31 Hits in 7.1 sec

Polisis: Automated Analysis and Presentation of Privacy Policies Using Deep Learning [article]

Hamza Harkous, Kassem Fawaz, Rémi Lebret, Florian Schaub, Kang G. Shin, Karl Aberer
2018 arXiv   pre-print
To address these hurdles, we propose an automated framework for privacy policy analysis (Polisis). It enables scalable, dynamic, and multi-dimensional queries on natural language privacy policies.  ...  The structured querying application is the automated assignment of privacy icons from privacy policies. With Polisis, we can achieve an accuracy of 88.4% on this task.  ...  Acknowledgements This research was partially funded by the Wisconsin Alumni Research Foundation and the US National Science Foundation under grant agreements CNS-1330596 and CNS-1646130.  ... 
arXiv:1802.02561v2 fatcat:klllbabgvncu5p3z77ko7yqp74

A Comparative Study of Sequence Classification Models for Privacy Policy Coverage Analysis [article]

Zachary Lindner
2020 arXiv   pre-print
Our solution to this problem is to provide users with a coverage analysis of a given website's privacy policy using a wide range of classical machine learning and deep learning techniques.  ...  Privacy policies are legal documents that describe how a website will collect, use, and distribute a user's data.  ...  Conclusion and Future Work In the present work, we compared various classical and deep learning approaches for the purpose of coverage analysis of privacy policies.  ... 
arXiv:2003.04972v1 fatcat:o6yzzauxjrbo3adgzugr6d4xbu

OVRseen: Auditing Network Traffic and Privacy Policies in Oculus VR [article]

Rahmadi Trimananda, Hieu Le, Hao Cui, Janice Tran Ho, Anastasia Shuba, Athina Markopoulou
2021 arXiv   pre-print
Furthermore, we extracted additional context from the privacy policies, and we observed that 69% of the data flows were used for purposes unrelated to the core functionality of apps.  ...  networking and privacy policy perspective.  ...  We would also like to thank Yiyu Qian, for his help with part of our data collection process.  ... 
arXiv:2106.05407v4 fatcat:enthbzv2qvaovpwivnnqvkrkni

Mobile Mental Health Apps: Alternative Intervention or Intrusion? [article]

Shalini Saini, Dhiral Panjwani, Nitesh Saxena
2022 arXiv   pre-print
We conducted a multifold study of - 1) Privacy Policies (Manually and with Polisis, an automated framework to evaluate privacy policies); 2) App permissions; 3) Static Analysis for inherent security issues  ...  However, it also raises significant concerns with sensitive information leakage.The absence of a transparent privacy policy and lack of user awareness may pose a significant threat to undermining the applicability  ...  We extended the Manual Analysis of privacy policies by analyzing HP apps through automated online Deep Learning (DL) framework Polisis.  ... 
arXiv:2206.10728v2 fatcat:lzeb3i476zf53gf6cfpdnwdcbe

On The Ridiculousness of Notice and Consent: Contradictions in App Privacy Policies

Ehimare Okoyomon, Nikita Samarin, Primal Wijesekera, Amit Elazari Bar On, Narseo Vallina-Rodriguez, Álvaro Feal, Serge Egelman
2019 Zenodo  
Through analysis of 68,051 apps from the Google Play Store, their corresponding privacy policies, and observed data transmissions, we investigated the potential misrepresentations of apps in the Designed  ...  By comparing actual collection and sharing practices to disclosures in privacy policies, we demonstrate the scope of the problem.  ...  Polisis: One such service that enables automatic analysis of privacy policies is Polisis [18] .  ... 
doi:10.5281/zenodo.3441956 fatcat:rcfs7zw7djhbppmffgmyagjm3i

Automated Detection of GDPR Disclosure Requirements in Privacy Policies using Deep Active Learning [article]

Tamjid Al Rahat, Tu Le, Yuan Tian
2021 arXiv   pre-print
However, most privacy policies are verbose, full of jargon, and vaguely describe companies' data practices and users' rights. Therefore, it is unclear if they comply with GDPR.  ...  In this paper, we create a privacy policy dataset of 1,080 websites labeled with the 18 GDPR requirements and develop a Convolutional Neural Network (CNN) based model which can classify the privacy policies  ...  Researchers have also performed privacy policy analysis using natural language processing and machine learning. Wilson et al.  ... 
arXiv:2111.04224v1 fatcat:gxvlykihzbb25fog7kmtcmfnre

Towards automated privacy compliance checking of applications in Cloud and Fog environments

Mozhdeh Farhadi, Guillaume Pierre, Daniele Miorandi
2021 2021 8th International Conference on Future Internet of Things and Cloud (FiCloud)  
Second, these signals can be analyzed and compared with the principles found in the application's privacy policy.  ...  We present a procedure based on machinelearning techniques to identify the type of data being shared by applications with external third-parties even if the application uses encrypted communications.  ...  Using deep learning techniques, they developed a tool called Polisis to automatically extract privacy principles from the privacy text with 88.4% of accuracy.  ... 
doi:10.1109/ficloud49777.2021.00010 fatcat:3z3pxpgrpzhxjbi6x5qqupxslm

Semantic Analysis of Contractual Agreements to Support End-User Interpretation

Najmeh Mousavi Nejad
2018 International Conference Knowledge Engineering and Knowledge Management  
The ubiquitous availability of the Internet results in a huge number of apps, software and online services with accompanying contractual agreements in the form of 'terms of use' and 'privacy policy'.  ...  Our approach is based on ontology-based information extraction and machine learning and delivers the unpleasant consent form in a user friendly and visualized format.  ...  Acknowledgments I would like to thank Simon Scerri, Sören Auer and Jens Lehmann for their guidance and fruitful discussions during the development of this doctoral work.  ... 
dblp:conf/ekaw/Nejad18 fatcat:zj2o4y25qrgctgmjt4ilnumnoq

