User Privacy in the Digital Playground: An In-Depth Investigation of Facebook Instant Games
Document Type
Conference Proceeding
Publication Date
1-1-2024
Abstract
Amid growing concerns over data privacy in web and mobile applications, this study aims to assess the privacy mechanisms in Instant Games on Facebook - a platform with approximately 3.03 billion monthly active users and a substantial repository of personal data. Instant Games have become increasingly popular due to their ease of access and social integration features. Investigating these games can provide insights into privacy mechanisms and practices, thereby informing the development of more fair, compliant and user privacy-centric gaming experiences. Thus, this paper proposes an integrated analytical framework that leverages a combination of descriptive, memory, and network analysis techniques to examine the privacy mechanisms in Facebook Instant Games. It focuses on evaluating the permission model, default settings, configurations, and API usage, as well as their impact on user data access, transfer, and sharing. Our findings uncovers discrepancies between privacy policies and actual user data notices. Through generalized settings and lack of explicit consent mechanism, our study reveals a system that often favors functionality over user privacy. Moreover, we highlight the reliance on powerful APIs that, while enhancing gameplay, pose additional privacy risks by granting broad data access to third-party services without direct user approval.
Publication Source (Journal or Book title)
Proceedings - 2024 IEEE Secure Development Conference, SecDev 2024
First Page
64
Last Page
75
Recommended Citation
Bello, S., Bappah, B., Tanet, N., Betzwieser, A., & Ali-Gombe, A. (2024). User Privacy in the Digital Playground: An In-Depth Investigation of Facebook Instant Games. Proceedings - 2024 IEEE Secure Development Conference, SecDev 2024, 64-75. https://doi.org/10.1109/SecDev61143.2024.00013
