当前位置: X-MOL 学术arXiv.cs.CL › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Detecting Compliance of Privacy Policies with Data Protection Laws
arXiv - CS - Computation and Language Pub Date : 2021-02-21 , DOI: arxiv-2102.12362
Ayesha Qamar, Tehreem Javed, Mirza Omer Beg

Privacy Policies are the legal documents that describe the practices that an organization or company has adopted in the handling of the personal data of its users. But as policies are a legal document, they are often written in extensive legal jargon that is difficult to understand. Though work has been done on privacy policies but none that caters to the problem of verifying if a given privacy policy adheres to the data protection laws of a given country or state. We aim to bridge that gap by providing a framework that analyzes privacy policies in light of various data protection laws, such as the General Data Protection Regulation (GDPR). To achieve that, firstly we labeled both the privacy policies and laws. Then a correlation scheme is developed to map the contents of a privacy policy to the appropriate segments of law that a policy must conform to. Then we check the compliance of privacy policy's text with the corresponding text of the law using NLP techniques. By using such a tool, users would be better equipped to understand how their personal data is managed. For now, we have provided a mapping for the GDPR and PDPA, but other laws can easily be incorporated in the already built pipeline.

中文翻译:

检测隐私策略是否符合数据保护法

隐私政策是描述组织或公司在处理其用户个人数据时所采用的做法的法律文件。但是,由于政策是法律文件,因此通常以难以理解的广泛法律术语写成。尽管已经完成了有关隐私策略的工作,但没有一项工作能满足验证给定隐私策略是否符合给定国家或地区的数据保护法律的问题。我们旨在通过提供一种框架来弥合这种差距,该框架可以根据各种数据保护法律(例如,通用数据保护条例(GDPR))来分析隐私政策。为此,我们首先标记了隐私政策和法律。然后,开发一种关联方案以将隐私策略的内容映射到策略必须遵守的法律的适当部分。然后,我们使用NLP技术检查隐私政策文本是否与法律的相应文本相符。通过使用这样的工具,用户将更好地了解自己的个人数据是如何管理的。目前,我们已经为GDPR和PDPA提供了映射,但其他法律也可以轻松地纳入已经建立的管道中。
更新日期:2021-02-25
down
wechat
bug