Authors : Musa Ibrahim Kamba; Aminu Dauda

Volume/Issue : Volume 11 - 2026, Issue 1 - January

Google Scholar : https://tinyurl.com/yw2a7p2u

Scribd : https://tinyurl.com/ynummcea

DOI : https://doi.org/10.38124/ijisrt/26jan005

Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.

Abstract : The widespread adoption of free Android applications in low- and middle-income communities has transformed communication, entertainment, and access to services, but it has also introduced significant privacy and security risks. This study investigates the usage patterns, privacy awareness, permission-granting behaviors, and exposure to data exploitation among Android users in Birnin Kebbi, Nigeria. Employing a mixed-methods approach, data were collected through structured questionnaires (n = 200), semi-structured interviews (n = 20), and direct observations. Findings reveal that 92% of respondents use free apps daily, with social media (85%) and entertainment apps (78%) dominating usage. Despite this, digital literacy and awareness of data protection regulations remain low, with only 27% understanding app data collection practices and 12% aware of the Nigeria Data Protection Regulation (NDPR). The study also identified prevalent user-permission fatigue, with 68% of respondents routinely granting broad permissions—including access to contacts, camera, microphone, location, and storage—without full comprehension of implications. Third-party SDKs and trackers further exacerbate data exposure, while 31% of respondents reported experiences of digital fraud, such as unauthorized social media access, phishing, and unexpected mobile wallet deductions. The results highlight the cyclical relationship between high app dependence, low privacy awareness, and limited digital literacy, which collectively heighten vulnerability to profiling, surveillance, and fraud. The study recommends targeted digital literacy programs, NDPR awareness campaigns, promotion of privacy-preserving practices, integration of privacy-by-design in app development, and accessible mechanisms for monitoring and reporting digital fraud to strengthen user protection in the Nigerian mobile ecosystem.

Keywords : Privacy Threats, User Profiling, Free Android Applications.

References :

1. Gamba, J.; Smith, R.; Zhou, L. Data collection practices in pre-installed and system-level Android apps. IMDEA Networks Digital Repository. Available online: https://dspace.networks.imdea.org (accessed on 24 October).
2. Olufemi, T.; Olatunde, S. Free mobile applications and privacy risks in Nigeria. Nigerian Journal of Information Technology 2021, 12, 12-27.
3. Ren, J.; Wu, Y.; Li, H.; Chen, K. Third-party libraries in mobile applications: A privacy perspective. IEEE Transactions on Mobile Computing 2016, 15, 1895-1907.
4. Zang, J.; Dummit, K.; Graves, J.; McGee, M. Who knows what about me? A survey of behind-the-scenes personal data sharing to third parties by mobile apps. Technology Science Journal 2015, 12, 33-46.
5. Ezeh, C.; Obi, M. Third-party SDKs and mobile privacy in African apps. Journal of Cybersecurity in Africa 2021, 3, 55-70.
6. Pet, S. Privacy-related SDK defaults in Android applications. Proceedings of the Privacy Enhancing Technologies Symposium. Available online: https://petsymposium.org (accessed on 24 October).
7. Abdulhamid, S.; Bello, A.; Okoye, P. Digital literacy and mobile privacy awareness among Nigerian smartphone users. Journal of Information Privacy, 8(2), 45–61 2022, 8, 45-61.
8. Adegoke, T.; Aluko, F. User profiling and behavioral tracking risks in mobile applications: Evidence from Nigeria. African Journal of Computing & ICT 2022, 15, 23-36.
9. Chika, C.; Tochukwu, O. Assessment of NDPR compliance and enforcement in Nigerian mobile apps. RSIS International Journal 2020, 4, 377-382.
10. Narayanan, A.; Bonawitz, K.; Wood, A. Privacy-preserving frameworks for mobile and web applications. IEEE Transactions on Privacy and Security 2020, 18, 1-15.
11. Okeke, J.; Uche, N. Adoption of privacy-preserving technologies in Nigerian app development. Journal of ICT Policy in Africa 2023, 7, 33-48.
12. Lyons, M.; Zhao, T.; Reardon, J. Measuring sensitive data logging in Android ecosystems. Federal Trade Commission Report. . Available online: https://www.ftc.gov (accessed on 24 October).
13. Wikipedia. Cross-device tracking. Available online: https://en.wikipedia.org/wiki/Cross-device_tracking (accessed on 24 October).
14. Adeoye, A.; Balogun, M.; Ojo, T. Nigeria Data Protection Regulation: Challenges and enforcement gaps. International Journal of Law and Cybersecurity 2020, 6, 12-29.
15. Asere, O.G.F.; Bello, T.; Ibrahim, S. Organizational compliance with NDPR in Nigeria: Evidence from SMEs and public institutions TechScience Journal of ICT Policy 2025, 7, 22-39.
16. NDPA. Nigeria Data Protection Act 2023. Thisday Live. Available online: https://www.thisdaylive.com (accessed on 24 October).
17. Thisdaylive. Nigeria Data Protection Act: Challenges and regulatory capacity. Available online: https://www.thisdaylive.com (accessed on 24 October).
18. Zenodo. Digital literacy and mobile app privacy awareness in Nigeria. Available online: https://zenodo.org (accessed on 24 November).
19. Binns, R.; Lyngs, U.; Van-Kleek, M.; Zhao, J.; Libert, T.; Shadbolt, N. Third party tracking in the mobile ecosystem. Available online: https://arxiv.org/abs/1804.03603 (accessed on 24 October).