HCI for Cybersecurity, Privacy and Trust Best Paper Award

5th International Conference on HCI for Cybersecurity, Privacy and Trust Best Paper Award. Details in text following the image.

Best Paper Award for the 5th International Conference on HCI for Cybersecurity, Privacy and Trust, in the context of HCI International 2023, Copenhagen, Denmark, 23-28 July 2023

Certificate for best paper award of the 5th International Conference on HCI for Cybersecurity, Privacy and Trust. Details in text following the image

Certificate for Best Paper Award of the 5th International Conference on HCI for Cybersecurity, Privacy and Trust

The award has been conferred to
Luca Mazzola, Atreya Shankar, Christof Bless,
Maria A. Rodriguez, Andreas Waldis, Alexander Denzler
(HSLU - Lucerne University of Applied Sciences and Arts, Switzerland) and
Michiel Van Roey (Profila GmbH, Switzerland)


Luca Mazzola
(presenter)


for the paper entitled

"A Question Answering Tool for Website Privacy Policy Comprehension"

Presented in the context of
HCI International 2023
Copenhagen, Denmark
23 - 28 July 2023

Paper Abstract
"Everyday we interact with online services from companies that ask for our permission to use our personal information. Nowadays it is common practice for websites and apps to collect big amounts of data which are mainly used for revenue optimization based on user analytics. This customer data collection and usage is regulated by legal agreements (i.e., privacy and cookie policies) which we are required to accept (multiple times a day), but which are generally very long and formulated in a way that makes their interpretation difficult for the general public. An average privacy policy takes 15 min to read and includes lots of legal jargon (e.g., including words like “data controller” and “legal basis for processing”). In this research project, we are developing a support system where users can search for concrete answers in the privacy policies of companies or websites, by formulating their questions in natural language. Instead of blindly accepting a privacy policy, a user could first query the system for answers to a potential concern. The system will return a ranked list of phrases and documents matching the query. In case the generated answer is not sufficient for the user, an extension will allow them to forward complex requests to best-matching legal professionals, specialized in privacy legislation, which can process them for a small fee. We present different aspects of the internal implementation, including the identification of relevant spans in unstructured privacy policies and the selection of the best-suited NLP model for this specific task. The initial results of a user evaluation are presented, showing promising directions. Eventually, some future research directions for the extension of the system conclude our contribution."

The full paper is available through SpringerLink, provided that you have proper access rights.