Papers
Topics
Authors
Recent
Search
2000 character limit reached

A BERT-based Empirical Study of Privacy Policies' Compliance with GDPR

Published 9 Jul 2024 in cs.CR and cs.AI | (2407.06778v1)

Abstract: Since its implementation in May 2018, the General Data Protection Regulation (GDPR) has prompted businesses to revisit and revise their data handling practices to ensure compliance. The privacy policy, which serves as the primary means of informing users about their privacy rights and the data practices of companies, has been significantly updated by numerous businesses post-GDPR implementation. However, many privacy policies remain packed with technical jargon, lengthy explanations, and vague descriptions of data practices and user rights. This makes it a challenging task for users and regulatory authorities to manually verify the GDPR compliance of these privacy policies. In this study, we aim to address the challenge of compliance analysis between GDPR (Article 13) and privacy policies for 5G networks. We manually collected privacy policies from almost 70 different 5G MNOs, and we utilized an automated BERT-based model for classification. We show that an encouraging 51$\%$ of companies demonstrate a strong adherence to GDPR. In addition, we present the first study that provides current empirical evidence on the readability of privacy policies for 5G network. we adopted readability analysis toolset that incorporates various established readability metrics. The findings empirically show that the readability of the majority of current privacy policies remains a significant challenge. Hence, 5G providers need to invest considerable effort into revising these documents to enhance both their utility and the overall user experience.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (14)
  1. “Privacy policies of tech giants ’still not gdpr-compliant’,” 2018. [Online]. Available: https://www.theguardian.com/technology/2018/jul/05/privacy-policiesfacebook-amazon-google-not-gdpr-compliant.
  2. “General data protection regulation (gdpr),” 2018. [Online]. Available: https://gdpr-info.eu.
  3. “British airways faces record £183m fine for data breach,” 2019. [Online]. Available: https://www.bbc.com/news/business-48905907
  4. “Data protection commission reflects on the first year of the gdpr,” 2019. [Online]. Available: https://www.dataprotection.ie/en/news-media/press-releases/dataprotection-commission-reflects-first-year-gdpr
  5. R. E. Hamdani, M. Mustapha, D. R. Amariles, A. Troussel, S. Meeùs, and K. Krasnashchok, “A combined rule-based and machine learning approach for automated gdpr compliance checking,” in Proceedings of the Eighteenth International Conference on Artificial Intelligence and Law, 2021, pp. 40–49.
  6. D. Torre, G. Soltana, M. Sabetzadeh, L. C. Briand, Y. Auffinger, and P. Goes, “Using models to enable compliance checking against the gdpr: an experience report,” in 2019 ACM/IEEE 22nd International Conference on Model Driven Engineering Languages and Systems (MODELS).   IEEE, 2019, pp. 1–11.
  7. O. Amaral, M. I. Azeem, S. Abualhaija, and L. C. Briand, “Nlp-based automated compliance checking of data processing agreements against gdpr,” IEEE Transactions on Software Engineering, 2023.
  8. A. Aborujilah, A. Z. Al-Othmani, Z. A. Long, N. S. Hussien, and D. A. Ghani, “Conceptual model for automating gdpr compliance verification using natural language approach,” in 2022 International Conference on Intelligent Technology, System and Service for Internet of Everything (ITSS-IoE).   IEEE, 2022, pp. 1–6.
  9. A. Gerl and B. Meier, “The layered privacy language art. 12–14 gdpr extension–privacy enhancing user interfaces,” Datenschutz und Datensicherheit-DuD, vol. 43, pp. 747–752, 2019.
  10. S. Liu, B. Zhao, R. Guo, G. Meng, F. Zhang, and M. Zhang, “Have you been properly notified? automatic compliance analysis of privacy policy text with gdpr article 13,” in Proceedings of the Web Conference 2021, 2021, pp. 2154–2164.
  11. J. Devlin, M.-W. Chang, K. Lee, and K. Toutanova, “Bert: Pre-training of deep bidirectional transformers for language understanding,” arXiv preprint arXiv:1810.04805, 2018.
  12. C. Sun, X. Qiu, Y. Xu, and X. Huang, “How to fine-tune bert for text classification?” in Chinese Computational Linguistics: 18th China National Conference, CCL 2019, Kunming, China, October 18–20, 2019, Proceedings 18.   Springer, 2019, pp. 194–206.
  13. Y. Hao, L. Dong, F. Wei, and K. Xu, “Visualizing and understanding the effectiveness of bert,” arXiv preprint arXiv:1908.05620, 2019.
  14. “Webpagefx inc. readability test tool,” 2017. [Online]. Available: http://www.webpagefx.com/tools/read-able/
Citations (1)
View on Semantic Scholar

Summary

No one has generated a summary of this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Sign Up to Summarize

Paper to Video (Beta)

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Sign Up to Generate

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now

Continue Learning

We haven't generated follow-up questions for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now

Collections

Sign up for free to add this paper to one or more collections.

User Circle Single Streamline Icon: https://streamlinehq.com Sign Up