Search Icon
Register

Automated Expansion of Privacy Data Taxonomy for Compliant Data Breach Notification

Yue Qin (Indiana University Bloomington & Central University of Finance and Economics), Yue Xiao (Indiana University Bloomington & IBM Research), Xiaojing Liao (Indiana University Bloomington)

In privacy compliance research, a significant challenge lies in comparing specific data items in actual data usage practices with the privacy data defined in laws, regulations, or policies. This task is complex due to the diversity of data items used by various applications, as well as the different interpretations of privacy data across jurisdictions. To address this challenge, privacy data taxonomies have been constructed to capture relationships between privacy data types and granularity levels, facilitating privacy compliance analysis. However, existing taxonomy construction approaches are limited by manual efforts or heuristic rules, hindering their ability to incorporate new terms from diverse domains. In this paper, we present the design of GRASP, a scalable and efficient methodology for automatically constructing and expanding privacy data taxonomies. GRASP incorporates a novel hypernym prediction model based on granularity-aware semantic projection, which outperforms existing state-of-the-art hypernym prediction methods. Additionally, we design and implement Tracy, a privacy professional assistant to recognize and interpret private data in incident reports for GDPR-compliant data breach notification. We evaluate Tracy in a usability study with 15 privacy professionals, yielding high-level usability and satisfaction.

Paper
Slides
Video

View More Papers

Density Boosts Everything: A One-stop Strategy for Improving Performance,...

Jianwen Tian (Academy of Military Sciences), Wei Kong (Zhejiang Sci-Tech University), Debin Gao (Singapore Management University), Tong Wang (Academy of Military Sciences), Taotao Gu (Academy of Military Sciences), Kefan Qiu (Beijing Institute of Technology), Zhi Wang (Nankai University), Xiaohui Kuang (Academy of Military Sciences)

Read More

DRAGON: Predicting Decompiled Variable Data Types with Learned Confidence...

Caleb Stewart, Rhonda Gaede, Jeffrey Kulick (University of Alabama in Huntsville)

Read More

Repurposing Neural Networks for Efficient Cryptographic Computation

Xin Jin (The Ohio State University), Shiqing Ma (University of Massachusetts Amherst), Zhiqiang Lin (The Ohio State University)

Read More

LeoCommon – A Ground Station Observatory Network for LEO...

Eric Jedermann, Martin Böh (University of Kaiserslautern), Martin Strohmeier (armasuisse Science & Technology), Vincent Lenders (Cyber-Defence Campus, armasuisse Science & Technology), Jens Schmitt (University of Kaiserslautern)

Read More