The processing of personal data gives a rise to many privacy concerns,and one of them is to ensure the transpar-ency of data processing to end users.Usually this information is communicated to them using privacy polic...The processing of personal data gives a rise to many privacy concerns,and one of them is to ensure the transpar-ency of data processing to end users.Usually this information is communicated to them using privacy policies.In this paper,the problem of user notifcation in case of data breaches and policy changes is addressed,besides an ontol-ogy-based approach to model them is proposed.To specify the ontology concepts and properties,the requirements and recommendations for the legislative regulations as well as existing privacy policies are evaluated.A set of SPARQL queries to validate the correctness and completeness of the proposed ontology are developed.The proposed approach is applied to evaluate the privacy policies designed by cloud computing providers and IoT device manu-facturers.The results of the analysis show that the transparency of user notifcation scenarios presented in the privacy policies is still very low,and the companies should reconsider the notifcation mechanisms and provide more detailed information in privacy policies.展开更多
文摘The processing of personal data gives a rise to many privacy concerns,and one of them is to ensure the transpar-ency of data processing to end users.Usually this information is communicated to them using privacy policies.In this paper,the problem of user notifcation in case of data breaches and policy changes is addressed,besides an ontol-ogy-based approach to model them is proposed.To specify the ontology concepts and properties,the requirements and recommendations for the legislative regulations as well as existing privacy policies are evaluated.A set of SPARQL queries to validate the correctness and completeness of the proposed ontology are developed.The proposed approach is applied to evaluate the privacy policies designed by cloud computing providers and IoT device manu-facturers.The results of the analysis show that the transparency of user notifcation scenarios presented in the privacy policies is still very low,and the companies should reconsider the notifcation mechanisms and provide more detailed information in privacy policies.
