Mukund Srinath,Pranav Venkit,Maria Badillo,Florian Schaub,C. Lee Giles,Shomir Wilson

2024-02-17

Abstract:Privacy policies are crucial for informing users about data practices, yet their length and complexity often deter users from reading them. In this paper, we propose an automated approach to identify and visualize data practices within privacy policies at different levels of detail. Leveraging crowd-sourced annotations from the ToS;DR platform, we experiment with various methods to match policy excerpts with predefined data practice descriptions. We further conduct a case study to evaluate our approach on a real-world policy, demonstrating its effectiveness in simplifying complex policies. Experiments show that our approach accurately matches data practice descriptions with policy excerpts, facilitating the presentation of simplified privacy information to users.

Cryptography and Security,Machine Learning

Yan Shvartzshnaider,Ananth Balashankar,Vikas Patidar,Thomas Wies,Lakshminarayanan Subramanian

DOI: https://doi.org/10.48550/arXiv.2010.00678

2020-10-01

Computation and Language

Abstract:This paper formulates a new task of extracting privacy parameters from a privacy policy, through the lens of Contextual Integrity, an established social theory framework for reasoning about privacy norms. Privacy policies, written by lawyers, are lengthy and often comprise incomplete and vague statements. In this paper, we show that traditional NLP tasks, including the recently proposed Question-Answering based solutions, are insufficient to address the privacy parameter extraction problem and provide poor precision and recall. We describe 4 different types of conventional methods that can be partially adapted to address the parameter extraction task with varying degrees of success: Hidden Markov Models, BERT fine-tuned models, Dependency Type Parsing (DP) and Semantic Role Labeling (SRL). Based on a detailed evaluation across 36 real-world privacy policies of major enterprises, we demonstrate that a solution combining syntactic DP coupled with type-specific SRL tasks provides the highest accuracy for retrieving contextual privacy parameters from privacy statements. We also observe that incorporating domain-specific knowledge is critical to achieving high precision and recall, thus inspiring new NLP research to address this important problem in the privacy domain.

Shuang Liu,Baiyang Zhao,Renjie Guo,Guozhu Meng,Fan Zhang,Meishan Zhang

DOI: https://doi.org/10.1145/3442381.3450022

2021-04-19

Abstract:With the rapid development of web and mobile applications, as well as their wide adoption in different domains, more and more personal data is provided, consciously or unconsciously, to different application providers. Privacy policy is an important medium for users to understand what personal information has been collected and used. As data privacy protection is becoming a critical social issue, there are laws and regulations being enacted in different countries and regions, and the most representative one is the EU General Data Protection Regulation (GDPR). It is thus important to detect compliance issues among regulations, e.g., GDPR, with privacy policies, and provide intuitive results for data subjects (i.e., users), data collection party (i.e., service providers) and the regulatory authorities. In this work, we target to solve the problem of compliance analysis between GDPR (Article 13) and privacy policies. We format the task into a combination of a sentence classification step and a rule-based analysis step. We manually curate a corpus of 36,610 labeled sentences from 304 privacy policies, and benchmark our corpus with several standard sentence classifiers. We also conduct a rule-based analysis to detect compliance issues and a user study to evaluate the usability of our approach. The web-based tool AutoCompliance is publicly accessible 1.

Michael Carl Tschantz,Anupam Datta,Jeannette M. Wing

DOI: https://doi.org/10.48550/arXiv.1102.4326

2011-02-22

Abstract:Privacy policies often place requirements on the purposes for which a governed entity may use personal information. For example, regulations, such as HIPAA, require that hospital employees use medical information for only certain purposes, such as treatment. Thus, using formal or automated methods for enforcing privacy policies requires a semantics of purpose requirements to determine whether an action is for a purpose or not. We provide such a semantics using a formalism based on planning. We model planning using a modified version of Markov Decision Processes, which exclude redundant actions for a formal definition of redundant. We use the model to formalize when a sequence of actions is only for or not for a purpose. This semantics enables us to provide an algorithm for automating auditing, and to describe formally and compare rigorously previous enforcement methods.

