A Study of the Landscape of Privacy Policies of Smart Devices
- URL: http://arxiv.org/abs/2308.05890v2
- Date: Thu, 14 Dec 2023 03:41:11 GMT
- Title: A Study of the Landscape of Privacy Policies of Smart Devices
- Authors: Aamir Hamid, Hemanth Reddy Samidi, Tim Finin, Primal Pappachan,
Roberto Yus
- Abstract summary: This paper presents a comprehensive study of the landscape of privacy policies of smart devices.
We introduce a methodology that addresses the unique challenges of smart devices, by finding information about them, their manufacturers, and their privacy policies on the Web.
Overall, we analyzed 4,556 smart devices, 2,211 manufacturers, and 819 privacy policies.
- Score: 1.2642388972233845
- License: http://creativecommons.org/licenses/by-nc-sa/4.0/
- Abstract: As the adoption of smart devices continues to permeate all aspects of our
lives, user privacy concerns have become more pertinent than ever. Privacy
policies outline the data handling practices of these devices. Prior work in
the domains of websites and mobile apps has shown that privacy policies are
rarely read and understood by users. In these domains, automatic analysis of
privacy policies has been shown to help give users appropriate insights.
However, there is a lack of such an analysis in the domain of smart device
privacy policies. This paper presents a comprehensive study of the landscape of
privacy policies of smart devices. We introduce a methodology that addresses
the unique challenges of smart devices, by finding information about them,
their manufacturers, and their privacy policies on the Web. Our methodology
utilizes state-of-the-art analysis techniques to assess readability and privacy
of smart device policies and compares it policies of e-commerce websites and
mobile applications. Overall, we analyzed 4,556 smart devices, 2,211
manufacturers, and 819 privacy policies. Despite smart devices having access to
more intrusive data about their users (using sensors such as cameras and
microphones), more than 1,167 of the analyzed manufacturers did not have
policies available. The study highlights that significant improvement is
required on communicating the data management practices of smart devices.
Related papers
- Let's Measure the Elephant in the Room: Facilitating Personalized Automated Analysis of Privacy Policies at Scale [14.986181740022106]
PoliAnalyzer is a neuro-symbolic system that assists users with personalized privacy policy analysis.<n>It uses Natural Language Processing to extract formal representations of data usage practices from policy texts.<n>It can support automated personalized privacy policy analysis at scale using off-the-shelf NLP tools.
arXiv Detail & Related papers (2025-07-15T20:19:33Z) - Overcoming the hurdle of legal expertise: A reusable model for smartwatch privacy policies [5.2578340028226425]
Up to now, no conceptual model exists covering privacy statements from different smartwatch manufacturers that is reusable for developers.<n>This paper introduces such a conceptual model for privacy policies of smartwatches and shows its use in a model-driven software engineering approach to create a platform for data visualization.
arXiv Detail & Related papers (2025-05-08T13:09:12Z) - PRISMe: A Novel LLM-Powered Tool for Interactive Privacy Policy Assessment [0.6554326244334868]
We present PRISMe, a novel Large Language Model (LLM)-driven privacy policy assessment tool.
The tool helps users to understand the essence of a lengthy, complex privacy policy while browsing.
We evaluate PRISMe's efficiency, usability, understandability of the provided information, and impacts on awareness.
arXiv Detail & Related papers (2025-01-27T13:27:04Z) - Collection, usage and privacy of mobility data in the enterprise and public administrations [55.2480439325792]
Security measures such as anonymization are needed to protect individuals' privacy.
Within our study, we conducted expert interviews to gain insights into practices in the field.
We survey privacy-enhancing methods in use, which generally do not comply with state-of-the-art standards of differential privacy.
arXiv Detail & Related papers (2024-07-04T08:29:27Z) - PolicyGPT: Automated Analysis of Privacy Policies with Large Language
Models [41.969546784168905]
In practical use, users tend to click the Agree button directly rather than reading them carefully.
This practice exposes users to risks of privacy leakage and legal issues.
