We are very pleased to announce that our group got a paper accepted for presentation at the International Information Security and Privacy Conference (IFIP SEC). The IFIP SEC conferences aim to bring together primarily researchers, but also practitioners from academia, industry and governmental institutions to elaborate and discuss IT Security and Privacy Challenges that we are facing today and will be facing in the future.
Here is the pre-print of the accepted paper with its abstract:
Establishing a Strong Baseline for Privacy Policy Classification” by
Najmeh Mousavi Nejad,
Pablo Jabat,
Rostislav Nedelchev,
Simon Scerri,
Damien Graux.
Abstract
Digital service users are routinely exposed to Privacy Policy consent
forms, through which they enter contractual agreements consenting to the
specifics of how their personal data is managed and used. Nevertheless,
despite renewed importance following legislation such as the European
GDPR, a majority of people still ignore policies due to their length and
complexity. To counteract this potentially dangerous reality, in this
paper we present three different models that are able to assign
pre-defined categories to privacy policy paragraphs, using supervised
machine learning. In order to train our neural networks, we exploit a
dataset containing 115 privacy policies defined by US companies. An
evaluation shows that our approach outperforms state-of-the-art by 5%
over comparable and previously-reported F1 values. In addition, our
method is completely reproducible since we provide open access to all
resources. Given these two contributions, our approach can be considered
as a strong baseline for privacy policy classification.