Privacy Policies Across the Ages: Content and Readability of Privacy Policies 1996--2021

• URL: http://arxiv.org/abs/2201.08739v1
• Date: Fri, 21 Jan 2022 15:13:02 GMT
• Title: Privacy Policies Across the Ages: Content and Readability of Privacy Policies 1996--2021
• Authors: Isabel Wagner
• Abstract summary: We analyze the 25-year history of privacy policies using methods from transparency research, machine learning, and natural language processing. We collect a large-scale longitudinal corpus of privacy policies from 1996 to 2021. Our results show that policies are getting longer and harder to read, especially after new regulations take effect.
• Score: 1.5229257192293197
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: It is well-known that most users do not read privacy policies, but almost all users tick the box to agree with them. In this paper, we analyze the 25-year history of privacy policies using methods from transparency research, machine learning, and natural language processing. Specifically, we collect a large-scale longitudinal corpus of privacy policies from 1996 to 2021 and analyze the length and readability of privacy policies as well as their content in terms of the data practices they describe, the rights they grant to users, and the rights they reserve for their organizations. We pay particular attention to changes in response to recent privacy regulations such as the GDPR and CCPA. Our results show that policies are getting longer and harder to read, especially after new regulations take effect, and we find a range of concerning data practices. Our results allow us to speculate why privacy policies are rarely read and propose changes that would make privacy policies serve their readers instead of their writers.

Related papers

• PrivacyLens: Evaluating Privacy Norm Awareness of Language Models in Action [54.11479432110771]
  PrivacyLens is a novel framework designed to extend privacy-sensitive seeds into expressive vignettes and further into agent trajectories. We instantiate PrivacyLens with a collection of privacy norms grounded in privacy literature and crowdsourced seeds. State-of-the-art LMs, like GPT-4 and Llama-3-70B, leak sensitive information in 25.68% and 38.69% of cases, even when prompted with privacy-enhancing instructions.
  arXiv  Detail & Related papers  (2024-08-29T17:58:38Z)
• The Privacy Policy Permission Model: A Unified View of Privacy Policies [0.5371337604556311]
  A privacy policy is a set of statements that specifies how an organization gathers, uses, discloses, and maintains a client's data. Most privacy policies lack a clear, complete explanation of how data providers' information is used. We propose a modeling methodology, called the Privacy Policy Permission Model (PPPM), that provides a uniform, easy-to-understand representation of privacy policies.
  arXiv  Detail & Related papers  (2024-03-26T06:12:38Z)
• PLUE: Language Understanding Evaluation Benchmark for Privacy Policies in English [77.79102359580702]
  We introduce the Privacy Policy Language Understanding Evaluation benchmark, a multi-task benchmark for evaluating the privacy policy language understanding. We also collect a large corpus of privacy policies to enable privacy policy domain-specific language model pre-training. We demonstrate that domain-specific continual pre-training offers performance improvements across all tasks.
  arXiv  Detail & Related papers  (2022-12-20T05:58:32Z)
• Privacy Explanations - A Means to End-User Trust [64.7066037969487]
  We looked into how explainability might help to tackle this problem. We created privacy explanations that aim to help to clarify to end users why and for what purposes specific data is required. Our findings reveal that privacy explanations can be an important step towards increasing trust in software systems.
  arXiv  Detail & Related papers  (2022-10-18T09:30:37Z)
• Algorithms with More Granular Differential Privacy Guarantees [65.3684804101664]
  We consider partial differential privacy (DP), which allows quantifying the privacy guarantee on a per-attribute basis. In this work, we study several basic data analysis and learning tasks, and design algorithms whose per-attribute privacy parameter is smaller that the best possible privacy parameter for the entire record of a person.
  arXiv  Detail & Related papers  (2022-09-08T22:43:50Z)
• Detecting Compliance of Privacy Policies with Data Protection Laws [0.0]
  Privacy policies are often written in extensive legal jargon that is difficult to understand. We aim to bridge that gap by providing a framework that analyzes privacy policies in light of various data protection laws. By using such a tool, users would be better equipped to understand how their personal data is managed.
  arXiv  Detail & Related papers  (2021-02-21T09:15:15Z)
• Privacy Policies over Time: Curation and Analysis of a Million-Document Dataset [6.060757543617328]
  We develop a crawler that discovers, downloads, and extracts archived privacy policies from the Internet Archive's Wayback Machine. We curated a dataset of 1,071,488 English language privacy policies, spanning over two decades and over 130,000 distinct websites. Our data indicate that self-regulation for first-party websites has stagnated, while self-regulation for third parties has increased but is dominated by online advertising trade associations.
  arXiv  Detail & Related papers  (2020-08-20T19:00:37Z)
• The Challenges and Impact of Privacy Policy Comprehension [0.0]
  This paper experimentally manipulated the privacy-friendliness of an unavoidable and simple privacy policy. Half of our participants miscomprehended even this transparent privacy policy. To mitigate such pitfalls we present design recommendations to improve the quality of informed consent.
  arXiv  Detail & Related papers  (2020-05-18T14:16:48Z)
• A vision for global privacy bridges: Technical and legal measures for international data markets [77.34726150561087]
  Despite data protection laws and an acknowledged right to privacy, trading personal information has become a business equated with "trading oil" An open conflict is arising between business demands for data and a desire for privacy. We propose and test a vision of a personal information market with privacy.
  arXiv  Detail & Related papers  (2020-05-13T13:55:50Z)
• Privacy at Scale: Introducing the PrivaSeer Corpus of Web Privacy Policies [13.09699710197036]
  We create PrivaSeer, a corpus of over one million English language website privacy policies. We show results from readability tests, document similarity, keyphrase extraction, and explored the corpus through topic modeling.
  arXiv  Detail & Related papers  (2020-04-23T13:21:00Z)
• Beyond privacy regulations: an ethical approach to data usage in transportation [64.86110095869176]
  We describe how Federated Machine Learning can be applied to the transportation sector. We see Federated Learning as a method that enables us to process privacy-sensitive data, while respecting customer's privacy.
  arXiv  Detail & Related papers  (2020-04-01T15:10:12Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.