Privacy & Data Policy

The LANShield app serves two purposes. First, it allows you, the user, to get insight on local network interactions by other apps on your device, and to possibly block this access if desired. Second, our app gives you the option to take part in our user study, where information is shared with us on local network access by apps in a real-world environment.

Our goal is to study how apps access the local network, and whether they do so for benign or malicious purposes. Android apps that access the local network might only do so in certain scenarios. For example, a text editor might only scan the local network for printers when the user presses the print button. Apps with malicious intent might try to hide their behavior by only performing malicious actions after the user has used the app for some time.

For us to do a trustworthy analysis of both benign and harmful app behavior, it is thus required that analyzed apps are used by a human in a real-world context. By taking part in our user study, you'll give feedback to us on which apps try to interact with the local network. We are not interested in your behavior, but in which Android apps access the local network.

LANShield pseudonymizes sensitive data before sending it to us, ensuring that the data cannot be easily attributed to any specific person. If you choose to participate in our user study, LANShield will periodically send us the following information:

The apps that were detected to access the local network will be investigated in our testing environment, for us to understand the app's objective for doing so.

The data processing will be done in accordance with the General Data Protection Regulation (GDPR). KU Leuven is the data controller. We store the data reported by the LANShield app on a server managed by the KU Leuven Computer Science Department. Access is only granted to academic researchers working on the LANShield project within the DistriNet Research Group.

Note that we collect no data that directly contains personally identifiable information.

The data collected from the LANShield app will be retained for 10 years. We must maintain this data over time to adhere to the KU Leuven Research Data Management Policy as the academic paper review process may request further analysis or clarification during this timespan.

The data will be processed on the basis of public interest. This means that the research will lead to advances in knowledge and generate insights that (directly or indirectly) benefit society. Ending your participation in the study means that the previously collected data can still be legally involved in the study and does not have to be deleted by KU Leuven.

The raw data collected from the LANShield app shall only be accessible to researchers working on the LANShield project within the DistriNet Research Group. Knowledge and results generated by an aggregated analysis over the data of all participants will be shared with the public in the form of research papers, articles and/or blog posts. Your individual results from the app are visible in the app itself. Any data collected will never be shared or sold for commercial or other purposes. We will never release individual data.

You have the right to ask for more information about the use of your data. In addition, you may exercise the right to access your data unless exercising these rights would render impossible or seriously impair the achievement of the research objectives. Due to the research objectives of the study, it is not possible to rectify your data. If you wish to invoke any of these rights, please contact the researchers using the information below.

For questions about the results from the user study, you can reach out to lanshield@cs.kuleuven.be.

If you have any other queries, please use this form to reach us.