If an app wants to access a sensitive function such as a camera or location, the operating system displays what is known as a “permission request.” Developers can supplement this with an additional, explanatory text – a so-called rationale. This rationale is intended to explain to users why the app requires a certain permission.
“The app needs storage access” or “Please allow access to your storage to attach photos to your posts” – which of these phrases would be more likely to motivate you to give the app permission? App developers can expect a higher approval rate for the second, more specific variant. At least that’s what Elbitar’s study suggests: “People who understand why they need access to the camera or storage feel better informed and have a greater sense of control. According to our study, both of these factors increase approval of app permissions,” the researcher explains. Together with colleagues, she analyzed more than 9,500 frequently used Android apps to find out how permission requests are formulated and designed.
Central modules for rationales
In practice, the explanatory texts in the apps examined looked very different. “There are guidelines for developers – from Apple or Android, for example – on how such requests should be designed. However, these are not binding,” says Elbitar. As a result, the researchers were able to identify distinct key elements that, when combined, influence how clear and persuasive an explanation is for users. “A key element is the functionality explanation: Good requests clearly state which function the permission is needed for – for example, to ‘add photos to your message.’ If this explanation is missing, the justification remains vague and simply states that the app ‘won’t work properly otherwise’,” says Elbitar. The way the consequence is phrased also plays an important role: Some requests highlight positively what the user gains by agreeing, while others make it clear which function will be unavailable if the permission is denied. The latter is often perceived by users as more helpful and understandable.
The tone of the app’s communication also varies. Some requests address the user directly, either demanding (“You must allow...”) or politely asking (“Please allow us...”). Others are phrased more neutrally (“Access to the camera is required”) or from the app's perspective (“This app requires...”). Additionally, some requests include extra information designed to build trust or convey a sense of control, such as security assurances like “We do not store any personal data,” statements like “You can change this at any time in the device settings,” or links to the privacy policy. Depending on how these elements are combined, a request can appear either more trustworthy or provoke skepticism.
Extracting, checking, sorting – the elaborate analysis of app texts
The study consists of two parts: “on the one hand, we analyzed over 9,600 popular Android apps to capture the wording of the rationales. On the other hand, we surveyed 960 people online to learn how they would react to different formulations,” says Elbitar.
Above all, the first part required a great deal of detailed work: “We used a machine-learning model to extract thousands of app texts for potential requests – and were able to identify over 35,000 such texts. However, the model does not always clearly recognize these as rationales. It extracts sentences that potentially match – often out of context.” In some cases, it turned out that these were simply generally worded sentences that appeared in other areas of the app. Consequently, a lot of manual post-processing was necessary: In the end, the research team manually evaluated 1,054 clear requests from 709 apps via screenshots.
From experiment to everyday life
The results provide initial clues for best-practice recommendations to app developers and UX designers. “However, if we want to make reliable predictions about how people respond to certain formulations, we need additional studies under real-life conditions,” says Elbitar. In the study, the participants merely imagined that they were using an app. In real usage scenarios – under time pressure or other situational influences – decisions might differ.
Elbitar’s interest in the topic began during her master’s thesis. At that time, she investigated whether the timing of the permission request also played a role. “The sample size was still small back then – only 46 people under laboratory conditions. This new study was intended to expand on that.” In another research project, she focused on permission requests on websites – a field that has been scarcely explored so far. “Websites are often very interactive today. For example, the question arises: Is the request presented as a banner, a button, or an overlay? That, too, can influence the decision.”
Although her research primarily provides concrete insights for developers, for Elbitar something else is paramount: “We want app users to be able to make an informed decision about when and to whom they grant access to their data.”