The Force Awakens: Artificial Intelligence for Consumer Law

Marco Lippi, Giuseppe Contissa, Agnieszka Jablonowska, Francesca Lagioia, Hans-Wolfgang Micklitz, Przemyslaw Palka, Giovanni Sartor, Paolo Torroni
2020 The Journal of Artificial Intelligence Research  
AI-powered tools can support a massive-scale automated analysis of textual and audiovisual data, as well as code, for the benefit of consumers and their organizations.  ...  Recent years have been tainted by market practices that continuously expose us, as consumers, to new risks and threats.  ...  For example, the Polisis framework (Harkous et al., 2018) uses convolutional neural networks to run an automated analysis of privacy policies, which enables answering natural language questions.  ... 
doi:10.1613/jair.1.11519 fatcat:7f2fl2kfi5dw7nrqlunumzgg4m

Privacy Policies of IoT Devices: Collection and Analysis

Mikhail Kuznetsov, Evgenia Novikova, Igor Kotenko, Elena Doynikova
2022 Sensors  
The paper also presents the results of the statistical and semantic analysis of the collected privacy policies.  ...  These results could be further used by the researchers when elaborating techniques for analysis of the privacy policies written in natural language targeted to enhance their transparency for the end user  ...  [5] presents the Polisis application, that provides graphical results of privacy policy analysis.  ... 
doi:10.3390/s22051838 pmid:35270993 pmcid:PMC8914639 fatcat:7dw6fmoibndozhailpn4tevqde

Improving Readability of Online Privacy Policies through DOOP: A Domain Ontology for Online Privacy

Dhiren A. Audich, Rozita Dara, Blair Nonnecke
2021 Digital  
Using the ontology to locate key parts of privacy policies, average reading times were substantially reduced from 29 to 32 min to 45 s.  ...  In this paper, a novel approach and a proof-of-concept tool are proposed that reduces the amount of privacy policy text a user has to read.  ...  Conflicts of Interest: The authors declare no conflict of interest.  ... 
doi:10.3390/digital1040015 fatcat:qda3vz3m4zc23m7ht7qowb6g7y

Understanding Malicious Cross-library Data Harvesting on Android

Jice Wang, Yue Xiao, Xueqiang Wang, Yuhong Nan, Luyi Xing, Xiaojing Liao, Jinwei Dong, Nicolás Serrano, Haoran Lu, XiaoFeng Wang, Yuqing Zhang
2021 USENIX Security Symposium  
Using a methodology that incorporates semantic analysis on an SDK's Terms of Services (ToS, which describes restricted data access and sharing policies) and code analysis on cross-library interactions,  ...  using C2 server to schedule data exfiltration) and significant impacts.  ...  The authors of Indiana University are supported in part by Indiana University FRSP-SF and NSF CNS-1618493, 1801432 and 1838083.  ... 
dblp:conf/uss/WangXWNXLDSL0Z21 fatcat:shna4yft3nhcxn76hpitmzpihi

Privacy and Trust in eHealth: A Fuzzy Linguistic Solution for Calculating the Merit of Service

Pekka Ruotsalainen, Bernd Blobel, Seppo Pohjolainen
2022 Journal of Personalized Medicine  
With the help of heuristic methods and system and literature analysis, a novel proposal to identify trust and privacy attributes focused on eHealth was developed.  ...  Finally, an illustrative example of FAR calculation is presented.  ...  ., researchers have proposed the use of 10 classes for privacy policy analysis; however, in his Polisis solution, 122 privacy classes were used.  ... 
doi:10.3390/jpm12050657 pmid:35629080 pmcid:PMC9147882 fatcat:zq2jswejh5ebfdymuiuolouxpu

Actions Speak Louder than Words: Entity-Sensitive Privacy Policy and Data Flow Analysis with PoliCheck

Benjamin Andow, Samin Yaseer Mahmud, Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, Serge Egelman
2020 USENIX Security Symposium  
To address this limitation in automated analysis, recent work has combined program analysis of applications with analysis of privacy policies to determine the flow-to-policy consistency, and hence violations  ...  We use POLICHECK to study 13,796 applications and their privacy policies and find that up to 42.4% of applications either incorrectly disclose or omit disclosing their privacy-sensitive data flows.  ...  Any findings and opinions expressed in this material are those of the authors and do not necessarily reflect the views of the funding agencies.  ... 
dblp:conf/uss/AndowMWERSE20 fatcat:jxomj4dp3jbihd4s5ef3ucsoki

Can Visual Design Provide Legal Transparency? The Challenges for Successful Implementation of Icons for Data Protection

Arianna Rossi, Monica Palmirani
2020 Design Issues  
Design is a key player in the future of data privacy and data protection.  ...  Third, we provide some tentative responses and indicate a way forward for evaluation of the effectiveness of privacy icons and their widespread adoption.  ...  For instance, Terms of Service; Didn't Read (ToS;DR) uses crowdsourcing to analyze privacy policies and so to provide the visual ratings 68 ; meanwhile, Polisis uses deep learning. 69 Both third-party  ... 
doi:10.1162/desi_a_00605 fatcat:fcd7ry4grbe4nfjf34nvg7jbkm
« Previous Showing results 1 — 15 out of 31 results