Automated Detection of GDPR Violations in Cookie Notices Using Machine Learning
Open access
Autor(in)
Datum
2022-09Typ
- Master Thesis
ETH Bibliographie
yes
Altmetrics
Abstract
Privacy regulations such as the General Data Protection Regulation require websites to inform EU-based users of the collection of their data and to request their consent to use non-essential cookies. This led to a global adaptation of cookie notices. Several studies showed that websites’ implementation of cookie notices tends to violate these regulations. However, most of these studies focused on a limited subset of websites, detected only simple violations using prescribed patterns, or restricted their analysis to only the first layer of cookie notices. This master’s thesis addresses these limitations. Our method automatically navigates through cookie notices using several heuristics, extracts their text, observes declared processing purposes and available consent options with Natural Language Processing, and analyzes websites’ cookies. We find that 47% of websites are highly susceptible of collecting users’ data despite negative consent, and that around 61% of cookie notices do not offer users the option to opt-out of consent. Mehr anzeigen
Persistenter Link
https://doi.org/10.3929/ethz-b-000575741Publikationsstatus
publishedBeteiligte
Referent: Kubicek, Karel
Referent: Zac, Amit
Referent: Cotrini, Carlos
Referent: Basin, David
Verlag
ETH Zurich, Department of Computer ScienceOrganisationseinheit
03634 - Basin, David / Basin, David
ETH Bibliographie
yes
Altmetrics