A sleep-monitoring app, for instance, might need to access the smartphone's microphone, but only to register loudness, not to monitor conversations, researchers said.
An app developer could simply sample the microphone feed every minute or so, use PrivacyStreams software to transform the raw data to loudness and then send just the loudness data back to the smartphone for use by the app, they said.
"We are creating a new way of doing programming that makes it easier for the developer and also enhances privacy," said Jason Hong, associate professor at Carnegie Mellon University (CMU) in the US.
"We are assuming that most app developers are not malicious and that they do not want to violate anyone's privacy. Safeguarding privacy just is not always the thing that is uppermost in their minds," said Yuvraj Agarwal, assistant professor at CMU.
More From This Section
"So if the developer wants to do the right thing, how do we help them? By saving them time," said Agarwal.
The PrivacyStreams library includes a number of programmes that can transform personal data into a desired output.
"Instead of developers having to figure out all of this code themselves, we give it to them," Hong said.
Developers also have the opportunity to describe what the data is being used for, which can help users decide whether to install the app or provide permission to access certain data, said Yao Guo, associate professor at Peking University in China.
Since PrivacyStreams is set up as a pipeline - raw data streams to the service, then is transformed and transmitted back to the app that requested it - the process can be audited to ensure that the data is used as described, he added.