This study addresses the pervasive yet underexplored issue of user privacy leakage in Android application logs. Despite widespread concerns, the current landscape, root causes, and developer awareness remain insufficiently understood. To bridge this gap, the authors construct a large-scale dataset of Android app logs and employ a mixed-methods approach combining static and dynamic analysis, content classification, and developer interviews. Their investigation reveals five distinct categories of genuine developer concerns regarding log privacy and demonstrates that most leaks stem from unintentional practices. The work further quantifies the extent of sensitive information exposure and systematically characterizes the types, distribution, and origins of log-based privacy leaks. Based on these empirical findings, the paper offers actionable mitigation strategies and practical guidance to help developers implement effective privacy-preserving logging practices.

With the rapid growth of mobile apps, users'concerns about their privacy have become increasingly prominent. Android app logs serve as crucial computer resources, aiding developers in debugging and monitoring the status of Android apps, while also containing a wealth of software system information. Previous studies have acknowledged privacy leaks in software logs and Android apps as significant issues without providing a comprehensive view of the privacy leaks in Android app logs. In this study, we build a comprehensive dataset of Android app logs and conduct an empirical study to analyze the status and severity of privacy leaks in Android app logs. Our study comprises three aspects: (1) Understanding real-world developers'concerns regarding privacy issues related to software logs; (2) Studying privacy leaks in the Android app logs; (3) Investigating the characteristics of privacy-leaking Android app logs and analyzing the reasons behind them. Our study reveals five different categories of concerns from real-world developers regarding privacy issues related to software logs and the prevalence of privacy leaks in Android app logs, with the majority stemming from developers'unawareness of such leaks. Additionally, our study provides developers with suggestions to safeguard their privacy from being logged.