ITU

SoK: Three Facets of Privacy Policies

Research output: Conference Article in Proceeding or Book/Report chapterArticle in proceedingsResearchpeer-review

View graph of relations

Privacy policies are the main way to obtain information related to personal data collection and processing. Originally, privacy policies were presented as textual documents. However, the unsuitability of this format for the needs of today's society gave birth to other means of expression. In this paper, we systematically study the different means of expression of privacy policies. In doing so, we have explored the three main categories, which we call facets, i.e., natural language, graphical and machine-readable privacy policies. Each of these facets focuses on the particular needs of the communities they come from, ie, law experts, organizations and privacy advocates, and academics, respectively. We then analyze the benefits and limitations of each facet, and explain why solutions based on a single facet do not cover the needs of other communities. Finally, we set guidelines and discuss challenges of an approach to expressing privacy policies which brings together the benefits of each facet as an attempt to overcome their limitations.
Original languageEnglish
Title of host publicationWPES'20: Proceedings of the 19th Workshop on Privacy in the Electronic Society
Number of pages16
PublisherAssociation for Computing Machinery
Publication dateNov 2020
Pages41-56
DOIs
Publication statusPublished - Nov 2020
EventThe 19th Workshop on Privacy in the Electronic Society 2020 -
Duration: 9 Nov 2020 → …
Conference number: WPES2020

Workshop

WorkshopThe 19th Workshop on Privacy in the Electronic Society 2020
NummerWPES2020
Periode09/11/2020 → …
SeriesProceedings of the 19th Workshop on Privacy in the Electronic Society 2020

ID: 85694569