Cryptography and Security

Cheng Chang,Huaxin Li,Yichi Zhang,Suguo Du,Hui Cao,Haojin Zhu

DOI: https://doi.org/10.1007/978-3-030-23597-0_4

2019-01-01

Abstract:Along with the popularity of mobile devices, people share a growing amount of personal data to a variety of mobile applications for personalized services. In most cases, users can learn their data usage from the privacy policy along with the application. However, current privacy policies are always too long and obscure to provide readability and comprehensibility to users. To address this issue, we propose an automated privacy policy extraction system considering users' personal privacy concerns under different contexts. The system is implemented on Android smartphones and evaluated feedbacks from a group of users (n = 96) as a field study. Experiments are conducted on both our dataset, which is the first user privacy concern profile dataset to the best of our knowledge, and a public dataset containing 115 privacy policies with 23K data practices. We achieve 0.94 precision for privacy category classification and 0.81 accuracy for policy segment extraction, which attests to the significance of our work as a direction towards meeting the transparency requirement of the General Data Protection Regulation (GDPR).

Jianfeng Chi,Wasi Uddin Ahmad,Yuan Tian,Kai-Wei Chang

DOI: https://doi.org/10.48550/arXiv.2212.10011

2023-05-12

Abstract:Privacy policies provide individuals with information about their rights and how their personal information is handled. Natural language understanding (NLU) technologies can support individuals and practitioners to understand better privacy practices described in lengthy and complex documents. However, existing efforts that use NLU technologies are limited by processing the language in a way exclusive to a single task focusing on certain privacy practices. To this end, we introduce the Privacy Policy Language Understanding Evaluation (PLUE) benchmark, a multi-task benchmark for evaluating the privacy policy language understanding across various tasks. We also collect a large corpus of privacy policies to enable privacy policy domain-specific language model pre-training. We evaluate several generic pre-trained language models and continue pre-training them on the collected corpus. We demonstrate that domain-specific continual pre-training offers performance improvements across all tasks.

Computation and Language

Parvaneh Shayegh,Vijayanta Jain,Amin Rabinia,Sepideh Ghanavati

DOI: https://doi.org/10.48550/arXiv.1910.04133

2019-10-06

Abstract:The massive growth of the Internet of Things (IoT) as a network of interconnected entities [18], brings up new challenges in terms of privacy and security requirements to the traditional software engineering domain [4]. To protect the individuals' privacy, the FTC's Fair Information Practice Principles (FIPPs) [6] proposes to companies to give notice to the consumer about their data practices, provide them with choices and give them means to have control over their own data.. Using privacy policy is the most common way for this type of notices. However, privacy policies are not generally effective due to two main reasons: first, privacy policies are long and full of legal jargon which are not understandable by a normal user; second, it is not guaranteed that an IoT device behave as it is explained in its privacy policy. In this technical report, we propose and discuss our methodologies to analyze privacy policies. By the help of this analysis, we reduce the length of a privacy policy and make it organized based on privacy practices to improve understanding level for the user. We also come up with a method to find the inconsistencies between IoT devices and their privacy policies.

Cryptography and Security

Chenhao Tang,Zhengliang Liu,Chong Ma,Zihao Wu,Yiwei Li,Wei Liu,Dajiang Zhu,Quanzheng Li,Xiang Li,Tianming Liu,Lei Fan

2023-09-19

Abstract:Privacy policies serve as the primary conduit through which online service providers inform users about their data collection and usage procedures. However, in a bid to be comprehensive and mitigate legal risks, these policy documents are often quite verbose. In practical use, users tend to click the Agree button directly rather than reading them carefully. This practice exposes users to risks of privacy leakage and legal issues. Recently, the advent of Large Language Models (LLM) such as ChatGPT and GPT-4 has opened new possibilities for text analysis, especially for lengthy documents like privacy policies. In this study, we investigate a privacy policy text analysis framework PolicyGPT based on the LLM. This framework was tested using two datasets. The first dataset comprises of privacy policies from 115 websites, which were meticulously annotated by legal experts, categorizing each segment into one of 10 classes. The second dataset consists of privacy policies from 304 popular mobile applications, with each sentence manually annotated and classified into one of another 10 categories. Under zero-shot learning conditions, PolicyGPT demonstrated robust performance. For the first dataset, it achieved an accuracy rate of 97%, while for the second dataset, it attained an 87% accuracy rate, surpassing that of the baseline machine learning and neural network models.

Computation and Language

Ashish Hooda,Rishabh Khandelwal,Prasad Chalasani,Kassem Fawaz,Somesh Jha

2024-08-27

Abstract:Privacy policies are crucial in the online ecosystem, defining how services handle user data and adhere to regulations such as GDPR and CCPA. However, their complexity and frequent updates often make them difficult for stakeholders to understand and analyze. Current automated analysis methods, which utilize natural language processing, have limitations. They typically focus on individual tasks and fail to capture the full context of the policies. We propose PolicyLR, a new paradigm that offers a comprehensive machine-readable representation of privacy policies, serving as an all-in-one solution for multiple downstream tasks. PolicyLR converts privacy policies into a machine-readable format using valuations of atomic formulae, allowing for formal definitions of tasks like compliance and consistency. We have developed a compiler that transforms unstructured policy text into this format using off-the-shelf Large Language Models (LLMs). This compiler breaks down the transformation task into a two-stage translation and entailment procedure. This procedure considers the full context of the privacy policy to infer a complex formula, where each formula consists of simpler atomic formulae. The advantage of this model is that PolicyLR is interpretable by design and grounded in segments of the privacy policy. We evaluated the compiler using ToS;DR, a community-annotated privacy policy entailment dataset. Utilizing open-source LLMs, our compiler achieves precision and recall values of 0.91 and 0.88, respectively. Finally, we demonstrate the utility of PolicyLR in three privacy tasks: Policy Compliance, Inconsistency Detection, and Privacy Comparison Shopping.

Cryptography and Security,Computation and Language

Youqun Li,Yichi Zhang,Haojin Zhu,Suguo Du

DOI: https://doi.org/10.1109/infocomwkshps51825.2021.9484530

2021-01-01

Abstract:Modern Smart Home platforms offer various applications, which should follow the platform privacy policies so that end users and regulators are informed of Sensitive Personal Information (SPI) related operations. However, the generalized privacy policies by Smart Home platforms fail to explain specific SPI related operations for individual applications. Meanwhile, according to previous works, potential SPI leaks may occur due to insufficient surveillance. In this paper, we propose the first system to automatically generate fine-grained privacy policies for individual applications through static code analysis and natural language techniques. First, from the code we extract the control flow graph and the SPI data flows. Then, we use a Naive Bayes model to transfer the data flows into verb-object phrases. Finally, we populate a pre-prepared privacy policy template with the previously generated phrases. We evaluate our system on Samsung SmartThings platform. The experimental results show that: 1) Our system can accurately extract SPI related operations from Smart Home applications; 2) The privacy policies created by our system are fine-grained and easily understandable; 3) We demonstrate the efficacy of the proposed system on a real world data-set of almost 250 apps.

LI Xin,TANG Peng,ZHANG Xiheng,QIU Weidong,HUI Hong

DOI: https://doi.org/10.11959/j.issn.2096-109x.2023088

2023-01-01

Abstract:The implementation of the EU's General Data Protection Regulation(GDPR)has resulted in the imposition of over 300 fines since its inception in 2018.These fines include significant penalties for prominent companies like Google,which were penalized for their failure to provide transparent and comprehensible privacy policies.The GDPR,known as the strictest data protection laws in history,has made companies worldwide more cautious when offering cross-border services,particularly to the European Union.The regulation's territorial scope stipulates that it applies to any company providing services to EU citizens,irrespective of their location.This implies that companies worldwide,including domestic enterprises,are required to ensure compliance with GDPR in their privacy policies,especially those involved in international operations.To meet this requirement,an intelligent detection method was introduced.Machine learning and automation technologies were utilized to automatically extract privacy policies from online service companies.The policies were converted into a standardized format with a hierarchical structure.Through natural language processing,the privacy policies were classified,allowing for the identification of relevant GDPR concepts.In addition,a constructed GDPR taxonomy was used in the detection mechanism to identify any missing concepts as required by GDPR.This approach facilitated intelligent detection of GDPR-oriented privacy policy compliance,providing support to domestic enterprises while they provided cross-border services to EU users.Analysis of the corpus samples reveals the current situation that mainstream online service companies generally fail to meet GDPR compliance requirements.

Xusheng Xiao,Amit M. Paradkar,Suresh Thummalapenta,Tao Xie

DOI: https://doi.org/10.1145/2393596.2393608

2012-01-01

Abstract:ABSTRACTAccess Control Policies (ACP) specify which principals such as users have access to which resources. Ensuring the correctness and consistency of ACPs is crucial to prevent security vulnerabilities. However, in practice, ACPs are commonly written in Natural Language (NL) and buried in large documents such as requirements documents, not amenable for automated techniques to check for correctness and consistency. It is tedious to manually extract ACPs from these NL documents and validate NL functional requirements such as use cases against ACPs for detecting inconsistencies. To address these issues, we propose an approach, called Text2Policy, to automatically extract ACPs from NL software documents and resource-access information from NL scenario-based functional requirements. We conducted three evaluations on the collected ACP sentences from publicly available sources along with use cases from both open source and proprietary projects. The results show that Text2Policy effectively identifies ACP sentences with the precision of 88.7% and the recall of 89.4%, extracts ACP rules with the accuracy of 86.3%, and extracts action steps with the accuracy of 81.9%.

Henry Hosseini,Martin Degeling,Christine Utz,Thomas Hupperich

DOI: https://doi.org/10.2478/popets-2021-0081

2021-07-23

Proceedings on Privacy Enhancing Technologies

Abstract:Abstract Privacy policies have become a focal point of privacy research. With their goal to reflect the privacy practices of a website, service, or app, they are often the starting point for researchers who analyze the accuracy of claimed data practices, user understanding of practices, or control mechanisms for users. Due to vast differences in structure, presentation, and content, it is often challenging to extract privacy policies from online resources like websites for analysis. In the past, researchers have relied on scrapers tailored to the specific analysis or task, which complicates comparing results across different studies. To unify future research in this field, we developed a toolchain to process website privacy policies and prepare them for research purposes. The core part of this chain is a detector module for English and German, using natural language processing and machine learning to automatically determine whether given texts are privacy or cookie policies. We leverage multiple existing data sets to refine our approach, evaluate it on a recently published longitudinal corpus, and show that it contains a number of misclassified documents. We believe that unifying data preparation for the analysis of privacy policies can help make different studies more comparable and is a step towards more thorough analyses. In addition, we provide insights into common pitfalls that may lead to invalid analyses.

