NSF PAR Search | NSF Public Access Repository

C3PA: An Open Dataset of Expert-Annotated and Regulation-Aware Privacy Policies to Enable Scalable Regulatory Compliance Audits

https://doi.org/10.18653/v1/2024.emnlp-main.217

Musa, Maaz Bin; Winston, Steven M; Allen, Garrison; Schiller, Jacob; Moore, Kevin; Quick, Sean; Melvin, Johnathan; Srinivasan, Padmini; Diamantis, Mihailis E; Nithyanand, Rishab (November 2024, Association for Computational Linguistics)

The development of tools and techniques to analyze and extract organizations’ data habits from privacy policies are critical for scalable regulatory compliance audits. Unfortunately, these tools are becoming increasingly limited in their ability to identify compliance issues and fixes. After all, most were developed using regulationagnostic datasets of annotated privacy policies obtained from a time before the introduction of landmark privacy regulations such as EU’s GDPR and California’s CCPA. In this paper, we describe the first open regulation-aware dataset of expert-annotated privacy policies, C3PA (CCPA Privacy Policy Provision Annotations), aimed to address this challenge. C3PA contains over 48K expert-labeled privacy policy text segments associated with responses to CCPA-specific disclosure mandates from 411 unique organizations. We demonstrate that the C3PA dataset is uniquely suited for aiding automated audits of compliance with CCPA-related disclosure mandates.

Full Text Available

Search for: All records