Content Analysis of Privacy Policies Before and After GDPR

Bateni, Nastaran; Kaur, Jasmin; Dara, Rozita; Song, Fei

doi:10.1109/pst55820.2022.9851983

Cited by 4 publications

(5 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…GDPR also mandates transparency for these policies. We compared our results with the findings of [27] and noted that the FDLAs have extremely large sentence lengths. Generally, lengthy sentences can be difficult to understand [42].…”

Section: Text Feature Analysismentioning

confidence: 76%

“…Despite the effort, there have been no attempts to investigate, analyze, and understand how FDLAs are written and whether they satisfy recommended practices. On the other hand, online privacy policies have been the subject of attention in recent years [25][26][27]. Kaur et al analyzed privacy policies from diverse corpora of policies which included health, financial, and other application domains and policies from different countries including Canada, USA, and Europe.…”

Section: Related Workmentioning

confidence: 99%

“…The authors concluded that the privacy policies are long, hard to read, and lack transparency in some areas such as tracking cookies and data sharing with third parties [28]. Bateni compared the privacy policies before and after the General Data Protection Regulation (GDPR) [24,27,29]. The authors concluded that GDPR enforcement helped in improving the content of privacy policies, however, many policies did not satisfy the GDPR requirements for these legal documents.…”

Section: Related Workmentioning

confidence: 99%

“…It is noted that the average number of sentences in the data agreements is around 122 with 26 the average number of words in the sentence. We compared our results with the results of [27] where the authors analyzed and compared data agreements before and after the GDPR was established (Table 7). The GDPR came into effect on 25 May 2018 and had a significant impact on the content of online privacy policies.…”

Section: Text Feature Analysismentioning

confidence: 99%

See 3 more Smart Citations

Analysis of Farm Data License Agreements: Do Data Agreements Adequately Reflect on Farm Data Practices and Farmers’ Data Rights?

Kaur,

Dara

2023

Agriculture

Self Cite

View full text Add to dashboard Cite

Farm data license agreements are legal documents that play an important role in informing farmers about farm data processing practices such as collection, use, safeguarding, and sharing. These legal documents govern the exchange, access, and dissemination of farm data and are expected to provide legal protection against misuse of data. Despite their significant influence on farm data processing and governance, there is limited understanding of the content of farm data license agreements and standards for drafting them. Although online privacy policy content has been extensively studied, farm data agreements’ evaluation and analysis have been overlooked. This study aims to investigate the structure, content, and transparency of farm data licenses. We collected 141 agricultural terms of use agreements and used natural language processing methods such as keyword and keyphrase analysis to perform text feature analysis, Flesch Readability Ease Score and Flesch Grade Level readability analysis, transparency analysis, and content analysis to gain insight into common data practices adopted by the agriculture technology providers. We also manually reviewed these agreements to validate the results and strengthen the observations. The findings show that data agreements are long, complex, and difficult to read and comprehend. The results suggest that 95% of the agreements fall under the difficult-to-read category and close to 75% of the policies require university-level education to understand the content. Furthermore, it is noted that some of the data management practices are not given adequate attention and are not as frequently mentioned in the agreements as expected. Finally, our analysis enabled us to provide recommendations on the content of farm data license agreements and strategies to improve them.

show abstract

Section: Text Feature Analysismentioning

confidence: 76%

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Text Feature Analysismentioning

confidence: 99%

See 2 more Smart Citations

Analysis of Farm Data License Agreements: Do Data Agreements Adequately Reflect on Farm Data Practices and Farmers’ Data Rights?

Kaur,

Dara

2023

Agriculture

Self Cite

View full text Add to dashboard Cite

show abstract

“…When new privacy regulations such as the GDPR and CCPA became enforceable, companies updated their privacy policies to comply with new transparency requirements and inform customers about their data rights [15]. Techniques used by privacy researchers to identify updates in online privacy policies include statistical analysis of text features such as changes in sentence, word, and syllable counts [7,44] or hashing of sentences and measuring their number of changes [15]. Approaches to measuring content change, such as changes in data retention in privacy policies, include machine learning and deep learning classifiers [44] or searching for keywords related to the enforced privacy regulation [4,15,76].…”

Section: Introductionmentioning

confidence: 99%

A Bilingual Longitudinal Analysis of Privacy Policies Measuring the Impacts of the GDPR and the CCPA/CPRA

Hosseini,

Utz,

Degeling

et al. 2024

PoPETs

View full text Add to dashboard Cite

Privacy policies are the main mechanism for websites to describe their practices in collecting and processing visitors' personal data. Their format and content are subject to legal requirements that have changed due to recent new privacy regulations including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and California Privacy Rights Act (CPRA). Studying how privacy policies are adapted to such regulatory change can help identify shortcomings in implementing the law and inform future legislatory initiatives. Existing work in this area mostly studied effects of the GDPR on privacy policies or the "Do Not Sell My Personal Information" link mandated by the CCPA. Methodologically, insights were mainly drawn from English-language privacy policies using keyword-based analyses or machine learning classifiers. In this work, we address this research gap and conduct a bilingual study of privacy policies in English and German that investigates the effects of the GDPR and CCPA/CPRA on privacy policy content, using established methods from corpus linguistics that are language-independent and do not rely on keyword lists or classifiers that may date quickly. We find that, unlike for the GDPR, the CCPA's requirements were not yet widely implemented when it first became enforceable but only with its amendment, the CPRA. Before that, websites used more than 60 variants of the "Do Not Sell" link instead of the mandated wording and did not prominently reference individual rights granted by the CCPA/CPRA. While companies outside California and the US did adapt their disclosures to the CCPA/CPRA, this was limited to English-language policies and did not spill over to policies in German. For GDPR enforcement, we find websites to increasingly rely on legitimate interests to justify data collection, raising concerns whether individuals' interests in the privacy of their personal information are still sufficiently considered.

show abstract

“Our Users' Privacy is Paramount to Us”: A Discourse Analysis of How Period and Fertility Tracking App Companies Address the Roe v Wade Overturn

Song,

Hernandez,

Kou

et al. 2024

Proceedings of the CHI Conference on Human Factors in Computing Systems

View full text Add to dashboard Cite

Content Analysis of Privacy Policies Before and After GDPR

Cited by 4 publications

References 0 publications

Analysis of Farm Data License Agreements: Do Data Agreements Adequately Reflect on Farm Data Practices and Farmers’ Data Rights?

Analysis of Farm Data License Agreements: Do Data Agreements Adequately Reflect on Farm Data Practices and Farmers’ Data Rights?

A Bilingual Longitudinal Analysis of Privacy Policies Measuring the Impacts of the GDPR and the CCPA/CPRA

“Our Users' Privacy is Paramount to Us”: A Discourse Analysis of How Period and Fertility Tracking App Companies Address the Roe v Wade Overturn

Contact Info

Product

Resources

About