ABSTRACT
Privacy issues within subsidiary companies can significantly impact the overall trust in a group of companies. Therefore, it is important to address privacy concerns and establish privacy governance across the entire group, including the parent and subsidiary companies. However, the assessment of the actual state of privacy governance within a group from an external perspective remains challenging. In this study, we have analyzed the publicly disclosed privacy policies of the parent and subsidiary companies within a group and compared the results to investigate the practical implementation of privacy governance. The similarity in legal compliance was examined based on the policies of 901 group companies and several influencing factors were identified, such as organizational structure and the number of companies within the group. Specifically, we observed a decrease in similarity with an increase in the number of companies and complexity of the organizational structure. Moreover, companies with lesser similarities belonged to industries handling personal information and having fewer employees.
- Abdel-Jaouad Aberkane, Seppe vanden Broucke, and Geert Poels. 2022. Investigating Organizational Factors Associated with GDPR Noncompliance using Privacy Policies: A Machine Learning Approach. In International Conference on Trust, Privacy and Security in Intelligent Systems, and Applications (TPS-ISA).Google ScholarCross Ref
- Andrick Adhikari, Sanchari Das, and Rinku Dewri. 2023. Evolution of Composition, Readability, and Structure of Privacy Policies over Two Decades. In Proceedings on Privacy Enhancing Technologies (PoPETs).Google ScholarCross Ref
- Ben Andow. [n.,d.]. HtmlToPlaintext. https://github.com/benandow/HtmlToPlaintext.Google Scholar
- Colin J. Bennett and Charles D. Raab. 2020. Revisiting the governance of privacy: Contemporary policy instruments in global perspective. In Regulation & Governance.Google Scholar
- Dun & Bradstreet, Inc. [n.,d.]. D&B Hoovers?. https://www.dnb.com/products/marketing-sales/dnb-hoovers.html.Google Scholar
- Hamza Harkous, Kassem Fawaz, Ré mi Lebret, Florian Schaub, Kang G. Shin, and Karl Aberer. 2018. Polisis: Automated Analysis and Presentation of Privacy Policies Using Deep Learning. In USENIX Security Symposium.Google Scholar
- Thomas Linden, Rishabh Khandelwal, Hamza Harkous, and Kassem Fawaz. 2020. The Privacy Policy Landscape After the GDPR. In Proceedings on Privacy Enhancing Technologies (PoPETs).Google ScholarCross Ref
- Shuang Liu, Baiyang Zhao, Renjie Guo, Guozhu Meng, Fan Zhang, and Meishan Zhang. 2021. Have You been Properly Notified? Automatic Compliance Analysis of Privacy Policy Text with GDPR Article 13. In The Web Conference (WWW).Google ScholarDigital Library
- Trade Ministry of Economy and Industry. [n.,d.]. Privacy Governance (in Japanese). https://www.meti.go.jp/policy/it_policy/privacy/privacy.html.Google Scholar
- Keika Mori, Tatsuya Nagai, Yuta Takata, and Masaki Kamizono. 2022. Analysis of Privacy Compliance by Classifying Multiple Policies on the Web. In Computers, Software and Applications Conference (COMPSAC).Google Scholar
- Ministry of Internal Affairs and Communications. 2023. Corporate privacy governance guidebook in the DX era (in Japanese). https://www.soumu.go.jp/menu_kyotsuu/important/kinkyu02_000513.html.Google Scholar
- Shomir Wilson, Florian Schaub, Aswarth Abhilash Dara, Frederick Liu, Sushain Cherivirala, Pedro Giovanni Leon, Mads Schaarup Andersen, Sebastian Zimmeck, Kanthashree Mysore Sathyendra, N. Cameron Russell, Thomas B. Norton, Eduard H. Hovy, Joel R. Reidenberg, and Norman M. Sadeh. 2016. The Creation and Analysis of a Website Privacy Policy Corpus. In Annual Meeting of the Association for Computational Linguistics (ACL).Google Scholar
- Razieh Nokhbeh Zaeem and K. Suzanne Barber. 2021. Comparing Privacy Policies of Government Agencies and Companies: A Study using Machine-learning-based Privacy Policy Analysis Tools. In Proceedings of the 13th International Conference on Agents and Artificial Intelligence (ICAART). ioGoogle Scholar
Index Terms
- Impact Analysis of Organizational Structure of Group Companies on Privacy Policies
Recommendations
An analytical framework for online privacy research
An analytical framework is suggested for interdisciplinary online privacy research.Websites managers views and knowledge is a neglected topic in privacy research.Websites managers indicate that their own websites do not violate users privacy.The younger ...
Privacy policies verification in composite services using OWL
Privacy has been an important issue for online services collecting customer data. P3P is a privacy policy language with a fixed vocabulary to express privacy practices of online services. The matching between the privacy practices (P3P policies) and ...
Commitment analysis to operationalize software requirements from privacy policies
Special Issue on Digital privacy: theory, policies and technologiesOnline privacy policies describe organizations’ privacy practices for collecting, storing, using, and protecting consumers’ personal information. Users need to understand these policies in order to know how their personal information is being collected, ...
Comments