Analyzing Compliance of Privacy Policy with Knowledge-Enhanced Deep Learning Model:From the Perspective of Integrity and Semantic Conflict
[Objective]The paper aims to detect the compliance of privacy policies at the semantic level by integrating legal and regulatory knowledge.[Methods]We constructed a compliance evaluation index system from the integrity and semantic conflict perspective based on the Information Security Technology—Personal Information Security Specification(GB/T 35273-2020)and annotated the corpus.Then,we used the K-BERT model embedded with a knowledge graph to build an integrity evaluation model and a consistency evaluation model to detect semantic conflicts.Finally,we analyzed the compliance of app privacy policies in 15 fields with the integrity and consistency evaluation models.[Results]We constructed a Chinese privacy policy corpus that passed the Kendall's W test,and the Fl Score of the integrity and consistency evaluation models reached 0.92 and 0.87,respectively.We analyzed 1762 app privacy policies and found that policies in the fields of Audio-Video Entertainment,Purchase Comparison,Financial Planning,Sports and Health,and Automotive are better in integrity,while those in the fields of Social Communication and Purchase Comparison are more semantically compliant with legal and regulatory requirements.[Limitations]The content in hyperlinks that may appear in a few privacy policies is ignored,which may cause bias in the compliance testy of some privacy policies.[Conclusions]The proposed model achieves the goal of automated analysis of privacy policy compliance in various fields,which is significant for China in enhancing the regulatory capacity for mobile apps handling user privacy data.
NETL
NSTL
万方数据
