Context and Permission Usage During the last few years, we have studied the relationship between users’ privacy decisions on permission usage in Android platform and the surrounding contextual circumstances. The notion of Contextual Integrity (CI) posits that users’ privacy decisions depend on what they expect to flow out of a given context. Based on our prior work on the impact of context on how real-world users navigate permissions, we propose to discuss the importance of the surrounding context of each permission request and how the context can be a useful tool in fixing many of the issues in permissions (mobile or web). An important discussion point will also be how we define (or how users perceive) the context in different domains, we like to discuss our finding on the context in the mobile app space and lead the discussion on that. In our early work on Android permissions and context (https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/wijesekera), we showed that a) context matters in users’ permission decisions and b) the frequency of permission requests in Android is extremely high. These observations raise important questions in permissions: How can platforms (e.g., Android, iOS, etc) account for context when prompting the user for permission, as well as when acting on behalf of the user? How should the high frequency of permission requests affect the design ofpermission models? What are the specific contextual factors that might influence users permission decisions? The impact of contextual factors on users’ permission decisions can influence multiple aspects of a permission model. If the users' decisions are contextual, then the validity (or the lifetime) of their decisions is limited to the contextual circumstance under which users made their decisions. Platforms should not naively reuse permission decisions with no regard for the context, which might violate user privacy expectations. Contextual factors could also influence when and how to prompt for user consent. If decisions are contextual, platforms should only seek consent once for a given contextual circumstance. Another aspect would be how UI controls could be designed around the most salient contextual to users. Context can also be useful in dealing with high frequency of permission requests; if users are consistent under a given context, platforms can use the context to predict users’ future permission decisions without seeking their consent on every single permission request. We conducted a 131-participant field study for six weeks to explore the solutions for most of the above-mentioned questions in permissions in Android (https://www.ieee-security.org/TC/SP2017/papers/278.pdf). With 4000+ collected real-world permission decisions and their surrounding context, we were able to develop an offline Machine Learning model to predict users’ future permission preferences based on past decisions and their context. We showed that the default Android permission model could violate user privacy decisions as much as 15% because it does not take into account context, whereas our new contextual permission model reduces the potential violations to 3% (we define a violation as an instance where the platform took a different permission decision from what users would have done). The new ML model identified two specific contextual factors that were significant in predicting users future permission decisions: a) visibility of the application requesting the permission (i.e., if the user was given an indication of whether the requesting application was running), and b) foreground application (i.e., the application the user was engaged with at the time of the request). If the user consent is only collected under different contexts, then the new model can also reduce the user involvement by 25% compared to the default Android model,which prompts the user on every new {application, permission} request pair. As our new model accounts for the surrounding context, it implicitly ensures that previously collected user decisions are only re-used under correct contextual circumstances. Proper use of the context also reduce violations by 80% compared to the default Android permission model. We implemented the above offline ML model in a custom Android so that it can take real-time decisions on Android (https://dl.acm.org/citation.cfm?id=3173842). We again conducted a field study where participants used our custom Android distribution in their day-to-day activities. Our contextual permission model showed an accuracy of 95% compared to 80% accuracy of the default permission model in meeting users’ privacy expectations (permission decisions). Accompanying our new permission model was a custom permission manager that lists recent permission decisions made by the platform on behalf of the user, as well as the contextual circumstances surrounding each of those decisions. This permission manager also allows users to adjust how the platform makes decisions in the future under known contexts. While changing the platform response for future instances, users can take the context into account in the new permission manager. Our study showed that participants actually ended up using the new permission manager to decisions made by the new ML based permission model. During the workshop, we want to share our experience in understanding the impact of the context in mobile permission models. We believe that the impact of the context is not unique to mobile platforms but is generalizable across many domains such as IoT and Web. We believe it will be a fruitful discussion to explore how contextual factors can be used in any permission model to reduce the user habituation (e.g., by reducing the user involvement in the training/bootstrap phase) and improve user outcomes by identifying proper permission lifetimes under different contexts. We will discuss how to account for contextual factors when designing UI controls, as well as how new permission interfaces can better inform users about contextual decisions taken by the platform. Such an interface can allow the user to a) better understand the past decisions and/or b) fix any misaligned decisions taken by the platform and improve the platform’s decision-making in the future.