The PrivacyProxy app provides you control over the use of your personally identifiable information (PII) by smart phone apps.

Be Part Of The Research!

PrivacyProxy Features

Check out what you can do with this app!


Detect Device Information

Detect if any app is sending your device information without you knowledge or consent!

Purpose Based Filtering

Easy way to control which domains don't receive data at all for ex. Ads, Trackers etc. !

Detect Many Kinds of Tracking IDs

Apps can some time generate their own identifiers to track user. We can detect that too!

Filter Any Information

Once you see information leaked by apps, you can mark them to be filtered from next time cause it's can potentially identify you!

Be Part of the Research

Be part of a research study which may help strengthen your privacy. Our app is available on any Android device! Download now to get started! Participating in this research study is voluntary, and you have a chance to win an Amazon Gift Card of worth $20.

Papers



PrivacyProxy: Leveraging Crowdsourcing and In Situ Traffic Analysis to Detect and Mitigate Information Leakage

Gaurav Srivastava, Saksham Chitkara, Kevin Ku, Swarup Kumar Sahoo, Matt Fredrikson, Jason Hong, Yuvraj Agarwal

arXiv, 2017

FAQ

Get all your questions answered! Find some of the most frequently asked questions below :


Why does PrivacyProxy need the different permissions?

We need the location permission to double check if the information being sent out is actually location. This helps in filtering the permission with a fake location and doesn't break apps. We do not store/send it out and definitely do not use it to track you. The storage permission is needed to attach log files via feedback email. We do not use it for any other purpose.


The Tabs appear to be blank. When will I see info the tabs?

Please cross check that you have clicked on Connect Button and the key symbol appears in the notification bar on top. Allow some time for the PrivacyProxy app to process the network requests being sent out by other apps. When we process the network requests and detect any app leaking personal information, it will show up in the My Apps and System Apps tab of the PrivacyProxy app.


How is HTTPS traffic better than HTTP traffic?

HTTP and HTTPS are procedures with which administrators share information over the network. Since everyone can read the information, intercepting on HTTP is not difficult. HTTPS involves sending encrypted data using SSL certificate. So, with HTTPS if anyone in between the sender and the recipient could open the message, they still could not understand it. Only the sender and the recipient, who know the "code," can decipher the message.


How can I use traffic information to make informed decisions?

The PrivacyProxy app shows you the traffic protocol information to help you make informed decisions. If the app sends your PII (Personally Identifiable Information) over HTTP traffic, then your information is at risk of being read by third parties other than the app sending the data. This is generally not true for HTTPS traffic. So you can be more liberal with apps sending data over HTTPS, if the app developer is trustworthy.


What information do you store?

Glad you asked! Most importantly, any and all information we collect cannot be traced back to the user in any way. We do not collect any personally identifiable information in any way. On your phone we store the app identifier, version and the protection decision made by you (this is PP's functionality!), and also the total number of times protected information is accessed. We send this to us along with a one-way hashed identifier, so we can use it to recommend automatic protection in a future version. As part of the research analytics, we also send ourselves the hashed identifier, the model, OS version and length of time the PP app is used.


What do you do with the contributed data?

We use the data to drive the crowd source PII detection. We also use the data in our academic research which studies at topics such as which apps access private information, studying the privacy decisions of users and the effectiveness of our PII (Personally Identifiable Information) detection. The results of our research will be published at academic conferences.


Connect with the Team

Jason Hong

Carnegie Mellon University

Yuvraj Agarwal

Carnegie Mellon University

Gaurav Srivastava

Carnegie Mellon University

Saksham Chitkara

Carnegie Mellon University

Got queries? Feel free to mail us!

About The PrivacyProxy Project

PrivacyProxy is an Android app that pinpoints identifiers that apps use to track you, such as unique device IDs, Bluetooth IDs, and more. PrivacyProxy also provides detailed information about an app's privacy-related behaviors and lets you control what information is sent out from your device.

 

PrivacyProxy is a research initiative by CHIMPS Lab and SYNERGY Lab at Carnegie Mellon University. The goal is to provide users control over the use of personally identifiable information (PII) by smart phone apps.