Skip to main content
SpringerLink
Log in

Personalised Privacy Policies

  • Conference paper
  • First Online:
New Trends in Databases and Information Systems (ADBIS 2018)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 909))

Included in the following conference series:

  • 1295 Accesses

Abstract

Internet services have become an important part of the daily life for a large number of people, and often deal with varying amounts of personal information. A privacy policy is a legal document governed by territorial laws that outlines the collection, usage, storage, and sharing of personal data. A known problem with such documents is its ambiguity and difficulty in comprehension for end users. The General Data Protection Regulation (GDPR) requires transparency regarding the provision of such information to the data subject through its various obligations and rights. We propose a remodelling of the privacy policy based on provision of relevant information regarding personal data specific to the user. Such a policy will dynamically reflect the state of activities over personal data using a legal and comprehensive document, and can be used as a tool for the provision of rights and requests from data subjects. We support our discussion with an example use-case of a GDPR-based privacy policy adopted from online services. We present our analysis on identifying changes and our approach towards the representation and creation of such dynamic policies.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    http://www.internetlivestats.com/total-number-of-websites/.

  2. 2.

    https://usableprivacy.org/.

  3. 3.

    https://www.airbnb.ie/terms/privacy_policy.

  4. 4.

    https://twitter.com/en/privacy.

  5. 5.

    https://opengogs.adaptcentre.ie/harsh/privacy-policy-dashboard/.

  6. 6.

    https://openscience.adaptcentre.ie/projects/privacy-policy/personalise/.

  7. 7.

    https://www.w3.org/TR/microdata/.

  8. 8.

    https://www.w3.org/TR/rdfa-primer/.

  9. 9.

    http://schema.org/.

  10. 10.

    http://www.w3.org/TR/prov-o/.

  11. 11.

    http://purl.org/net/p-plan.

  12. 12.

    http://jinja.pocoo.org/.

  13. 13.

    https://www.w3.org/TR/sparql11-query/.

References

  1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Official Journal of the European Union L119, 1–88, May 2016. http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=OJ:L:2016:119:TOC

  2. Ammar, W., Wilson, S., Sadeh, N., Smith, N.A.: Automatic categorization of privacy policies: a pilot study (2012). http://repository.cmu.edu/lti/199/

  3. Bhatia, J., Breaux, T.D.: A data purpose case study of privacy policies. In: 2017 IEEE 25th International Requirements Engineering Conference (RE), pp. 394–399. IEEE (2017)

    Google Scholar 

  4. Bier, C., Kühne, K., Beyerer, J.: PrivacyInsight: the next generation privacy dashboard. In: Schiffner, S., Serna, J., Ikonomou, D., Rannenberg, K. (eds.) APF 2016. LNCS, vol. 9857, pp. 135–152. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-44760-5_9

    Chapter  Google Scholar 

  5. Esayas, S., Mahler, T., McGillivray, K.: Is a picture worth a thousand terms? Visualising contract terms and data protection requirements for cloud computing users. In: Casteleyn, S., Dolog, P., Pautasso, C. (eds.) ICWE 2016. LNCS, vol. 9881, pp. 39–56. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-46963-8_4

    Chapter  Google Scholar 

  6. Fabian, B., Ermakova, T., Lentz, T.: Large-scale readability analysis of privacy policies. In: Proceedings of the International Conference on Web Intelligence, WI 2017, pp. 18–25. ACM, New York (2017). https://doi.org/10.1145/3106426.3106427

  7. Fawaz, H.H.K., Schaub, R.L.F., Karl, K.G.S.: Polisis: automated analysis and presentation of privacy policies using deep learning. Technical report, EPFL (2017). https://pribot.org/files/Polisis_Technical_Report.pdf

  8. Jensen, C., Potts, C.: Privacy policies as decision-making tools: an evaluation of online privacy notices. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI 2004, pp. 471–478. ACM, New York (2004). https://doi.org/10.1145/985692.985752

