Saved in:
Bibliographic Details
Main Authors: Musa, Maaz Bin, Winston, Steven M., Allen, Garrison, Schiller, Jacob, Moore, Kevin, Quick, Sean, Melvin, Johnathan, Srinivasan, Padmini, Diamantis, Mihailis E., Nithyanand, Rishab
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2410.03925
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866914965399535616
author Musa, Maaz Bin
Winston, Steven M.
Allen, Garrison
Schiller, Jacob
Moore, Kevin
Quick, Sean
Melvin, Johnathan
Srinivasan, Padmini
Diamantis, Mihailis E.
Nithyanand, Rishab
author_facet Musa, Maaz Bin
Winston, Steven M.
Allen, Garrison
Schiller, Jacob
Moore, Kevin
Quick, Sean
Melvin, Johnathan
Srinivasan, Padmini
Diamantis, Mihailis E.
Nithyanand, Rishab
contents The development of tools and techniques to analyze and extract organizations data habits from privacy policies are critical for scalable regulatory compliance audits. Unfortunately, these tools are becoming increasingly limited in their ability to identify compliance issues and fixes. After all, most were developed using regulation-agnostic datasets of annotated privacy policies obtained from a time before the introduction of landmark privacy regulations such as EUs GDPR and Californias CCPA. In this paper, we describe the first open regulation-aware dataset of expert-annotated privacy policies, C3PA (CCPA Privacy Policy Provision Annotations), aimed to address this challenge. C3PA contains over 48K expert-labeled privacy policy text segments associated with responses to CCPA-specific disclosure mandates from 411 unique organizations. We demonstrate that the C3PA dataset is uniquely suited for aiding automated audits of compliance with CCPA-related disclosure mandates.
format Preprint
id arxiv_https___arxiv_org_abs_2410_03925
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle C3PA: An Open Dataset of Expert-Annotated and Regulation-Aware Privacy Policies to Enable Scalable Regulatory Compliance Audits
Musa, Maaz Bin
Winston, Steven M.
Allen, Garrison
Schiller, Jacob
Moore, Kevin
Quick, Sean
Melvin, Johnathan
Srinivasan, Padmini
Diamantis, Mihailis E.
Nithyanand, Rishab
Computation and Language
Information Retrieval
The development of tools and techniques to analyze and extract organizations data habits from privacy policies are critical for scalable regulatory compliance audits. Unfortunately, these tools are becoming increasingly limited in their ability to identify compliance issues and fixes. After all, most were developed using regulation-agnostic datasets of annotated privacy policies obtained from a time before the introduction of landmark privacy regulations such as EUs GDPR and Californias CCPA. In this paper, we describe the first open regulation-aware dataset of expert-annotated privacy policies, C3PA (CCPA Privacy Policy Provision Annotations), aimed to address this challenge. C3PA contains over 48K expert-labeled privacy policy text segments associated with responses to CCPA-specific disclosure mandates from 411 unique organizations. We demonstrate that the C3PA dataset is uniquely suited for aiding automated audits of compliance with CCPA-related disclosure mandates.
title C3PA: An Open Dataset of Expert-Annotated and Regulation-Aware Privacy Policies to Enable Scalable Regulatory Compliance Audits
topic Computation and Language
Information Retrieval
url https://arxiv.org/abs/2410.03925