CyLab
What if computers understood privacy policies? And, what if they knew what we care about?
February 20, 2017
12:00 p.m. - 1:00 p.m. ET
CIC Building, DEC
CyLab
February 20, 2017
12:00 p.m. - 1:00 p.m. ET
CIC Building, DEC
Norman Sadeh
Professor
CyLab, School of Computer Science
Carnegie Mellon University
Abstract
In today’s data-centric economy issues of privacy are becoming increasingly complex to manage. This is true for users who are often feeling helpless when it comes to understanding and managing the many different ways in which their data can be collected and used. But it is also true for developers, service providers, app store operators and regulators. A significant source of frustration has been the lack of progress in formalizing the disclosure of data collection and use practices. These disclosures today continue to primarily take the form of long privacy policies, which very few people actually read.
What if computers could actually understand the text of privacy policies? In this talk, I will report on our progress developing techniques to do just that and will discuss the development and piloting of tools that build on these technologies. This includes an overview of a compliance tool for mobile apps. The tool automatically analyzes the code of apps and compares its findings with disclosures made in the text of privacy policies to identify potential compliance violations. I will report on a study of about 18,000 Android apps. Results of the study suggest that compliance issues are widespread.
In the second part of this talk, I will discuss how using machine learning we can also build models of people’s privacy preferences and help them manage their privacy settings. This will include an overview of our work on Personalized Privacy Assistants. These assistants are intended to selectively notify their users about data collection and use practices they may find egregious and are also capable of helping their users configure available privacy settings. We will review results of a pilot involving one such assistant developed to help users manage their mobile app permissions. I will conclude with a discussion of ongoing work to extend this functionality in the context of Internet of Things scenarios.
The work presented in this talk is conducted with a number of collaborators - faculty, post-docs and students, as part the Usable Privacy Policy project and the Personalized Privacy Assistant project. Our work is supported by grants from the National Science Foundation (SaTC and SBE programs), the DARPA Brandeis initiative and the Google IoT expedition.
Bio
April 23 2024
9:00 AM - 11:00 AM ET
Virtual
April 23 2024
5:00 PM ET
Simmons Auditorium B, Tepper School of Business
May 1 2024
2:00 PM - 4:00 PM ET
Tech Spark
Tech Spark Engineering Expo
Tech Spark’s High Bay (Ansys Hall C01)
May 15 2024
2:00 PM - 3:00 PM ET
Bosch Spark Conference Room, Scott Hall
May 17 2024
8:00 AM ET
Carnegie Mellon University Africa
CMU-Africa's 11th Graduation Ceremony
Kigali Serena Hotel, KN 3 Ave Kigali, Rwanda