Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

KnIGHT: Mapping privacy policies to GDPR

: Nejad, N.M.; Scerri, S.; Lehmann, J.


Faron Zucker, C.:
Knowledge Engineering and Knowledge Management. 21st International Conference, EKAW 2018. Proceedings : Nancy, France, November 12-16, 2018
Cham: Springer International Publishing, 2018 (Lecture Notes in Computer Science 11313)
ISBN: 978-3-030-03666-9 (Print)
ISBN: 978-3-030-03667-6 (Online)
ISBN: 978-3-030-03668-3
International Conference on Knowledge Engineering and Knowledge Management (EKAW) <21, 2018, Nancy>
Conference Paper
Fraunhofer IAIS ()

Although the use of apps and online services comes with accompanying privacy policies, a majority of end-users ignore them due to their length, complexity and unappealing presentation.pite the potential risks. In light of the, now enforced EU-wide, General Data Protection Regulation (GDPR) we present an automatic technique for mapping privacy policies excerpts to relevant GDPR articles so as to support average users in understanding their usage risks and rights as a data subject. KnIGHT (Know your rIGHTs), is a tool that finds candidate sentences in a privacy policy that are potentially related to specific articles in the GDPR. The approach employs semantic text matching in order to find the most appropriate GDPR paragraph, and to the best of our knowledge is one of the first automatic attempts of its kind applied to a company’s policy. Our evaluation shows that on average between 70–90% of the tool’s automatic mappings are at least partially correct, meaning that the tool can be used to significantly guide human comprehension. Following this result, in the future we will utilize domain-specific vocabularies to perform a deeper semantic analysis and improve the results further.