Mobile App Runtime Permissions and the Privacy Paradox: Hot‐State Decisions, Digital Literacy, and Consumer Consent
Fan Yang
Abstract
Runtime permission prompts are intended to enable informed privacy choices, yet they interrupt consumers mid‐task and may undermine meaningful consent. We examine this issue among Chinese Android users in a mixed‐methods study. Study 1 ( N = 525) combined a survey with a custom app that tracked whether 15 mainstream apps requested key runtime permission types (e.g., location, camera, microphone) over 2 weeks and whether consumers granted or denied those requests. Privacy concerns did not predict the permission grant rate, while digital literacy was positively associated with granting more permissions. Study 2 (18 interviews) explains these patterns: hot‐state interruptions create cognitive overload and functional pressure, leading to coping heuristics (e.g., vendor/government trust) and contextual resignation. Digitally literate “power users” grant more permissions due to feature dependence and perceived controllability (e.g., revoking later). Findings suggest consumer education alone is insufficient; designs and policy should reduce cognitive burden and constrain coerced consent.
Evidence weight
Balanced mode · F 0.40 / M 0.15 / V 0.05 / R 0.40
| F · citation impact | 0.50 × 0.4 = 0.20 |
| M · momentum | 0.50 × 0.15 = 0.07 |
| V · venue signal | 0.50 × 0.05 = 0.03 |
| R · text relevance † | 0.50 × 0.4 = 0.20 |
† Text relevance is estimated at 0.50 on the detail page — for your query’s actual relevance score, open this paper from a search result.