OPPO: An Ontology for Describing Fine-Grained Data Practices in Privacy Policies of Online Social Networks

• URL: http://arxiv.org/abs/2309.15971v1
• Date: Wed, 27 Sep 2023 19:42:05 GMT
• Title: OPPO: An Ontology for Describing Fine-Grained Data Practices in Privacy Policies of Online Social Networks
• Authors: Sanonda Datta Gupta, Torsten Hahmann,
• Abstract summary: Data practices of OPPO Social Networks (OSNS) comply with privacy regulations such as EU and CCPA. This paper presents an On-Nology for Privacy Policies of OSNSs, that aims to fill gaps by formalizing detailed practices from OSNSs.
• Score: 0.8287206589886879
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Privacy policies outline the data practices of Online Social Networks (OSN) to comply with privacy regulations such as the EU-GDPR and CCPA. Several ontologies for modeling privacy regulations, policies, and compliance have emerged in recent years. However, they are limited in various ways: (1) they specifically model what is required of privacy policies according to one specific privacy regulation such as GDPR; (2) they provide taxonomies of concepts but are not sufficiently axiomatized to afford automated reasoning with them; and (3) they do not model data practices of privacy policies in sufficient detail to allow assessing the transparency of policies. This paper presents an OWL Ontology for Privacy Policies of OSNs, OPPO, that aims to fill these gaps by formalizing detailed data practices from OSNS' privacy policies. OPPO is grounded in BFO, IAO, OMRSE, and OBI, and its design is guided by the use case of representing and reasoning over the content of OSNs' privacy policies and evaluating policies' transparency in greater detail.

Related papers

• PrivacyLens: Evaluating Privacy Norm Awareness of Language Models in Action [54.11479432110771]
  PrivacyLens is a novel framework designed to extend privacy-sensitive seeds into expressive vignettes and further into agent trajectories. We instantiate PrivacyLens with a collection of privacy norms grounded in privacy literature and crowdsourced seeds. State-of-the-art LMs, like GPT-4 and Llama-3-70B, leak sensitive information in 25.68% and 38.69% of cases, even when prompted with privacy-enhancing instructions.
  arXiv  Detail & Related papers  (2024-08-29T17:58:38Z)
• A BERT-based Empirical Study of Privacy Policies' Compliance with GDPR [9.676166100354282]
  This study aims to address challenge of compliance analysis between privacy policies for 5G networks. We manually collected privacy policies from almost 70 different MNOs and we utilized an automated BERT-based model for classification. In addition, we present first empirical evidence on the readability of privacy policies for 5G network. we adopted incorporates various established readability metrics.
  arXiv  Detail & Related papers  (2024-07-09T11:47:52Z)
• The Privacy Policy Permission Model: A Unified View of Privacy Policies [0.5371337604556311]
  A privacy policy is a set of statements that specifies how an organization gathers, uses, discloses, and maintains a client's data. Most privacy policies lack a clear, complete explanation of how data providers' information is used. We propose a modeling methodology, called the Privacy Policy Permission Model (PPPM), that provides a uniform, easy-to-understand representation of privacy policies.
  arXiv  Detail & Related papers  (2024-03-26T06:12:38Z)
• Towards an Enforceable GDPR Specification [49.1574468325115]
  Privacy by Design (PbD) is prescribed by modern privacy regulations such as the EU's. One emerging technique to realize PbD is enforcement (RE) We present a set of requirements and an iterative methodology for creating formal specifications of legal provisions.
  arXiv  Detail & Related papers  (2024-02-27T09:38:51Z)
• SoK: The Gap Between Data Rights Ideals and Reality [46.14715472341707]
  Do rights-based privacy laws effectively empower individuals over their data? This paper scrutinizes these approaches by reviewing empirical studies, news articles, and blog posts.
  arXiv  Detail & Related papers  (2023-12-03T21:52:51Z)
• PLUE: Language Understanding Evaluation Benchmark for Privacy Policies in English [77.79102359580702]
  We introduce the Privacy Policy Language Understanding Evaluation benchmark, a multi-task benchmark for evaluating the privacy policy language understanding. We also collect a large corpus of privacy policies to enable privacy policy domain-specific language model pre-training. We demonstrate that domain-specific continual pre-training offers performance improvements across all tasks.
  arXiv  Detail & Related papers  (2022-12-20T05:58:32Z)
• Exploring Consequences of Privacy Policies with Narrative Generation via Answer Set Programming [0.0]
  We present a framework that uses Answer Set Programming (ASP) to formalize privacy policies. ASP allows end-users to forward-simulate possible consequences of the policy in terms of actors. We demonstrate through the example of the Health Insurance Portability and Accountability Act how to use the system in various ways.
  arXiv  Detail & Related papers  (2022-12-13T16:44:46Z)
• Distributed Machine Learning and the Semblance of Trust [66.1227776348216]
  Federated Learning (FL) allows the data owner to maintain data governance and perform model training locally without having to share their data. FL and related techniques are often described as privacy-preserving. We explain why this term is not appropriate and outline the risks associated with over-reliance on protocols that were not designed with formal definitions of privacy in mind.
  arXiv  Detail & Related papers  (2021-12-21T08:44:05Z)
• Automated Detection of GDPR Disclosure Requirements in Privacy Policies using Deep Active Learning [3.659023646021795]
  Most privacy policies are verbose, full of jargon, and vaguely describe companies' data practices and users' rights. In this paper, we create a privacy policy dataset of 1,080 websites labeled with the 18 requirements. We develop a Convolutional Network (CNN) based model which can classify the privacy policies with an accuracy of 89.2%.
  arXiv  Detail & Related papers  (2021-11-08T01:28:27Z)
• Detecting Compliance of Privacy Policies with Data Protection Laws [0.0]
  Privacy policies are often written in extensive legal jargon that is difficult to understand. We aim to bridge that gap by providing a framework that analyzes privacy policies in light of various data protection laws. By using such a tool, users would be better equipped to understand how their personal data is managed.
  arXiv  Detail & Related papers  (2021-02-21T09:15:15Z)
• Second layer data governance for permissioned blockchains: the privacy management challenge [58.720142291102135]
  In pandemic situations, such as the COVID-19 and Ebola outbreak, the action related to sharing health data is crucial to avoid the massive infection and decrease the number of deaths. In this sense, permissioned blockchain technology emerges to empower users to get their rights providing data ownership, transparency, and security through an immutable, unified, and distributed database ruled by smart contracts.
  arXiv  Detail & Related papers  (2020-10-22T13:19:38Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.