The Overview of Privacy Labels and their Compatibility with Privacy Policies

• URL: http://arxiv.org/abs/2303.08213v2
• Date: Tue, 25 Apr 2023 00:09:35 GMT
• Title: The Overview of Privacy Labels and their Compatibility with Privacy Policies
• Authors: Rishabh Khandelwal, Asmit Nayak, Paul Chung and Kassem Fawaz
• Abstract summary: Privacy nutrition labels provide a way to understand an app's key data practices without reading the long and hard-to-read privacy policies. Apple and Google have implemented mandates requiring app developers to fill privacy nutrition labels highlighting their privacy practices.
• Score: 24.871967983289117
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Privacy nutrition labels provide a way to understand an app's key data practices without reading the long and hard-to-read privacy policies. Recently, the app distribution platforms for iOS(Apple) and Android(Google) have implemented mandates requiring app developers to fill privacy nutrition labels highlighting their privacy practices such as data collection, data sharing, and security practices. These privacy labels contain very fine-grained information about the apps' data practices such as the data types and purposes associated with each data type. This provides us with a unique vantage point from which we can understand apps' data practices at scale.

Related papers

• Do Android App Developers Accurately Report Collection of Privacy-Related Data? [5.863391019411233]
  European Union's General Protection Regulation requires vendors to faithfully disclose their apps collect data. Many Android apps use third-party code for same information is not readily available. We first expose a multi-layered definition of privacy-related data correctly report collection in Android apps. We then create a dataset of privacy-sensitive data classes that may be used as input by an Android app.
  arXiv  Detail & Related papers  (2024-09-06T10:05:45Z)
• PrivacyLens: Evaluating Privacy Norm Awareness of Language Models in Action [54.11479432110771]
  PrivacyLens is a novel framework designed to extend privacy-sensitive seeds into expressive vignettes and further into agent trajectories. We instantiate PrivacyLens with a collection of privacy norms grounded in privacy literature and crowdsourced seeds. State-of-the-art LMs, like GPT-4 and Llama-3-70B, leak sensitive information in 25.68% and 38.69% of cases, even when prompted with privacy-enhancing instructions.
  arXiv  Detail & Related papers  (2024-08-29T17:58:38Z)
• Honesty is the Best Policy: On the Accuracy of Apple Privacy Labels Compared to Apps' Privacy Policies [13.771909487087793]
  Apple introduced privacy labels in Dec. 2020 as a way for developers to report the privacy behaviors of their apps. While Apple does not validate labels, they also require developers to provide a privacy policy, which offers an important comparison point. We fine-tuned BERT-based language models to extract privacy policy features for 474,669 apps on the iOS App Store.
  arXiv  Detail & Related papers  (2023-06-29T16:10:18Z)
• Toward the Cure of Privacy Policy Reading Phobia: Automated Generation of Privacy Nutrition Labels From Privacy Policies [19.180437130066323]
  We propose the first framework that can automatically generate privacy nutrition labels from privacy policies. Based on our ground truth applications about the Data Safety Report from the Google Play app store, our framework achieves a 0.75 F1-score on generating first-party data collection practices. We also analyse the inconsistencies between ground truth and curated privacy nutrition labels on the market, and our framework can detect 90.1% under-claim issues.
  arXiv  Detail & Related papers  (2023-06-19T13:33:44Z)
• ATLAS: Automatically Detecting Discrepancies Between Privacy Policies and Privacy Labels [2.457872341625575]
  We introduce the Automated Privacy Label Analysis System (ATLAS) ATLAS identifies possible discrepancies between mobile app privacy policies and their privacy labels. We find that, on average, apps have 5.32 such potential compliance issues.
  arXiv  Detail & Related papers  (2023-05-24T05:27:22Z)
• Crowdsourcing on Sensitive Data with Privacy-Preserving Text Rewriting [9.409281517596396]
  Data labeling is often done on crowdsourcing platforms due to scalability reasons. publishing data on public platforms can only be done if no privacy-relevant information is included. We investigate how removing personally identifiable information (PII) as well as applying differential privacy (DP) rewriting can enable text with privacy-relevant information to be used for crowdsourcing.
  arXiv  Detail & Related papers  (2023-03-06T11:54:58Z)
• Privacy Explanations - A Means to End-User Trust [64.7066037969487]
  We looked into how explainability might help to tackle this problem. We created privacy explanations that aim to help to clarify to end users why and for what purposes specific data is required. Our findings reveal that privacy explanations can be an important step towards increasing trust in software systems.
  arXiv  Detail & Related papers  (2022-10-18T09:30:37Z)
• SPAct: Self-supervised Privacy Preservation for Action Recognition [73.79886509500409]
  Existing approaches for mitigating privacy leakage in action recognition require privacy labels along with the action labels from the video dataset. Recent developments of self-supervised learning (SSL) have unleashed the untapped potential of the unlabeled data. We present a novel training framework which removes privacy information from input video in a self-supervised manner without requiring privacy labels.
  arXiv  Detail & Related papers  (2022-03-29T02:56:40Z)
• Analysis of Longitudinal Changes in Privacy Behavior of Android Applications [79.71330613821037]
  In this paper, we examine the trends in how Android apps have changed over time with respect to privacy. We examine the adoption of HTTPS, whether apps scan the device for other installed apps, the use of permissions for privacy-sensitive data, and the use of unique identifiers. We find that privacy-related behavior has improved with time as apps continue to receive updates, and that the third-party libraries used by apps are responsible for more issues with privacy.
  arXiv  Detail & Related papers  (2021-12-28T16:21:31Z)
• BeeTrace: A Unified Platform for Secure Contact Tracing that Breaks Data Silos [73.84437456144994]
  Contact tracing is an important method to control the spread of an infectious disease such as COVID-19. Current solutions do not utilize the huge volume of data stored in business databases and individual digital devices. We propose BeeTrace, a unified platform that breaks data silos and deploys state-of-the-art cryptographic protocols to guarantee privacy goals.
  arXiv  Detail & Related papers  (2020-07-05T10:33:45Z)
• Beyond privacy regulations: an ethical approach to data usage in transportation [64.86110095869176]
  We describe how Federated Machine Learning can be applied to the transportation sector. We see Federated Learning as a method that enables us to process privacy-sensitive data, while respecting customer's privacy.
  arXiv  Detail & Related papers  (2020-04-01T15:10:12Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.