Andrick Adhikari (University of Denver), Sanchari Das (University of Denver), Rinku Dewri (University of Denver)

The effectiveness of natural language privacy policies continues to be clouded by concerns surrounding their readability, ambiguity, and accessibility. Despite multiple design alternatives proposed over the years, natural language policies are still the primary format for organizations to communicate privacy practices to users. Current NLP techniques are often drawn towards generating high-level overviews, or specialized towards a single aspect of consumer privacy communication; the flexibility to apply them for multiple tasks is missing. To this aid, we present PolicyPulse, an information extraction pipeline designed to process privacy policies into usable formats. PolicyPulse employs a specialized XLNet classifier, and leverages a BERT-based model for semantic role labeling to extract phrases from policy sentences, while maintaining the semantic relations between predicates and their arguments. Our classification model was trained on 13,946 manually annotated semantic frames, and achieves a F1-score of 0.97 on identifying privacy practices communicated using clauses within a sentence. We emphasize the versatility of PolicyPulse through prototype applications to support requirement-driven policy presentations, question-answering systems, and privacy preference checking.

View More Papers

Mnemocrypt

André Pacteau, Antonino Vitale, Davide Balzarotti, Simone Aonzo (EURECOM)

Read More

Sheep's Clothing, Wolf's Data: Detecting Server-Induced Client Vulnerabilities in...

Fangming Gu (Institute of Information Engineering, Chinese Academy of Sciences), Qingli Guo (Institute of Information Engineering, Chinese Academy of Sciences), Jie Lu (Institute of Computing Technology, Chinese Academy of Sciences), Qinghe Xie (Institute of Information Engineering, Chinese Academy of Sciences), Beibei Zhao (Institute of Information Engineering, Chinese Academy of Sciences), Kangjie Lu (University of Minnesota),…

Read More

Deanonymizing Device Identities via Side-channel Attacks in Exclusive-use IoTs...

Christopher Ellis (The Ohio State University), Yue Zhang (Drexel University), Mohit Kumar Jangid (The Ohio State University), Shixuan Zhao (The Ohio State University), Zhiqiang Lin (The Ohio State University)

Read More

Moneta: Ex-Vivo GPU Driver Fuzzing by Recalling In-Vivo Execution...

Joonkyo Jung (Department of Computer Science, Yonsei University), Jisoo Jang (Department of Computer Science, Yonsei University), Yongwan Jo (Department of Computer Science, Yonsei University), Jonas Vinck (DistriNet, KU Leuven), Alexios Voulimeneas (CYS, TU Delft), Stijn Volckaert (DistriNet, KU Leuven), Dokyung Song (Department of Computer Science, Yonsei University)

Read More