Kaifa Zhao,Le Yu,Shiyao Zhou,Jing Li,Xiapu Luo,Yat Fei Aemon Chiu,Yutong Liu

DOI: https://doi.org/10.48550/arXiv.2212.04357

2022-12-04

Abstract:Privacy protection raises great attention on both legal levels and user awareness. To protect user privacy, countries enact laws and regulations requiring software privacy policies to regulate their behavior. However, privacy policies are written in natural languages with many legal terms and software jargon that prevent users from understanding and even reading them. It is desirable to use NLP techniques to analyze privacy policies for helping users understand them. Furthermore, existing datasets ignore law requirements and are limited to English. In this paper, we construct the first Chinese privacy policy dataset, namely CA4P-483, to facilitate the sequence labeling tasks and regulation compliance identification between privacy policies and software. Our dataset includes 483 Chinese Android application privacy policies, over 11K sentences, and 52K fine-grained annotations. We evaluate families of robust and representative baseline models on our dataset. Based on baseline performance, we provide findings and potential research directions on our dataset. Finally, we investigate the potential applications of CA4P-483 combing regulation requirements and program analysis.

Cryptography and Security,Artificial Intelligence

Shikha Soneji,Mitchell Hoesing,Sujay Koujalgi,Jonathan Dodge

2024-04-18

Abstract:The complexities of legalese in terms and policy documents can bind individuals to contracts they do not fully comprehend, potentially leading to uninformed data sharing. Our work seeks to alleviate this issue by developing language models that provide automated, accessible summaries and scores for such documents, aiming to enhance user understanding and facilitate informed decisions. We compared transformer-based and conventional models during training on our dataset, and RoBERTa performed better overall with a remarkable 0.74 F1-score. Leveraging our best-performing model, RoBERTa, we highlighted redundancies and potential guideline violations by identifying overlaps in GDPR-required documents, underscoring the necessity for stricter GDPR compliance.

Computation and Language,Machine Learning

Hamza Harkous,Kassem Fawaz,Rémi Lebret,Florian Schaub,Kang G. Shin,Karl Aberer

DOI: https://doi.org/10.48550/arXiv.1802.02561

2018-02-07

Computation and Language

Abstract:Privacy policies are the primary channel through which companies inform users about their data collection and sharing practices. These policies are often long and difficult to comprehend. Short notices based on information extracted from privacy policies have been shown to be useful but face a significant scalability hurdle, given the number of policies and their evolution over time. Companies, users, researchers, and regulators still lack usable and scalable tools to cope with the breadth and depth of privacy policies. To address these hurdles, we propose an automated framework for privacy policy analysis (Polisis). It enables scalable, dynamic, and multi-dimensional queries on natural language privacy policies. At the core of Polisis is a privacy-centric language model, built with 130K privacy policies, and a novel hierarchy of neural-network classifiers that accounts for both high-level aspects and fine-grained details of privacy practices. We demonstrate Polisis' modularity and utility with two applications supporting structured and free-form querying. The structured querying application is the automated assignment of privacy icons from privacy policies. With Polisis, we can achieve an accuracy of 88.4% on this task. The second application, PriBot, is the first freeform question-answering system for privacy policies. We show that PriBot can produce a correct answer among its top-3 results for 82% of the test questions. Using an MTurk user study with 700 participants, we show that at least one of PriBot's top-3 answers is relevant to users for 89% of the test questions.

Yuxi Ling,Kailong Wang,Guangdong Bai,Haoyu Wang,Jin Song Dong

DOI: https://doi.org/10.1145/3551349.3560436

2022-01-01

Abstract:Browser extensions have emerged as integrated characteristics in modern browsers, with the aim to boost the online browsing experience. Their advantageous position between a user and the Internet endows them with easy access to the user's sensitive data, which has raised mounting privacy concerns from both legislators and extension users. In this work, we propose an end-to-end approach to automatically diagnosing the privacy compliance violations among extensions. It analyzes the compliance of privacy policy versus regulation requirements and their actual privacy-related practices during runtime. This approach can serve the extension users, developers and store operators as an efficient and practical detection mechanism for privacy compliance violations. Our approach utilizes the state-of-the-art language processing model BERT for annotating the policy texts, and a hybrid technique to analyze an extension's source code and runtime behavior. To facilitate the model training, we construct a corpus named PrivAud-100 which contains 100 manually annotated privacy policies. Our large-scale diagnostic evaluation reveals that the vast majority of existing extensions suffer from privacy non-compliance issues. Around 92% of them have at least one violation of either their privacy policies or data collection practices. Based on our findings, we further propose an index to facilitate the filtering and identification of privacy-incompliant extensions with high accuracy (over 90%). Our work should raise the awareness of extension users, service providers, and platform operators, and encourage them to implement solutions toward better privacy compliance. To facilitate future research in this area, we have released our dataset, corpus and analyzer.

