Detecting Privacy Policies Violations Using Natural Language Inference (NLI) | |
---|---|
Author | |
Abstract |
Privacy Policies - Data privacy laws like the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) provide guidelines for collecting personal information from individuals and processing it. These frameworks also require service providers to inform their customers on how clients data is gathered, used, protected, and shared with other parties. A privacy policy is a legal document used by service providers to inform users about how their personal information is collected, stored, and shared with other parties. It is expected that the privacy policies adhere to the data privacy regulations. However, it has been observed that some policies may deviate from the practices recommended by data protection regulations. Detecting instances where a policy may violate a certain regulation is quite challenging because the privacy policy text is long and complex, and there are numerous regulations. To address this problem, we have designed an approach to automatically detect whether a policy violates the articles of GDPR. This paper demonstrates how we have used Natural Language Inference (NLI) tasks to compare privacy content against the GDPR to detect privacy policies text in violation of GDPR. We provide two designs using the Stanford Natural Language Inference (SNLI) and the Multi-Genre Natural Language Inference (MultiNLI) datasets. The results from both designs are promising as our approach detected the deviations with 76\% accuracy. |
Year of Publication |
2022
|
Date Published |
dec
|
Publisher |
IEEE
|
Conference Location |
Gold Coast, Australia
|
ISBN Number |
978-1-66545-305-9
|
URL |
https://ieeexplore.ieee.org/document/10089347/
|
DOI |
10.1109/CSDE56538.2022.10089347
|
Google Scholar | BibTeX | DOI |