  9. Oltramari, A., et al.: PrivOnto: a semantic framework for the analysis of privacy policies. Semant. Web 9(2), 185–203 (2018). https://doi.org/10.3233/SW-170283

  10. Pandit, H.J., Fatema, K., O’Sullivan, D., Lewis, D.: GDPRtEXT - GDPR as a linked data resource. ESWC 2018. LNCS, vol. 10843, pp. 481–495. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-93417-4_31

    Chapter  Google Scholar 

  11. Pandit, H.J., Lewis, D.: Modelling provenance for GDPR compliance using linked open data vocabularies. In: Proceedings of the 5th Workshop on Society, Privacy and the Semantic Web - Policy and Technology (PrivOn2017) (PrivOn) (2017). http://ceur-ws.org/Vol-1951/#paper-06

  12. Rossi, A., Palmirani, M.: A visualization approach for adaptive consent in the european data protection framework. In: 2017 Conference for E-Democracy and Open Government (CeDEM), pp. 159–170, May 2017. https://doi.org/10.1109/CeDEM.2017.23

  13. Tesfay, W.B., Hofmann, P., Nakamura, T., Kiyomoto, S., Serna, J.: I read but don’t agree: privacy policy benchmarking using machine learning and the EU GDPR. In: WWW 2018 Companion Proceedings of the Web Conference 2018, pp. 163–166. International World Wide Web Conferences Steering Committee, Republic and Canton of Geneva, Switzerland (2018). https://doi.org/10.1145/3184558.3186969

  14. Tesfay, W.B., Hofmann, P., Nakamura, T., Kiyomoto, S., Serna, J.: PrivacyGuide: towards an implementation of the EU GDPR on internet privacy policy evaluation. In: Proceedings of the Fourth ACM International Workshop on Security and Privacy Analytics, IWSPA 2018, pp. 15–21. ACM, New York (2018). https://doi.org/10.1145/3180445.3180447

  15. Wilson, S., et al.: The creation and analysis of a website privacy policy corpus. In: Proceedings of the 54th Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers), pp. 1330–1340. Association for Computational Linguistics, Berlin, Germany, August 2016. http://www.aclweb.org/anthology/P16-1126

Download references

Acknowledgements

This work is supported by the ADAPT Centre for Digital Content Technology which is funded under the SFI Research Centres Programme (Grant 13/RC/2106) and is co-funded under the European Regional Development Fund.

Author information

Authors and Affiliations

  1. ADAPT Centre, Trinity College Dublin, Dublin, Ireland

    Harshvardhan Jitendra Pandit, Declan O’Sullivan & Dave Lewis

Authors
  1. Harshvardhan Jitendra Pandit
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Declan O’Sullivan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dave Lewis
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Harshvardhan Jitendra Pandit .

Editor information

Editors and Affiliations

  1. Eötvös Loránd University, Budapest, Hungary

    András Benczúr

  2. Abt. Informatik, Universität Kiel, Kiel, Germany

    Bernhard Thalheim

  3. Eötvös Loránd University, Budapest, Hungary

    Tomáš Horváth

  4. Politecnico di Torino, Turin, Italy

    Silvia Chiusano

  5. Polytechnic University of Turin, Turin, Italy

    Tania Cerquitelli

  6. Hungarian Academy of Sciences, Budapest, Hungary

    Csaba Sidló

  7. University of Nebraska–Lincoln, Lincoln, NE, USA

    Peter Z. Revesz

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Pandit, H.J., O’Sullivan, D., Lewis, D. (2018). Personalised Privacy Policies. In: Benczúr, A., et al. New Trends in Databases and Information Systems. ADBIS 2018. Communications in Computer and Information Science, vol 909. Springer, Cham. https://doi.org/10.1007/978-3-030-00063-9_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-00063-9_14

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-00062-2

  • Online ISBN: 978-3-030-00063-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation