nach oben

Erschienen in:

2018 | OriginalPaper | Buchkapitel

KnIGHT: Mapping Privacy Policies to GDPR

verfasst von : Najmeh Mousavi Nejad, Simon Scerri, Jens Lehmann

Erschienen in: Knowledge Engineering and Knowledge Management

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Although the use of apps and online services comes with accompanying privacy policies, a majority of end-users ignore them due to their length, complexity and unappealing presentation.pite the potential risks. In light of the, now enforced EU-wide, General Data Protection Regulation (GDPR) we present an automatic technique for mapping privacy policies excerpts to relevant GDPR articles so as to support average users in understanding their usage risks and rights as a data subject. KnIGHT (Know your rIGHTs), is a tool that finds candidate sentences in a privacy policy that are potentially related to specific articles in the GDPR. The approach employs semantic text matching in order to find the most appropriate GDPR paragraph, and to the best of our knowledge is one of the first automatic attempts of its kind applied to a company’s policy. Our evaluation shows that on average between 70–90% of the tool’s automatic mappings are at least partially correct, meaning that the tool can be used to significantly guide human comprehension. Following this result, in the future we will utilize domain-specific vocabularies to perform a deeper semantic analysis and improve the results further.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel A Semantic Use Case Simulation Framework for Training Machine Learning Algorithms

Nächstes Kapitel Automating Class/Instance Representational Choices in Knowledge Bases

https://www.theguardian.com/technology/2015/feb/23/facebooks-privacy-policy-breaches-european-law-report-finds.

https://www.bbc.com/news/technology-41634617.

https://gdpr-info.eu/.

http://www.grctc.com/.

http://www.omg.org/.

https://www.omg.org/spec/SBVR.

https://www.omg.org/spec/EDMC-FIBO/FND/.

https://www.researchgate.net/privacy-policy.

http://www.unileverprivacypolicy.com/en_gb/policy.aspx.

https://usableprivacy.org/.

https://pribot.org/polisis.

https://s3.amazonaws.com/dl4j-distribution/GoogleNews-vectors-negative300.bin.gz.

https://gate.ac.uk/projects/neon/termraider.html.

https://www.ryanair.com/gb/en/corporate/privacy-policy.

http://eur-lex.europa.eu/legal-content/EN/TXT/?qid=1525876803065&uri=CELEX:32002L0058.

https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=COM:2017:0010:FIN.

Although we strived to increase the number of evaluators, it was notably hard to find legal experts that agreed to participate in this voluntary task.

Deeplearning4j: Open-source distributed deep learning for the JVM Apache Software Foundation License 2.0 (2015). http://deeplearning4j.org/word2vec.html

Acquisti, A., Grossklags, J.: Privacy and rationality in individual decision making. IEEE Secur. Priv. 3(1), 26–33 (2005). https://doi.org/10.1109/MSP.2005.22CrossRef

Alzahrani, S., Salim, N., Abraham, A.: Understanding plagiarism linguistic patterns, textual features, and detection methods. IEEE Trans. Syst. Man Cybern. Part C (Appl. Rev.) 42, 133–149 (2012)CrossRef

Bartolini, C., Muthuri, R.: Reconciling data protection rights and obligations: an ontology of the forthcoming EU regulation. In: Proceedings of the Workshop on Language and Semantic Technology for Legal Domain (LST4LD) (2015)

Breaux, T.D., Vail, M.W., Anton, A.I.: Towards regulatory compliance: Extracting rights and obligations to align requirements with regulations. In: Proceedings of the 14th IEEE International Requirements Engineering Conference, pp. 46–55. RE 2006. IEEE Computer Society, Washington, DC (2006). https://doi.org/10.1109/RE.2006.68

Cohen, J.M.: Weighted kappa: nominal scale agreement with provision for scaled disagreement or partial credit. Psychol. Bull. 70(4), 213–20 (1968)CrossRef