Recently, the advent of Large Language Models (LLM) such as ChatGPT and GPT-4 has opened new possibilities for text analysis.
arXiv Detail & Related papers (2023-09-19T01:22:42Z) - SeePrivacy: Automated Contextual Privacy Policy Generation for Mobile
Applications [21.186902172367173]
SeePrivacy is designed to automatically generate contextual privacy policies for mobile apps.
Our method synergistically combines mobile GUI understanding and privacy policy document analysis.
96% of the retrieved policy segments can be correctly matched with their contexts.
arXiv Detail & Related papers (2023-07-04T12:52:45Z) - ATLAS: Automatically Detecting Discrepancies Between Privacy Policies
and Privacy Labels [2.457872341625575]
We introduce the Automated Privacy Label Analysis System (ATLAS)
ATLAS identifies possible discrepancies between mobile app privacy policies and their privacy labels.
We find that, on average, apps have 5.32 such potential compliance issues.
arXiv Detail & Related papers (2023-05-24T05:27:22Z) - Is It a Trap? A Large-scale Empirical Study And Comprehensive Assessment
of Online Automated Privacy Policy Generators for Mobile Apps [15.181098379077344]
Automated Privacy Policy Generators can create privacy policies for mobile apps.
Nearly 20.1% of privacy policies could be generated by existing APPGs.
App developers must carefully select and use the appropriate APPGs to avoid potential pitfalls.
arXiv Detail & Related papers (2023-05-05T04:08:18Z) - Privacy Explanations - A Means to End-User Trust [64.7066037969487]
We looked into how explainability might help to tackle this problem.
We created privacy explanations that aim to help to clarify to end users why and for what purposes specific data is required.
Our findings reveal that privacy explanations can be an important step towards increasing trust in software systems.
arXiv Detail & Related papers (2022-10-18T09:30:37Z) - Analysis of Longitudinal Changes in Privacy Behavior of Android
Applications [79.71330613821037]
In this paper, we examine the trends in how Android apps have changed over time with respect to privacy.
We examine the adoption of HTTPS, whether apps scan the device for other installed apps, the use of permissions for privacy-sensitive data, and the use of unique identifiers.
We find that privacy-related behavior has improved with time as apps continue to receive updates, and that the third-party libraries used by apps are responsible for more issues with privacy.
arXiv Detail & Related papers (2021-12-28T16:21:31Z) - Urban Sensing based on Mobile Phone Data: Approaches, Applications and
Challenges [67.71975391801257]
Much concern in mobile data analysis is related to human beings and their behaviours.
This work aims to review the methods and techniques that have been implemented to discover knowledge from mobile phone data.
arXiv Detail & Related papers (2020-08-29T15:14:03Z) - Privacy Policies over Time: Curation and Analysis of a Million-Document
Dataset [6.060757543617328]
We develop a crawler that discovers, downloads, and extracts archived privacy policies from the Internet Archive's Wayback Machine.
We curated a dataset of 1,071,488 English language privacy policies, spanning over two decades and over 130,000 distinct websites.
Our data indicate that self-regulation for first-party websites has stagnated, while self-regulation for third parties has increased but is dominated by online advertising trade associations.
arXiv Detail & Related papers (2020-08-20T19:00:37Z) - More Than Privacy: Applying Differential Privacy in Key Areas of
Artificial Intelligence [62.3133247463974]
We show that differential privacy can do more than just privacy preservation in AI.
It can also be used to improve security, stabilize learning, build fair models, and impose composition in selected areas of AI.
arXiv Detail & Related papers (2020-08-05T03:07:36Z) - A vision for global privacy bridges: Technical and legal measures for
international data markets [77.34726150561087]
Despite data protection laws and an acknowledged right to privacy, trading personal information has become a business equated with "trading oil"
An open conflict is arising between business demands for data and a desire for privacy.
We propose and test a vision of a personal information market with privacy.
arXiv Detail & Related papers (2020-05-13T13:55:50Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.