Grant / August 2019

Automatic Guidance for Privacy-Aware Browsing

The recent change in EU law (as well as, for example, the Facebook login key activation scheme) requires most authentication-enabled websites to have a privacy policy under /privacy, even when they go through Google or GitHub. We propose to build a browser plugin that automatically reads out the privacy policy page and uses natural language processing technology to parse it and compare it with other policies, identifying elements in common with baseline policies (at least in part using existing resources that label the privacy implications of particular phrases). Based on our assessment of the policy, the tool would then display a green, yellow, or red square in the browser. A click on the square would provide information about which phrases triggered the worst assessment. This aids a user’s decision as to whether they want to allow authentication and use the site, or choose some more privacy-protective action (possibly even reading the privacy policy). In this seed project, we will examine which natural language processing technologies and existing work on legal parsing of privacy policies can be leveraged, develop a prototype, and analyze the feasibility of developing the tool as a full proposal.