PrivOnto: A semantic framework for the analysis of privacy policies

Oltramari, Alessandro; Piraviperumal, Dhivya; Schaub, Florian; Wilson, Shomir; Cherivirala, Sushain; Norton, Thomas B.; Russell, N. Cameron; Story, Peter; Reidenberg, Joël R.; Sadeh, Norman

doi:10.3233/sw-170283

Cited by 70 publications

(62 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Prescriptive approaches towards communicating privacy information (Kelley et al, 2009;Micheti et al, 2010;Cranor, 2003) have not been widely adopted by industry. Recently, there have been significant research effort devoted to understanding privacy policies by leveraging NLP techniques Oltramari et al, 2017;Mysore Sathyendra et al, 2017;, especially by identifying specific data practices within a privacy policy. We adopt a personalized approach to understanding privacy policies, that allows users to query a document and selectively explore content salient to them.…”

Section: Related Workmentioning

confidence: 99%

Question Answering for Privacy Policies: Combining Computational and Legal Perspectives

Ravichander¹,

Black²,

Wilson³

et al. 2019

Proceedings of the 2019 Conference on Empirical Methods in Natural Language Processing and the 9th International Joint Conferen

Self Cite

View full text Add to dashboard Cite

Privacy policies are long and complex documents that are difficult for users to read and understand, and yet, they have legal effects on how user data is collected, managed and used. Ideally, we would like to empower users to inform themselves about issues that matter to them, and enable them to selective explore those issues. We present PRIVA-CYQA, a corpus consisting of 1750 questions about the privacy policies of mobile applications, and over 3500 expert annotations of relevant answers. We observe that a strong neural baseline underperforms human performance by almost 0.3 F1 on PRIVACYQA, suggesting considerable room for improvement for future systems. Further, we use this dataset to shed light on challenges to question answerability, with domain-general implications for any question answering system. The PRIVACYQA corpus offers a challenging corpus for question answering, with genuine real-world utility.

show abstract

Section: Related Workmentioning

confidence: 99%

Question Answering for Privacy Policies: Combining Computational and Legal Perspectives

Ravichander¹,

Black²,

Wilson³

et al. 2019

Proceedings of the 2019 Conference on Empirical Methods in Natural Language Processing and the 9th International Joint Conferen

Self Cite

View full text Add to dashboard Cite

show abstract

“…Those works strongly relate to the idea of making policies understandable to the consumers of data and information services, with Semantic Web technologies having a role to play in the task of Policy Interpretation. Works such as [32] and [6] specifically address this task in the context of privacy policies, while for IP policies, current works remain limited to usage monitoring. In addition to the challenging issue of Usage Monitoring, the problem of Compatibility testing has been addressed by combining deontic logic and Semantic Web technologies and languages [21].…”

Section: Work With a Strong Focus On Policiesmentioning

confidence: 99%

“…To do that, we create a corpus of papers and articles that directly address one or more of those aspects. We start with the works published in the Special Issue of the Semantic Web Journal on Security, Privacy and Policies (for which this article acts as editorial), namely: -PrivOnto: a Semantic Framework for the Analysis of Privacy Policies [32], which presents an ontology for annotating privacy policies for the purpose of supporting users in understanding and interpreting them. -Reasoning with Data Flows and Policy Propagation Rules [11], which proposes a framework for reasoning upon the propagation of data reuse and redistribution policies (especially data licences) across the workflows that manipulate them.…”

Section: Collection: Existing Work Around Semantic Web Security Primentioning

confidence: 99%

See 1 more Smart Citation

Privacy, security and policies: A review of problems and solutions with semantic web technologies

Kirrane

Villata

d’Aquin

2018

View full text Add to dashboard Cite

Abstract. Semantic Web technologies aim to simplify the distribution, sharing and exploitation of information and knowledge, across multiple distributed actors on the Web. As with all technologies that manipulate information, there are privacy and security implications, and data policies (e.g., licenses and regulations) that may apply to both data and software artifacts. Additionally, semantic web technologies could contribute to the more intelligent and flexible handling of privacy, security and policy issues, through supporting information integration and sense-making. In order to better understand the scope of existing work on this topic we examine 78 articles from dedicated venues, including this special issue, the PrivOn workshop series, two SPOT workshops, as well as the broader literature that connects the Semantic Web research domain with issues relating to privacy, security and/or policies. Specifically, we classify each paper according to three taxonomies (one for each of the aforementioned areas), in order to identify common trends and research gaps. We conclude by summarising the strong focus on relevant topics in Semantic Web research (e.g. information collection, information processing, policies and access control), and by highlighting the need to further explore under-represented topics (e.g., malware detection, fraud detection, and supporting policy validation by data consumers).

show abstract

“…Oltramari A et al [20] introduce PrivOnto, a semantic framework to represent annotated privacy policies, represent issues identified as critical to users and/or legal experts. Wei She et al [21] focused on access control validation at composition time, which may be used to control the service providers accessing the user's private data.…”

Section: Analysis and Verification Of Privacy Requirementmentioning

confidence: 99%

Composite Service-Oriented Minimum Privacy Disclosure Method

Ke¹,

Huang²,

Liu³

2018

dtcse

View full text Add to dashboard Cite

Service composition has become a main application to satisfy user functional requirements. To assure user privacy information not being disclosed, using the user minimum privacy data set when providing application, is a research focus of privacy enhancement technology in the process of service composition. In this paper, first, we describe and discrete the continuous privacy data. Second, through privacy sensitive analysis and service availability analysis, we obtain the minimum privacy disclosure data set to protect user privacy information. In the end, we prove the feasibility and correctness of our method with case study.

show abstract

PrivOnto: A semantic framework for the analysis of privacy policies

Cited by 70 publications

References 35 publications

Question Answering for Privacy Policies: Combining Computational and Legal Perspectives

Question Answering for Privacy Policies: Combining Computational and Legal Perspectives

Privacy, security and policies: A review of problems and solutions with semantic web technologies

Composite Service-Oriented Minimum Privacy Disclosure Method

Contact Info

Product

Resources

About