Automated Detection and Analysis of Data Practices Using A Real-World Corpus
This work addresses the challenge of making privacy policies more accessible to users, though it is incremental as it builds on existing crowd-sourced annotations and methods.
The paper tackles the problem of privacy policies being too long and complex for users to read by proposing an automated approach to identify and visualize data practices within them, demonstrating its effectiveness in simplifying complex policies through accurate matching of descriptions with excerpts.
Privacy policies are crucial for informing users about data practices, yet their length and complexity often deter users from reading them. In this paper, we propose an automated approach to identify and visualize data practices within privacy policies at different levels of detail. Leveraging crowd-sourced annotations from the ToS;DR platform, we experiment with various methods to match policy excerpts with predefined data practice descriptions. We further conduct a case study to evaluate our approach on a real-world policy, demonstrating its effectiveness in simplifying complex policies. Experiments show that our approach accurately matches data practice descriptions with policy excerpts, facilitating the presentation of simplified privacy information to users.