• Corpus ID: 243848262

Automated Detection of GDPR Disclosure Requirements in Privacy Policies using Deep Active Learning

  title={Automated Detection of GDPR Disclosure Requirements in Privacy Policies using Deep Active Learning},
  author={Tamjid Al Rahat and Tu Le and Yuan Tian},
Since GDPR came into force in May 2018, companies have worked on their data practices to comply with this privacy law. In particular, since the privacy policy is the essential communication channel for users to understand and control their privacy, many companies updated their privacy policies after GDPR was enforced. However, most privacy policies are verbose, full of jargon, and vaguely describe companies’ data practices and users’ rights. Therefore, it is unclear if they comply with GDPR. In… 

Figures and Tables from this paper



Polisis: Automated Analysis and Presentation of Privacy Policies Using Deep Learning

Polisis, an automated framework for privacy Policies analysis, enables scalable, dynamic, and multi-dimensional queries on privacy policies, and demonstrates Polisis's modularity and utility with two robust applications that support structured and free-form querying.

Automated and Personalized Privacy Policy Extraction Under GDPR Consideration

An automated privacy policy extraction system considering users’ personal privacy concerns under different contexts is proposed and implemented on Android smartphones and evaluated feedbacks from a group of users as a field study.

We Value Your Privacy ... Now Take Some Cookies: Measuring the GDPR's Impact on Web Privacy

It is concluded that the GDPR is making the web more transparent, but there is still a lack of both functional and usable mechanisms for users to consent to or deny processing of their personal data on the Internet.

The Creation and Analysis of a Website Privacy Policy Corpus

A corpus of 115 privacy policies with manual annotations for 23K fine-grained data practices is introduced and the process of using skilled annotators and a purpose-built annotation tool to produce the data is described.

The Privacy Policy Landscape After the GDPR

The landscape of privacy policies is found to be in a transitional phase; many policies still do not meet several key GDPR requirements or their improved coverage comes with reduced specificity.

PrivacyGuide: Towards an Implementation of the EU GDPR on Internet Privacy Policy Evaluation

PrivacyGuide is a privacy policy summarization tool inspired by the European Union (EU) General Data Protection Regulation (GDPR) and based on machine learning and natural language processing techniques that is able to classify privacy policy content into eleven privacy aspects with a weighted average accuracy.

Disagreeable Privacy Policies: Mismatches between Meaning and Users’ Understanding

This paper investigates the differences in interpretation among expert, knowledgeable, and typical users and explores whether those groups can understand the practices described in privacy policies at a level sufficient to support rational decision-making, and seeks to fill an important gap in the understanding of privacy policies through primary research on user interpretation.


As of May 2018, with the entry into application of the General Data Protection Regulation, there is one set of data protection rules for all companies operating in the EU, wherever they are based.

The General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) will replace the current existing EU Data Protection Directive 95/46/EC and will be directly applicable in all Member States without the need for

Active Discriminative Text Representation Learning

It is argued that AL strategies for multi-layered neural models should focus on selecting instances that most affect the embedding space (i.e., induce discriminative word representations), in contrast to traditional AL approaches which specify higher level objectives.