for Android privilege-escalation malware. In Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security, pages 353-358. ACM, 2013. Google Scholar

About the article

Received: 2016-05-31

Revised: 2016-09-01

Accepted: 2016-09-02

Published Online: 2016-12-22

Published in Print: 2017-01-01

Citation Information: Proceedings on Privacy Enhancing Technologies, Volume 2017, Issue 1, Pages 118–131, ISSN (Online) 2299-0984, DOI: https://doi.org/10.1515/popets-2017-0008.

Export Citation

© 2016. This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 License. BY-NC-ND 4.0

Comments (0)

Please log in or register to comment.
Log in