A Framework System Using Word Mover’s Distance Text Similarity Algorithm for Assessing Privacy Policy Compliance

Abstract

Privacy policies are important as they outline how organizations manage the personal data of consumers who use their services. However, a key issue with privacy policies is that they are lengthy and verbose, hindering the public from fully understanding the contents stated in the privacy policy. While there have been existing research works on assessing privacy policies, most of them are manually done by humans. Besides lacking automated solutions for assessing privacy policies’ compliance with data protection regulations, there has been no usage of semantic text analytics approaches in the study of privacy policy compliance. As such, we researched and implemented a framework system embedded with a data protection requirements dictionary where privacy policies are assessed automatically based on its coverage with the dictionary. We selected the General Data Protection Regulation (GDPR) as the primary source of our experiment for its broader requirements compared to other regulations. The assessment by the framework is realized through the Word Mover's Distance (WMD) text similarity algorithm which calculates the similarity distance of how close the meaning of a privacy policy and the data protection regulation requirements in the dictionary. Our framework system is a novel implementation of the WMD text similarity algorithm in assessing privacy policies semantically and it contributes to an automated assessment on privacy policy compliance with personal data protection requirements.