Software developers frequently find themselves navigating the maze of privacy laws, especially when dealing with live medical data. These legal requirements, laden with complex language, often become barriers for those trying to design apps that are both useful and compliant. Though there are some guidelines available, like those from the European Commission, they don’t focus deeply on privacy, leaving a gap in understanding. Recognizing this, our project aims for two main objectives. First, we’re working on crafting simplified models that demystify these challenging legal terms, making it easier for software teams to understand and integrate them. This will ensure that when they’re building their tools, they’re also keeping user data safe. Secondly, we’re developing a comprehensive tool to assess health apps and ensure that these apps are transparent, giving users a clear picture of how their data is used and offering them more control over it. In essence, we aim to bridge the knowledge gap and provide tools that cater to both developers and users, promoting a safer digital health environment.
Project’s Latest News
Publications & Software
- Saja Alqurashi and Indrakshi Ray, “Privacy2Practice: Leveraging Automated Analysis for Privacy Policy Transparency and Compliance”, In Proceedings of the 22nd International Conference on Security and Cryptography (SECRYPT), Bilbao, Spain, June 2025. Paper
- Faiza Tazi, Suleiman Saka, Shradha Neupane, Ethan Myers, Sanchari Das, Lorenzo De Carli, Indrakshi Ray, “A Multi-Dimensional Analysis of IoT Companion Apps: a Look at Privacy, Security and Accessibility”, In IEEE Transactions on Services Computing, 2025. Paper
- Yunik Tamrakar, Ritwik Banerjee, Ethan Myers, Lorenzo De Carli, Indrakshi Ray, “Harnessing Language Models to Analyze Android App Permission Fidelity”, In Proceedings of the IEEE 22nd Annual International Conference on Privacy, Security, and Trust (PST), Fredericton Canada, August 2025. Paper
