Abstract
Privacy policies are the main way to obtain information related to personal data collection and processing. Originally, privacy policies were presented as textual documents. However, the unsuitability of this format for the needs of today's society gave birth to other means of expression. In this paper, we systematically study the different means of expression of privacy policies. In doing so, we have explored the three main categories, which we call facets, i.e., natural language, graphical and machine-readable privacy policies. Each of these facets focuses on the particular needs of the communities they come from, ie, law experts, organizations and privacy advocates, and academics, respectively. We then analyze the benefits and limitations of each facet, and explain why solutions based on a single facet do not cover the needs of other communities. Finally, we set guidelines and discuss challenges of an approach to expressing privacy policies which brings together the benefits of each facet as an attempt to overcome their limitations.
Author supplied keywords
Cite
CITATION STYLE
Morel, V., & Pardo, R. (2020). SoK: Three Facets of Privacy Policies. In WPES 2020 - Proceedings of the 19th Workshop on Privacy in the Electronic Society (pp. 41–56). Association for Computing Machinery, Inc. https://doi.org/10.1145/3411497.3420216
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