Costante, E., Sun, Y., Petković, M., den Hartog, J.: A machine learning solution to assess privacy policy completeness: (short paper). In: Proceedings of the 2012 ACM Workshop on Privacy in the Electronic Society, pp. 91–96. WPES 2012. ACM, New York (2012). https://doi.org/10.1145/2381966.2381979

Cranor, L.F., Guduru, P., Arjula, M.: User interfaces for privacy agents. ACM Trans. Comput.-Hum. Interact. 13(2), 135–178 (2006). https://doi.org/10.1145/1165734.1165735CrossRef

Cunningham, H., Maynard, D., Tablan, V.: JAPE: a Java Annotation Patterns Engine (Second Edition). Research Memorandum CS-00-10, Department of Computer Science, University of Sheffield (November 2000). http://www.dcs.shef.ac.uk/~diana/Papers/jape.ps

10.

Fleiss, J.L.: Measuring agreement between two judges on the presence or absence of a trait. Biometrics 31(3), 651–659 (1975). http://www.jstor.org/stable/2529549MathSciNetCrossRef

11.

Guntamukkala, N., Dara, R., Grewal, G.W.: A machine-learning based approach for measuring the completeness of online privacy policies. In: 2015 IEEE 14th International Conference on Machine Learning and Applications (ICMLA), pp. 289–294 (2015)

12.

Harkous, H., Fawaz, K., Lebret, R., Schaub, F., Shin, K.G., Aberer, K.: Polisis: automated analysis and presentation of privacy policies using deep learning. CoRR abs/1802.02561 (2018)

13.

Hripcsak, G., Heitjan, D.: Measuring agreement in medical informatics reliability studies. J. Biomed. Inform. 35(2), 99–110 (2002). https://doi.org/10.1016/S1532-0464(02)00500-2CrossRef

14.

Hripcsak, G., Rothschild, A.S.: Agreement, the F-Measure, and Reliability in Information Retrieval. JAMIA 12(3), 296–298 (2005). https://doi.org/10.1197/jamia.M1733CrossRef

15.

Jensen, C., Potts, C., Jensen, C.: Privacy practices of internet users: self-reports versus observed behavior. Int. J. Hum.-Comput. Stud. 63(1–2), 203–227 (2005). https://doi.org/10.1016/j.ijhcs.2005.04.019CrossRef

16.

Kenter, T., Borisov, A., de Rijke, M.: Siamese CBOW: optimizing word embeddings for sentence representations. CoRR abs/1606.04640 (2016). http://arxiv.org/abs/1606.04640

17.

Obar, J.A., Oeldorf-Hirsch, A.: The biggest lie on the internet: Ignoring the privacy policies and terms of service policies of social networking services. Inf. Commun. Soc. (2018). https://doi.org/10.1080/1369118X.2018.1486870

18.

Pandit, H.J., Lewis, D., O’Sullivan, D.: Gdprtext - gdpr as a linked data resource, January 2018. https://doi.org/10.5281/zenodo.1146351

19.

Wilson, S., et al.: The creation and analysis of a website privacy policy corpus. In: ACL (2016)

20.

Zeni, N., Kiyavitskaya, N., Mich, L., Cordy, J.R., Mylopoulos, J.: Gaiust: supporting the extraction of rights and obligations for regulatory compliance. Requir. Eng. 20(1), 1–22 (2015). https://doi.org/10.1007/s00766-013-0181-8CrossRef

Titel: KnIGHT: Mapping Privacy Policies to GDPR
verfasst von: Najmeh Mousavi Nejad
Simon Scerri
Jens Lehmann
Verlag: Springer International Publishing
Buch: Knowledge Engineering and Knowledge Management
Print ISBN: 978-3-030-03666-9

Electronic ISBN: 978-3-030-03667-6

Copyright-Jahr: 2018
DOI: https://doi.org/10.1007/978-3-030-03667-6_17

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"