PrivacyLens
A Framework to Collect and Analyze the Landscape of Past, Present, and Future Smart Device Privacy Policies
A high-level overview of PrivacyLens
PrivacyLens is a novel framework devised to automatically collect, analyze, and publish privacy policies of smart IoT devices, responding to the growing concerns over user privacy as smart devices become increasingly integrated into daily lives. Despite the existence of privacy policies, a significant challenge arises as they are often overlooked or misunderstood by users, hence the need for an automated analysis to provide clearer insights to users and other stakeholders. Unlike previous works, this project pivots towards addressing the gap in privacy policies specific to smart devices which present unique challenges in collection and analysis due to their dispersed nature across various manufacturers and e-commerce platforms.
The PrivacyLens framework operates in three core stages; Collection, Analysis, and Publication. Initially, it crawls prominent e-commerce sites for smart IoT devices, extracting metadata and privacy policies, while also utilizing the Wayback Machine to garner historical privacy policies for longitudinal analysis. Following the collection, the framework employs Natural Language Processing (NLP) and Machine Learning (ML) techniques to dissect these policies, aiming to deduce features like overall quality, readability, and ambiguity among others. The final stage sees the publishing of this analyzed data on a dedicated website, updated monthly to provide users, policy authors, and regulators a robust, updated resource to understand and compare privacy practices across a multitude of smart devices. As of the submission, PrivacyLens has successfully amassed and analyzed over 1,200 privacy policies for 7,300 smart devices, presenting a significant stride towards fostering transparency and informed decision-making in the realm of smart device privacy. Through PrivacyLens, stakeholders varying from ordinary consumers to data protection regulators are equipped with a powerful tool to understand and navigate the privacy landscape of IoT devices, marking a crucial step towards creating a more responsible and transparent digital ecosystem.
Roberto Yus
Assistant Professor
My research interests include Data Management, Knowledge Representation, the Internet of Things, and Privacy.
Tim Finin
Professor
Tim Finin is the Willard and Lillian Hackerman Chair in Engineering and a Computer Science and Electrical Engineering professor at the University of Maryland, Baltimore County (UMBC). He has over 50 years of experience in applying AI to problems in information systems and language understanding. His current research focuses on representing and reasoning with knowledge graphs, analyzing and extracting information from text, and enhancing security and privacy in information systems. He is an ACM fellow, a AAAI fellow, an IEEE technical achievement award recipient, and was selected as the UMBC Presidential Research Professor in 2012. Finin received an S.B. degree in Electrical Engineering from MIT and a Ph.D. in Computer Science from the University of Illinois at Urbana-Champaign. He has held positions at UMBC, Unisys, the University of Pennsylvania, Johns Hopkins University, and the MIT AI Laboratory. He has chaired the UMBC Computer Science department, served on the Computing Research Association board of directors, been a AAAI councilor, and chaired many major research conferences. He is a former editor-in-chief of the Elsevier Journal of Web Semantics.
Primal Pappachan
Assistant Professor
My research interests include data management, privacy, and Internet of Things.
Hemanth Reddy Samidi
MS Student
My research interests include Machine Learning, Data Science, Data Visualization, and Privacy.
