CI2P‑MedHFDroid: A Context‑Aware Individual Privacy Preferences Model for Medical, Health & Fitness Android Apps

Abstract

The widespread adoption of medical, health, and fitness applications (MedHF apps) has revolutionized health monitoring but also raised critical privacy concerns. Studies revealed that 79% of popular health apps share sensitive user data (e.g., medical records, location) with third parties without transparent consent (bmj 364, 2019), while overly complex privacy policies further obscure data practices. To address these challenges, this article introduces CI2P-MedHFDroid, a context-aware privacy protection model for Android MedHF apps that captures individual privacy preferences across various contexts, including app categories, data types (e.g., location, health metrics), sharing recipients (e.g., third parties), and usage purposes (e.g., advertising). Our research involves analyzing 1,756 medical and 1,646 health & fitness apps through static source code and NLP-based privacy policy analysis, resulting in a comprehensive app database. Leveraging semi-supervised learning with AdaBoost, EM, and TSVM, our model achieves up to 92.7% accuracy, with 77% of 100 diverse participants expressing high satisfaction with TSVM predictions. Additionally, we provide insights into app privacy behaviors, empowering developers to design transparent, user-centric privacy mechanisms. By balancing functionality and privacy, CI2P-MedHFDroid offers a scalable, adaptive solution to enhance trust in healthcare apps.