Project Activities
AAAI Spring Symposium on Privacy-Enhancing Artificial Intelligence and Language Technologies (PAL 2019)
Shomir Wilson, Sepideh Ghanavati, Kambiz Ghazinour, and Norman Sadeh held an AAAI Spring Symposium titled "Privacy-Enhancing Artificial Intelligence and Language Technologies" ("PAL") in March 2019 at Stanford University in Palo Alto, California. This was a successor event to Privacy and Language Technologies ("PLT"), a 2016 AAAI Fall Symposium previously organized by project participants. PAL brought together researchers in privacy and those in artificial intelligence or human language technologies, to collectively assess the state of art in this growing intersection of interests.
Machine-Annotated Privacy Policies
We have now released a site where users can navigate annotations automatically extracted from 7,000 privacy policies by our machine learning and natural language processing technologies. This article and video describe the AI behind the automatic extraction of annotations from privacy policies.
Automated Reporting and Semantic Web Reasoning
We have now released a site that uses automated reasoning and semantic annotations to answer queries about the content of privacy policies in our OPP-115 corpus. This includes automatic generation of reports to answer a variety of queries about statements found in these privacy policies.
OPP-115 Corpus of Annotated Privacy Policies
The OPP-115 Corpus (Online Privacy Policies, set of 115) is a collection of website privacy policies (i.e., in natural language) with annotations that specify data practices in the text. Each privacy policy was read and annotated by three graduate students in law. The corpus includes a total of 23,000 fine-grained data practice annotations extracted from these policies. The corpus is the product of hundreds of hours of annotation work by law students at Fordham University and the University of Pittsburgh, using an annotation tool developed at CMU. We are pleased to make this resource available to the research community.
Our ACL'16 paper provides further details on the corpus and the annotation process.
- Download the OPP-115 corpus
- S. Wilson, F. Schaub, A.A. Dara, F. Liu, S.K. Cherivirala, P.G. Leon, M.S. Andersen, S. Zimmeck, K.M. Sathyendra, N.C. Russell, T.B. Norton, E. Hovy, J. Reidenberg, and N. Sadeh. The creation and analysis of a website privacy policy corpus. ACL '16: Proceedings of the 54th Annual Meeting of the Association for Computational Linguistics, Berlin, Germany, August 2016.
AAAI Fall Symposium on Privacy and Language Technologies
Shomir Wilson, Alessandro Oltramari and Fei Liu organized an AAAI Fall Symposium titled "Privacy and Language Technologies" in November 2016 in Arlington, Virginia. The goal of this symposium is to bring together researchers who work in either language technologies or in privacy but have an interest in both areas, as these two groups will benefit greatly from a forum to interact.
Project Newsletter
With the project now in its third year, we created a newsletter that highlights some of our accomplishments, progress and activities over the past year. Our goal is to grow our project into a broader community of organizations and individuals interested in collaborating in this area.
Privacy Indicator Workshops
Florian Schaub co-organized two half-day workshops focused on privacy indicators at the Symposium on Usable Privacy and Security (SOUPS) on June 22, 2016, in Denver, CO. The Workshop on Privacy Indicators focused on the current state of privacy indicators, such as privacy policies, privacy seals, icons, and notices. The Workshop on the Future of Privacy Indicators provided an opportunity for those engaged in researching privacy policies, notices, indicators, and other related topics to think creatively about the next evolution of notice and consent.
CMU Privacy Day 2016
CMU Privacy Day 2016 celebrated the international data privacy day on January 28, 2016. A full schedule of privacy-related events included a keynote by Ed Felten, the Deputy U.S. Chief Technology Officer for the White House Office of Science and Technology Policy. Additional events included a panel discussion on the latest trends and challenges in data privacy, a privacy clinic, and a privacy research poster session.
- CMU Privacy Day 2016: cups.cs.cmu.edu/privacy-day/2016/
Bank Privacy Website
The Gramm-Leach-Bliley Act requires U.S. financial institutions to send annual privacy notices to their customers. In 2009, eight federal agencies jointly released a model privacy notice in a standardized format. Such a standardized privacy notice lets consumers directly compare companies' privacy practices and also enables the first automated, large-scale comparison of privacy practices across an entire industry. We developed an approach to automatically retrieve such standardized privacy notices from financial institutions, parse these notices and extract the information that is most relevant for consumers. The bank privacy websites provides access to our analysis results and allows the exploration and comparison of data practices from different financial institutions.
