Seeing through Website Privacy Policies Rishiraj Saha Roy Max - - PowerPoint PPT Presentation

seeing through website privacy policies
SMART_READER_LITE
LIVE PREVIEW

Seeing through Website Privacy Policies Rishiraj Saha Roy Max - - PowerPoint PPT Presentation

Sep 07, 2022 140 likes •215 views

Seeing through Website Privacy Policies Rishiraj Saha Roy Max Planck Institute for Informatics Saarbrcken, Germany "Data, Responsibly", Dagstuhl Seminar, 20 July 2016 Opacity in todays Website privacy policies Privacy policies

slide-1
SLIDE 1

"Data, Responsibly", Dagstuhl Seminar, 20 July 2016

Seeing through Website Privacy Policies

Rishiraj Saha Roy Max Planck Institute for Informatics Saarbrücken, Germany

slide-2
SLIDE 2

Opacity in today’s Website privacy policies

"Data, Responsibly", Dagstuhl Seminar, 20 July 2016

Privacy policies are very long “Cookie messages” not enough

slide-3
SLIDE 3

Understanding privacy policies better

"Data, Responsibly", Dagstuhl Seminar, 20 July 2016

Data collection: Contact, Location, Financial, Health Sharing collected information with third parties Deletion of user information Yes, No, Not clear, Not applicable No sharing, For core service only, Sharing for other purpose, Sharing for other purpose (explicit consent), Unclear, Not applicable No removal, full removal, partial removal, Unclear, Not applicable

Wilson et al., Crowdsourcing Annotations for Websites' Privacy Policies: Can it Really Work?, WWW 2016 Best Paper Nominee

Humans can find answers, machine can find relevant excerpts!

slide-4
SLIDE 4

When you visit the platform, we may collect information from you. Some

  • f it may be personal information. This information can include search

history, IP address, screen resolution, browser used, operating system and settings, access times and referring URL. If you are using a mobile device, we may also collect data that identifies your device, your settings and your location. We may share your personal information with our corporate affiliates and with third parties for our legitimate business purposes as permitted by

  • law. For example, we may share your personal information with suppliers

who perform services on our behalf and have agreed in writing to protect and not further disclose your information. <No information on data deletion>

How can we guide the user better (trivially)?

"Data, Responsibly", Dagstuhl Seminar, 20 July 2016

Policy summary Trackers, if any

slide-5
SLIDE 5

Automatic reasoning and finding alternatives

"Data, Responsibly", Dagstuhl Seminar, 20 July 2016

Get user’s privacy settings Check site policy compliance Suggest alternatives

P X P X X

slide-6
SLIDE 6

Research challenges

"Data, Responsibly", Dagstuhl Seminar, 20 July 2016

  • Some policy aspects unclear to humans
  • Disagreements between average and expert users
  • Reasoning about clauses non-trivial
  • Not every request is through search engine