Prototype able to interpret privacy notices with AI, and visualize compatibility with user preferences
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
legal-hackathon-backend
legal-hackathon-frontend
ml
the_pitch
web
.gitignore
CNAME
LICENSE
README.md
SBB_Hackathon2018_PrivacyButler.pdf
index.html
privacy.html

README.md

Privacy Butler

Many people like you and I feel that we are unable to cope with all the various privacy notices we have to deal with on a daily basis. Our data is important to us, and indeed defines our online identity. Your Privacy Butler will help you to understand any privacy notices. Simply tell Privacy Butler which data processing is a “no go” for you. It converts the privacy notice into icons that show you immediately whether your desired data protection standard is met or not.

This is a concept-stage project that was started at the Swiss Legal Tech 2018 hackathon in Zürich, Switzerland. The original challenge idea can be found here (PDF).

Demo

Currently our prototype has a minimal, functioning user interface. There is a basic welcome screen, followed by the configuration of tracking preferences:

Configuration screenshot

Upon clicking the computer icon, a text field appears which accepts the URL of a privacy policy. If the result is not compliant with the user's preferences, the analysis is shown:

Noncompliance screenshot

However, if the user's selections are matched by the algorithm, then simply a confirmation screen appears:

Compliance screenshot

You can see a screencast of the hackathon demo here.

Development

Technical notes about our prototype solution:

Backend

The backend uses Java with Spring Boot 2 and communicates with the Google Cloud Natural Language API. You have to create the credentials yourself in order to be able to communicate with Google Cloud.

Find the backend project files here and instructions to get started in the legal-hackathon-backend folder.

Frontend

The frontend uses Typescript with Angular 6 and Material Design as a styling framework addition to Angular.

You can find the frontend project files and build instructions in legal-hackathon-frontend.

Splash

There is also a static HTML launch page defined in index.html with resources in the web folder. The design template used is HTML5 UP, with jQuery and FontAwesome.

In the markup of the HTML page we have a simple proposal on using schema in META tags to publish web site policy in machine readable form, e.g.:

<meta name="privacy:geotracking" value="no" />
<meta name="privacy:thirdparties" value="no" />
<meta name="privacy:profiling" value="no" />

More projects similar this can be found in our reading list below.

Data

We used the Google Cloud Natural Language API in this project for rapid analysis of policy texts. See Quickstart, NL Samples, and Java samples for Google Cloud Platform.

You will need to obtain a developer key from the Cloud API console to use our current backend.

We also ran a short machine learning classification experiment using an open dataset of opt-out policies from usableprivacy.org in the Keras.io deep learning environment. The results can be seen in a Python notebook made with Jupyter, in the ml subfolder.

The dataset used in the experiment above was one of the ones recommended by Pribot.org, a project that was a major motivation for our work here. Many thanks to Dr. Harkous for feedback to our concept during the hackathon.

We also considered using IBM Watson (see Fredrik Stenbeck comparison - and OpenNLP at Apache.

References

Further reading, in no particular order.

Online policy tools

  • Pribot - an EPFL research project - visualizes and responds to questions about privacy policies.
  • Privacy Bot gathers, persists and analyzes privacy policies - based on the PrivacyGuide paper (2018, Tesfay et al).
  • Terms of Service; Didn't Read crowdsources reviews of online policies.
  • Privacy Badger from EFF is a browser plugin that learns to block trackers, with an policy compliance mechanism.
  • PrivacyCheck is a Google Chrome browser plugin that automatically summarizes and visualizes online privacy policies.

Policy documentation

Additional documentation that could be useful to developers of policy tools:

Machine learning

A couple of introductory articles on relevant topics in Machine Learning: