Requirements Engineering (RE); Regulatory Compliance; Privacy; the General Data Protection Regulation (GDPR); Artificial Intelligence (AI); Natural Language Processing (NLP); Machine Learning (ML)
Abstract :
[en] We introduceπΆππππ΄π β a tool for checking the completeness of privacy
policies against the general data protection regulation (GDPR).
πΆππππ΄π facilitates the analysis of privacy policies to check their
compliance to GDPR requirements. Since privacy policies serve as
an agreement between a software system and its prospective users,
the policy must fully capture such requirements to ensure that collected
personal data of individuals (or users) remains protected as
specified by the GDPR. For a given privacy policy, πΆππππ΄π semantically
analyzes its textual content against a comprehensive conceptual
model which captures all information types that might appear
in any policy. Based on this analysis, alongside some input from
the end user, πΆππππ΄π can determine the potential incompleteness
violations in the input policy with an accuracy of β96%. πΆππππ΄π
generates a detailed report that can be easily reviewed and validated
by experts. The source code ofπΆππππ΄π is publicly available on https://figshare.com/articles/online_resource/CompAI/23676069, and a
demo of the tool is available on https://youtu.be/zwa_tM3fXHU.
Research center :
Interdisciplinary Centre for Security, Reliability and Trust (SnT) > SVV - Software Verification and Validation NCER-FT - FinTech National Centre of Excellence in Research
Disciplines :
Computer science
Author, co-author :
AMARAL CEJAS, Orlando ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > SVV
ABUALHAIJA, Sallam ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > SVV
Briand, Lionel; Lero SFI centre for Software Research and University of Limerick, Ireland ; School of EECS, University of Ottawa, Canada
External co-authors :
yes
Language :
English
Title :
CompAi: A Tool for GDPR Completeness Checking of Privacy Policies using Artificial Intelligence
Publication date :
2024
Event name :
IEEE/ACM International Conference on Automated Software Engineering
Event date :
from October 27 to November 1 2024
Main work title :
39th IEEE/ACM International Conference on Automated Software Engineering (ASE 2024)
Publisher :
Association for Computing Machinery
Peer reviewed :
Peer reviewed
FnR Project :
FNR16570468 - 2021 (01/07/2022-30/06/2030) - Yves Le Traon
Name of the research project :
R-AGR-3718 - BRIDGES/19/IS/13759068/ARTAGO - part UL - SABETZADEH Mehrdad U-AGR-7511 - NCER22/NCER-FT_RegCheck_UL - KLEIN Jacques