- Bank privacy website: cups.cs.cmu.edu/bankprivacy/
- L.F. Cranor, K. Idouchi, P.G. Leon, M. Sleeper, B. Ur. Are They Actually Any Different? Comparing Thousands of Financial Institutions’ Privacy Practices. Workshop on the Economics of Information Security, 2013.
PPS Workshop
Since 2014, Alessandro Acquisti and Norman Sadeh co-organize the Annual Privacy Personas and Segmentation Workshop (PPS) at SOUPS, the Symposium on Usable Privacy and Security. The PPS workshop is an opportunity for researchers and practitioners to explore improved methods and tools for understanding privacy concerns, facilitating the construction of privacy personas and/or segmenting users on the basis of their diverse privacy attitudes, concerns, and behaviors. These characterizations may make it possible to better predict online behavior and disclosure, to personalize interfaces, to suggest appropriate default settings, and to measure shifts in public sentiment.
CLIP Law and Information Society Symposium
The Fordham Center on Law and Information Privacy organized the Ninth Law and Information Society Symposium on May 13, 2015 under the theme "solving Privacy Around the World." Multiple project members participated in the panel titled "Consent Models and Technological Complexity."
CMU Privacy Day 2015
CMU Privacy Day 2015 celebrated the international data privacy day on January 28, 2015. A full schedule of privacy-related events included a keynote by FTC Commissioner Julie Brill on Privacy, Security and Fairness in the Internet of Things, a panel discussion on privacy research and public policy, a privacy clinic, and a privacy research poster session.
CPDP 2015 Panel
Joel Reidenberg organized a panel on "Can automated processing make privacy notice/choice more effective for users and DPAs?" at the 8th International Conference on Computers, Privacy & Data Protection (CPDP) in Brussels. Panelists were project members Joel Reidenberg, N. Cameron Russell, and Florian Schaub, as well as Aaron Burstein (FTC), Alexander Dix (data protection commissioner of Berlin), and Gwendal Le Grand (CNIL).
ACL/COLING 2014 Dataset
We created a corpus of 1,010 privacy policies from the top websites ranked on Alexa.com. The privacy policies in the dataset were retrieved in December 2013 and January 2014.
The corpus and questions are released under Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) license. This corpus is only made available for teaching, scholarship or research purposes. By using this corpus, you agree to acknowledge its origin by citing the papers listed below. If you have any issues with the dataset please feel free to contact us.
- R. Ramanath, F. Liu, N. Sadeh, N.A. Smith. Unsupervised Alignment of Privacy Policies using Hidden Markov Models. Proceedings of ACL. Association for Computational Linguistics. June 2014.
- F. Liu, R. Ramanath, N. Sadeh, N.A. Smith. A Step Towards Usable Privacy Policy: Automatic Alignment of Privacy Statements. Proceedings of the 25th International Conference on Computational Linguistics (COLING). 2014.
Download the dataset: acl-coling-2014-corpus.zip (5.5 Mb) and supplementary material (pdf).
FOPNAC Workshop 2014
The Workshop on the Future of Privacy Notice and Choice (FOPNAC), held on June 27, 2014 at Carnegie Mellon University, explored the future of privacy notice and choice, examining the needs of end users, how technology can be used to better meet user needs, and relevant public policy space. The workshop include invited speakers; panels focussing on users, technology, and public policy; and a research poster session.
Data Protection Day 2014
We organized multiple events at Carnegie Mellon University on January 29, 2014 to celebrate the international Data Privacy Day. Nicole Wong, Deputy U.S. Chief Technology Officer, was the keynote speaker. The event also featured a privacy clinic and a privacy research poster session.
- Data Privacy Day 2014: cups.cs.cmu.edu/privacy-day/2014/
- Nicole Wong's keynote address: video
Master Program in Privacy Engineering
The Master of Science in Information Technology – Privacy Engineering degree at Carnegie Mellon University is a one-year program designed for computer scientists and engineers who wish to pursue careers as privacy engineers or technical privacy managers. Designed in close collaboration with industry and government, this program is intended for students who aspire to play a critical role in building privacy into future products, services, and processes. The Privacy Engineering master program is co-directed by Lorrie Cranor and Norman Sadeh.
- MSIT Privacy Engineering program: privacy.cs.cmu.edu
