Articles producció científica> Enginyeria Informàtica i Matemàtiques

Automatic assessment of privacy policies under the gdpr

  • Dades identificatives

    Identificador: imarina:9173269
    Autors:
    Sanchez, DavidViejo, AlexandreBatet, Montserrat
    Resum:
    © 2021 by the authors. Licensee MDPI, Basel, Switzerland. To comply with the EU General Data Protection Regulation (GDPR), companies managing personal data have been forced to review their privacy policies. However, privacy policies will not solve any problems as long as users do not read or are not able to understand them. In order to assist users in both issues, we present a system that automatically assesses privacy policies. Our proposal quantifies the degree of policy compliance with respect to the data protection goals stated by the GPDR and presents clear and intuitive privacy scores to the user. In this way, users will become immediately aware of the risks associated with the services and their severity; this will empower them to take informed decisions when accepting (or not) the terms of a service. We leverage manual annotations and machine learning to train a model that automatically tags privacy policies according to their compliance (or not) with the data protection goals of the GDPR. In contrast with related works, we define clear annotation criteria consistent with the GDPR, and this enables us not only to provide aggregated scores, but also fine-grained ratings that help to understand the reasons of the assessment. The latter is aligned with the concept of explainable artificial intelligence. We have applied our method to the policies of 10 well-known internet services. Our scores are sound and consistent with the results reported in related works.
  • Altres:

    Autor segons l'article: Sanchez, David; Viejo, Alexandre; Batet, Montserrat
    Departament: Enginyeria Informàtica i Matemàtiques
    Autor/s de la URV: Batet Sanromà, Montserrat / Sánchez Ruenes, David / Viejo Galicia, Luis Alexandre
    Paraules clau: Privacy policies Privacy goals Privacy assessment Machine learning Gdpr
    Resum: © 2021 by the authors. Licensee MDPI, Basel, Switzerland. To comply with the EU General Data Protection Regulation (GDPR), companies managing personal data have been forced to review their privacy policies. However, privacy policies will not solve any problems as long as users do not read or are not able to understand them. In order to assist users in both issues, we present a system that automatically assesses privacy policies. Our proposal quantifies the degree of policy compliance with respect to the data protection goals stated by the GPDR and presents clear and intuitive privacy scores to the user. In this way, users will become immediately aware of the risks associated with the services and their severity; this will empower them to take informed decisions when accepting (or not) the terms of a service. We leverage manual annotations and machine learning to train a model that automatically tags privacy policies according to their compliance (or not) with the data protection goals of the GDPR. In contrast with related works, we define clear annotation criteria consistent with the GDPR, and this enables us not only to provide aggregated scores, but also fine-grained ratings that help to understand the reasons of the assessment. The latter is aligned with the concept of explainable artificial intelligence. We have applied our method to the policies of 10 well-known internet services. Our scores are sound and consistent with the results reported in related works.
    Àrees temàtiques: Química Process chemistry and technology Physics, applied Materials science, multidisciplinary Materials science (miscellaneous) Materials science (all) Materiais Instrumentation General materials science General engineering Fluid flow and transfer processes Engineering, multidisciplinary Engineering (miscellaneous) Engineering (all) Engenharias ii Engenharias i Computer science applications Ciências biológicas iii Ciências biológicas ii Ciências biológicas i Ciências agrárias i Ciência de alimentos Chemistry, multidisciplinary Biodiversidade Astronomia / física
    Accès a la llicència d'ús: https://creativecommons.org/licenses/by/3.0/es/
    Adreça de correu electrònic de l'autor: montserrat.batet@urv.cat david.sanchez@urv.cat alexandre.viejo@urv.cat
    Identificador de l'autor: 0000-0001-8174-7592 0000-0001-7275-7887 0000-0003-2342-5100
    Data d'alta del registre: 2024-10-12
    Versió de l'article dipositat: info:eu-repo/semantics/publishedVersion
    Enllaç font original: https://www.mdpi.com/2076-3417/11/4/1762
    URL Document de llicència: https://repositori.urv.cat/ca/proteccio-de-dades/
    Referència a l'article segons font original: Applied Sciences-Basel. 11 (4): 1762-11
    Referència de l'ítem segons les normes APA: Sanchez, David; Viejo, Alexandre; Batet, Montserrat (2021). Automatic assessment of privacy policies under the gdpr. Applied Sciences-Basel, 11(4), 1762-11. DOI: 10.3390/app11041762
    DOI de l'article: 10.3390/app11041762
    Entitat: Universitat Rovira i Virgili
    Any de publicació de la revista: 2021
    Tipus de publicació: Journal Publications
  • Paraules clau:

    Chemistry, Multidisciplinary,Computer Science Applications,Engineering (Miscellaneous),Engineering, Multidisciplinary,Fluid Flow and Transfer Processes,Instrumentation,Materials Science (Miscellaneous),Materials Science, Multidisciplinary,Physics, Applied,Process Chemistry and Technology
    Privacy policies
    Privacy goals
    Privacy assessment
    Machine learning
    Gdpr
    Química
    Process chemistry and technology
    Physics, applied
    Materials science, multidisciplinary
    Materials science (miscellaneous)
    Materials science (all)
    Materiais
    Instrumentation
    General materials science
    General engineering
    Fluid flow and transfer processes
    Engineering, multidisciplinary
    Engineering (miscellaneous)
    Engineering (all)
    Engenharias ii
    Engenharias i
    Computer science applications
    Ciências biológicas iii
    Ciências biológicas ii
    Ciências biológicas i
    Ciências agrárias i
    Ciência de alimentos
    Chemistry, multidisciplinary
    Biodiversidade
    Astronomia / física
  • Documents:

  • Cerca a google

    Search to google scholar