Many people like you and I feel that we are unable to cope with all the various privacy notices we have to deal with on a daily basis. Our data is important to us, and indeed defines our online identity. Your Privacy Butler will help you to understand any privacy notices. Simply tell Privacy Butler which data processing is a “no go” for you. It converts the privacy notice into icons that show you immediately whether your desired data protection standard is met or not.
Currently our prototype has a minimal, functioning user interface. There is a basic welcome screen, followed by the configuration of tracking preferences:
However, if the user's selections are matched by the algorithm, then simply a confirmation screen appears:
You can see a screencast of the hackathon demo here.
Technical notes about our prototype solution:
The backend uses Java with Spring Boot 2 and communicates with the Google Cloud Natural Language API. You have to create the credentials yourself in order to be able to communicate with Google Cloud.
Find the backend project files here and instructions to get started in the legal-hackathon-backend folder.
The frontend uses Typescript with Angular 6 and Material Design as a styling framework addition to Angular.
You can find the frontend project files and build instructions in legal-hackathon-frontend.
In the markup of the HTML page we have a simple proposal on using schema in META tags to publish web site policy in machine readable form, e.g.:
<meta name="privacy:geotracking" value="no" /> <meta name="privacy:thirdparties" value="no" /> <meta name="privacy:profiling" value="no" />
More projects similar this can be found in our reading list below.
You will need to obtain a developer key from the Cloud API console to use our current backend.
We also ran a short machine learning classification experiment using an open dataset of opt-out policies from usableprivacy.org in the Keras.io deep learning environment. The results can be seen in a Python notebook made with Jupyter, in the
The dataset used in the experiment above was one of the ones recommended by Pribot.org, a project that was a major motivation for our work here. Many thanks to Dr. Harkous for feedback to our concept during the hackathon.
Further reading, in no particular order.
Online policy tools
- Pribot - an EPFL research project - visualizes and responds to questions about privacy policies.
- Privacy Bot gathers, persists and analyzes privacy policies - based on the PrivacyGuide paper (2018, Tesfay et al).
- Terms of Service; Didn't Read crowdsources reviews of online policies.
- Privacy Badger from EFF is a browser plugin that learns to block trackers, with an policy compliance mechanism.
- PrivacyCheck is a Google Chrome browser plugin that automatically summarizes and visualizes online privacy policies.
Additional documentation that could be useful to developers of policy tools:
- Privacy Shield lists companies that comply with data protection regulations, along with policy summaries.
- A Domain Ontology For Online Privacy is a research paper that suggests improvements to policy statements.
- Data Privacy Vocabularies and Controls is a new Community Group at the W3C, that aims to define a taxonomy of privacy terms.
- GDPRtEXT is a representation of the text of GDPR using Linked Data.
- Open Badges are tools from Mozilla for online learning, which could in theory be adapted for privacy preferences.
A couple of introductory articles on relevant topics in Machine Learning: