IEEE International Services Computing Conference (SCC) 2021 in IEEE World Congress on Services 2021
Analyzing GDPR compliance in Cloud Services' privacy policies using Textual Fuzzy Interpretive Structural Modeling (TFISM)
September 6, 2021
Cloud Service providers must comply with data protection regulations, like European Union (EU) General Data Protection Regulation (GDPR), to ensure their users' personal data security and privacy. Hence, the service privacy policies and terms of service documents refer to the rules it complies with within the data protection regulation. However, these documents contain legalese jargon that requires significant manual effort to parse and confirm compliance. We have developed a novel methodology, Textual Fuzzy Interpretive Structural Modeling (TFISM), that automatically analyzes large textual datasets to identify driving and dependent factors in the dataset. TFISM enhances Interpretive Structural Modeling (ISM) to analyze textual data and integrate it with Artificial Intelligence and Text extraction techniques. Using TFISM, we identified the critical factors in GDPR and compared them with various Cloud Service privacy policies. In this paper, we present the results of this study that identified how different factors are emphasized in GDPR and 224 publicly available service privacy policies. TFISM can be used both by service providers and consumers to automatically analyze how close a service privacy policy aligns with the GDPR.
InProceedings
IEEE
IEEE
Downloads: 558 downloads