Yingjie Wang,Zhihong Zhou,Jianhua Li

DOI: https://doi.org/10.1007/978-3-642-54924-3_106

2014-01-01

Abstract:Now, organizations are required to comply with existing privacy protection regulations on data collection, use, and disclosure. Privacy preservation in a data-sharing computing environment is becoming a challenging problem. The core part of privacy protection is purposes for and circumstances under which the data can be accessed. It must be ensured that data can only be used for its intended purposes, so the access purpose should be compliant with the intended purposes. In this paper, the role-based access control (RBAC) model is extended to incorporate the notion of purpose. Relationships between purposes are defined. It is investigated that how different components in the RBAC model are related to purpose and how the purpose information can be used to determine whether a subject has access to a given object. The model can suit for applications consisting of static and dynamic objects, where both access purpose and intended purpose are needed for consideration before granting access.

Orlando Amaral,Sallam Abualhaija,Damiano Torre,Mehrdad Sabetzadeh,Lionel C. Briand

DOI: https://doi.org/10.48550/arXiv.2106.05688

2021-10-06

Abstract:Technological advances in information sharing have raised concerns about data protection. Privacy policies contain privacy-related requirements about how the personal data of individuals will be handled by an organization or a software system (e.g., a web service or an app). In Europe, privacy policies are subject to compliance with the General Data Protection Regulation (GDPR). A prerequisite for GDPR compliance checking is to verify whether the content of a privacy policy is complete according to the provisions of GDPR. Incomplete privacy policies might result in large fines on violating organization as well as incomplete privacy-related software specifications. Manual completeness checking is both time-consuming and error-prone. In this paper, we propose AI-based automation for the completeness checking of privacy policies. Through systematic qualitative methods, we first build two artifacts to characterize the privacy-related provisions of GDPR, namely a conceptual model and a set of completeness criteria. Then, we develop an automated solution on top of these artifacts by leveraging a combination of natural language processing and supervised machine learning. Specifically, we identify the GDPR-relevant information content in privacy policies and subsequently check them against the completeness criteria. To evaluate our approach, we collected 234 real privacy policies from the fund industry. Over a set of 48 unseen privacy policies, our approach detected 300 of the total of 334 violations of some completeness criteria correctly, while producing 23 false positives. The approach thus has a precision of 92.9% and recall of 89.8%. Compared to a baseline that applies keyword search only, our approach results in an improvement of 24.5% in precision and 38% in recall.

Cryptography and Security,Artificial Intelligence,Software Engineering

Bhanuka Silva,Dishanika Denipitiyage,Suranga Seneviratne,Anirban Mahanti,Aruna Seneviratne

2024-09-25

Abstract:While many online services provide privacy policies for end users to read and understand what personal data are being collected, these documents are often lengthy and complicated. As a result, the vast majority of users do not read them at all, leading to data collection under uninformed consent. Several attempts have been made to make privacy policies more user friendly by summarising them, providing automatic annotations or labels for key sections, or by offering chat interfaces to ask specific questions. With recent advances in Large Language Models (LLMs), there is an opportunity to develop more effective tools to parse privacy policies and help users make informed decisions. In this paper, we propose an entailment-driven LLM based framework to classify paragraphs of privacy policies into meaningful labels that are easily understood by users. The results demonstrate that our framework outperforms traditional LLM methods, improving the F1 score in average by 11.2%. Additionally, our framework provides inherently explainable and meaningful predictions.

Artificial Intelligence