@inproceedings{64823, abstract = {{Current legal frameworks enforce that Android developers accurately report the data their apps collect. However, large codebases can make this reporting challenging. This paper employs an empirical approach to understand developers' experience with Google Play Store's Data Safety Section (DSS) form. We first survey 41 Android developers to understand how they categorize privacy-related data into DSS categories and how confident they feel when completing the DSS form. To gain a broader and more detailed view of the challenges developers encounter during the process, we complement the survey with an analysis of 172 online developer discussions, capturing the perspectives of 642 additional developers. Together, these two data sources represent insights from 683 developers. Our findings reveal that developers often manually classify the privacy-related data their apps collect into the data categories defined by Google-or, in some cases, omit classification entirely-and rely heavily on existing online resources when completing the form. Moreover, developers are generally confident in recognizing the data their apps collect, yet they lack confidence in translating this knowledge into DSS-compliant disclosures. Key challenges include issues in identifying privacy-relevant data to complete the form, limited understanding of the form, and concerns about app rejection due to discrepancies with Google's privacy requirements. These results underscore the need for clearer guidance and more accessible tooling to support developers in meeting privacy-aware reporting obligations. }}, author = {{Khedkar, Mugdha and Schlichtig, Michael and Soliman, Mohamed Aboubakr Mohamed and Bodden, Eric}}, booktitle = {{Proceedings of the IEEE/ACM 13th International Conference on Mobile Software Engineering and Systems (MOBILESoft '26). Association for Computing Machinery, New York, NY, USA, 65–68.}}, keywords = {{static analysis, data collection, data protection, privacy-aware reporting}}, location = {{Rio de Janeiro, Brazil}}, title = {{{Challenges in Android Data Disclosure: An Empirical Study.}}}, year = {{2026}}, } @inproceedings{52235, abstract = {{Android applications collecting data from users must protect it according to the current legal frameworks. Such data protection has become even more important since the European Union rolled out the General Data Protection Regulation (GDPR). Since app developers are not legal experts, they find it difficult to write privacy-aware source code. Moreover, they have limited tool support to reason about data protection throughout their app development process. This paper motivates the need for a static analysis approach to diagnose and explain data protection in Android apps. The analysis will recognize personal data sources in the source code, and aims to further examine the data flow originating from these sources. App developers can then address key questions about data manipulation, derived data, and the presence of technical measures. Despite challenges, we explore to what extent one can realize this analysis through static taint analysis, a common method for identifying security vulnerabilities. This is a first step towards designing a tool-based approach that aids app developers and assessors in ensuring data protection in Android apps, based on automated static program analysis. }}, author = {{Khedkar, Mugdha and Bodden, Eric}}, booktitle = {{Proceedings of the IEEE/ACM 11th International Conference on Mobile Software Engineering and Systems (MOBILESoft '24). Association for Computing Machinery, New York, NY, USA, 65–68.}}, keywords = {{static program analysis, data protection and privacy, GDPR compliance}}, location = {{Lisbon, Portugal}}, title = {{{Toward an Android Static Analysis Approach for Data Protection}}}, doi = {{10.1145/3647632.3651389}}, year = {{2024}}, } @inproceedings{57445, abstract = {{Knowledge management is essential for successful disaster management. This paper conducts a Systematic Literature Review at the intersection of the knowledge management field and disaster management and examines the available body of literature. Fire departments are chosen as the focus group as they are the most prevalent emergency services. There are many publications that deal with knowledge management during the response phase of an emergency. Often, the literature focuses on the application of knowledge management in large-scale disasters to link the various organizations on-scene. What is missing in most approaches is a prior step of implementing and training the knowledge management system. Therefore, this literature review seeks to provide an overview of approaches for daily routines and small-to-medium incidents that serve as a training ground. However, literature on non-incident phases and smaller incidents is scarce. As information technologies are developing rapidly, there is no modern and recent description of the current use of knowledge management solutions in this area.}}, author = {{Schultz, Andreas Maximilian and Dotzki, Fabian and Mozgova, Iryna}}, booktitle = {{Proceedings of the 16th International Joint Conference on Knowledge Discovery, Knowledge Engineering and Knowledge Management}}, keywords = {{Knowledge Management, Civil Protection, Systematic Literature Review, Fire Brigade}}, location = {{Porto, Portugal}}, publisher = {{SCITEPRESS - Science and Technology Publications}}, title = {{{Knowledge Management in Civil Protection at the Example of Fire Brigades}}}, doi = {{10.5220/0012947700003838}}, year = {{2024}}, } @inproceedings{44146, abstract = {{Many Android applications collect data from users. When they do, they must protect this collected data according to the current legal frameworks. Such data protection has become even more important since the European Union rolled out the General Data Protection Regulation (GDPR). App developers have limited tool support to reason about data protection throughout their app development process. Although many Android applications state a privacy policy, privacy policy compliance checks are currently manual, expensive, and prone to error. One of the major challenges in privacy audits is the significant gap between legal privacy statements (in English text) and technical measures that Android apps use to protect their user's privacy. In this thesis, we will explore to what extent we can use static analysis to answer important questions regarding data protection. Our main goal is to design a tool based approach that aids app developers and auditors in ensuring data protection in Android applications, based on automated static program analysis.}}, author = {{Khedkar, Mugdha}}, booktitle = {{2023 IEEE/ACM 45th International Conference on Software Engineering: Companion Proceedings (ICSE-Companion), Melbourne, Australia, 2023, pp. 197-199}}, keywords = {{static analysis, data protection and privacy, GDPR compliance}}, title = {{{Static Analysis for Android GDPR Compliance Assurance}}}, doi = {{10.1109/ICSE-Companion58688.2023.00054}}, year = {{2023}}, } @inproceedings{15582, abstract = {{When it comes to increased digitization in the health care domain, privacy is a relevant topic nowadays. This relates to patient data, electronic health records or physician reviews published online, for instance. There exist different approaches to the protection of individuals’ privacy, which focus on the anonymization and masking of personal information subsequent to their mining. In the medical domain in particular, measures to protect the privacy of patients are of high importance due to the amount of sensitive data that is involved (e.g. age, gender, illnesses, medication). While privacy breaches in structured data can be detected more easily, disclosure in written texts is more difficult to find automatically due to the unstructured nature of natural language. Therefore, we take a detailed look at existing research on areas related to privacy protection. Likewise, we review approaches to the automatic detection of privacy disclosure in different types of medical data. We provide a survey of several studies concerned with privacy breaches in the medical domain with a focus on Physician Review Websites (PRWs). Finally, we briefly develop implications and directions for further research.}}, author = {{Buff, Bianca and Kersting, Joschka and Geierhos, Michaela}}, booktitle = {{Proceedings of the 9th International Conference on Pattern Recognition Applications and Methods (ICPRAM 2020)}}, keywords = {{Identity Disclosure, Privacy Protection, Physician Review Website, De-Anonymization, Medical Domain}}, location = {{Valetta, Malta}}, pages = {{630----637}}, publisher = {{SCITEPRESS}}, title = {{{Detection of Privacy Disclosure in the Medical Domain: A Survey}}}, year = {{2020}}, } @inproceedings{24065, author = {{Pottebaum, Jens and Japs, Anna Maria and Prödel, Stephan and Koch, Rainer}}, booktitle = {{ISCRAM 2010 -- 7th International Conference on Information Systems for Crisis Response and Management}}, editor = {{French, Simon and Tomaszewski, Brian and Zobel, Chris}}, keywords = {{Command and control process, Command and control systems, Design and modeling, Domain ontologies, Emergency response, Fire extinguishers, Fire protection, Heterogeneous domains, Information analysis, Information sharing, Information systems, Interoperability, Ontology language, Semantic technologies, Semantic Web, Semantics}}, title = {{{Design and modeling of a domain ontology for fire protection}}}, year = {{2010}}, } @inproceedings{61029, author = {{Douglas, Pamela Heidi and Moore, R.S. and Wimalasuriya, Sunil and Nekaris, K. Anna I.}}, booktitle = {{Folia Primatologica}}, issn = {{0015-5713}}, keywords = {{Trachypithecus, Macaca, Sri Lanka, Abundance, Microhabitat variable, Isolation, Protection, Conservation}}, location = {{Prague}}, number = {{5}}, pages = {{305--401}}, publisher = {{Walter de Gruyter GmbH}}, title = {{{Microhabitat Variables Influencing Abundance and Distribution of Diurnal Primates (Trachypithecus vetulus vetulus and Macaca sinica aurifrons) in a Fragmented Rainforest Network in Southern Sri Lanka}}}, doi = {{10.1159/000137690}}, volume = {{79}}, year = {{2008}}, }