NL2GDPR: Automatically Develop GDPR Compliant Android Application Features from Natural Language

08/29/2022
by   Faysal Hossain Shezan, et al.
18

The recent privacy leakage incidences and the more strict policy regulations demand a much higher standard of compliance for companies and mobile apps. However, such obligations also impose significant challenges on app developers for complying with these regulations that contain various perspectives, activities, and roles, especially for small companies and developers who are less experienced in this matter or with limited resources. To address these hurdles, we develop an automatic tool, NL2GDPR, which can generate policies from natural language descriptions from the developer while also ensuring the app's functionalities are compliant with General Data Protection Regulation (GDPR). NL2GDPR is developed by leveraging an information extraction tool, OIA (Open Information Annotation), developed by Baidu Cognitive Computing Lab. At the core, NL2GDPR is a privacy-centric information extraction model, appended with a GDPR policy finder and a policy generator. We perform a comprehensive study to grasp the challenges in extracting privacy-centric information and generating privacy policies, while exploiting optimizations for this specific task. With NL2GDPR, we can achieve 92.9 accuracy in correctly identifying GDPR policies related to personal data storage, process, and share types, respectively. To the best of our knowledge, NL2GDPR is the first tool that allows a developer to automatically generate GDPR compliant policies, with only the need of entering the natural language for describing the app features. Note that other non-GDPR-related features might be integrated with the generated features to build a complex app.

READ FULL TEXT

page 11

page 25

page 26

research
08/13/2020

An Empirical Evaluation of GDPR Compliance Violations in Android mHealth Apps

The purpose of the General Data Protection Regulation (GDPR) is to provi...
research
03/16/2023

Static Analysis for Android GDPR Compliance Assurance

Many Android applications collect data from users. When they do, they mu...
research
11/15/2021

Tracking in apps' privacy policies

Data protection law, including the General Data Protection Regulation (G...
research
01/29/2023

Demystifying Privacy Policy of Third-Party Libraries in Mobile Apps

The privacy of personal information has received significant attention i...
research
06/10/2021

AI-enabled Automation for Completeness Checking of Privacy Policies

Technological advances in information sharing have raised concerns about...
research
02/13/2020

Quality Assessment of Online Automated Privacy Policy Generators: An Empirical Study

Online Automated Privacy Policy Generators (APPGs) are tools used by app...
research
05/18/2018

Catering to Your Concerns: Automatic Generation of Personalised Security-Centric Descriptions for Android Apps

Android users are increasingly concerned with the privacy of their data ...

Please sign up or login with your details

Forgot password? Click here to reset