scholarly journals Assessing the Likelihood of Privacy Policy Compliance

2008 ◽  
pp. 723-727 ◽  
Author(s):  
George O.M. Yee ◽  
Larry Korba ◽  
Ronggong Song
Keyword(s):  
Privacy Policy ◽  
Policy Compliance

scholarly journals Mitigator: Privacy policy compliance using trusted hardware

2020 ◽  
Vol 2020 (3) ◽  
pp. 204-221
Author(s):  
Miti Mazmudar ◽  
Ian Goldberg
Keyword(s):  
Trusted Computing ◽  
Privacy Policy ◽  
End User ◽  
Privacy Policies ◽  
Policy Compliance ◽  
Policy Model ◽  
Access Control Policies ◽  
Trusted Hardware ◽  
Trusted Computing Base ◽  
Proof Of Compliance

AbstractThrough recent years, much research has been conducted into processing privacy policies and presenting them in ways that are easy for users to understand. However, understanding privacy policies has little utility if the website’s data processing code does not match the privacy policy. Although systems have been proposed to achieve compliance of internal software to access control policies, they assume a large trusted computing base and are not designed to provide a proof of compliance to an end user. We design Mitigator, a system to enforce compliance of a website’s source code with a privacy policy model that addresses these two drawbacks of previous work. We use trusted hardware platforms to provide a guarantee to an end user that their data is only handled by code that is compliant with the privacy policy. Such an end user only needs to trust a small module in the hardware of the remote back-end machine and related libraries but not the entire OS. We also provide a proof-of-concept implementation of Mitigator and evaluate it for its latency. We conclude that it incurs only a small overhead with respect to an unmodified system that does not provide a guarantee of privacy policy compliance to the end user.

Combining Defaults and Transparency Information to Increase Policy Compliance

2020 ◽  
Vol 51 (5) ◽  
pp. 354-359 ◽  
Author(s):  
Yavor Paunov ◽  
Michaela Wänke ◽  
Tobias Vogel
Keyword(s):  
Independent Effect ◽  
Online Experiment ◽  
Policy Compliance ◽  
Empirical Question ◽  
Theoretical Predictions

Abstract. Combining the strengths of defaults and transparency information is a potentially powerful way to induce policy compliance. Despite negative theoretical predictions, a recent line of research revealed that default nudges may become more effective if people are informed why they should exhibit the targeted behavior. Yet, it is an open empirical question whether the increase in compliance came from setting a default and consequently disclosing it, or the provided information was sufficient to deliver the effect on its own. Results from an online experiment indicate that both defaulting and transparency information exert a statistically independent effect on compliance, with highest compliance rates observed in the combined condition. Practical and theoretical implications are discussed.

Privacy Policy Specification and Audit in a Fixed-Point Logic - How to Enforce HIPAA, GLBA and All That

2010 ◽  
Author(s):  
Henry DeYoung ◽  
Deepak Garg ◽  
Limin Jia ◽  
Dilsun Kaynar ◽  
Anupam Datta
Keyword(s):  
Fixed Point ◽  
Privacy Policy ◽  
Policy Specification
Sign in / Sign up

Export Citation Format

Share Document