CompAi: A Tool for GDPR Completeness Checking of Privacy Policies using Artificial Intelligence

Abstract

Translate Article

We introduce CompAı - a tool for checking the completeness of privacy policies against the general data protection regulation (GDPR). CompAı facilitates the analysis of privacy policies to check their compliance to GDPR requirements. Since privacy policies serve as an agreement between a software system and its prospective users, the policy must fully capture such requirements to ensure that collected personal data of individuals (or users) remains protected as specified by the GDPR. For a given privacy policy, CompAı semantically analyzes its textual content against a comprehensive conceptual model which captures all information types that might appear in any policy. Based on this analysis, alongside some input from the end user, CompAı can determine the potential incompleteness violations in the input policy with an accuracy of ≈96%. CompAı generates a detailed report that can be easily reviewed and validated by experts. The source code of CompAı is publicly available on https://figshare.com/articles/online_resource/CompAI/23676069, and a demo of the tool is available on https://youtu.be/zwa_tM3fXHU.