Automating the Evaluation of Privacy Policies using Artificial Intelligence

11 Jul 2018

Researchers from the European University Institute in Florence, in collaboration with The European Consumer Organisation (BEUC), created ‘Claudette’, a research project aiming at the automation of personal data and consumer law enforcement using artificial intelligence (AI). The program examined privacy policies of 14 major tech-businesses: Google, Facebook, Instagram, Amazon, Apple, Microsoft, WhatsApp, Twitter, Uber, AirBnB,, Skyscanner, Netflix, Steam, and Epic Games. The preliminary results showed that a third of world’s largest technology companies’ clauses were ‘potentially problematic’ or contained ‘insufficient information’. 11 % of the policy’s sentences had unclear language. The research outlined that privacy policies should meet: comprehensive information, clear language, fair processing, as well as the ways in which these documents can be unlawful and indicated whether the required information is insufficient, the language unclear, or showed potentially unfair processing. The Director General of BEUC, Monique Goyens said that the research was ‘very concerning’ as many privacy policies ‘may not meet the standard of the law’. The spokesperson from Alphabet’s Google stated that the firm has updated its privacy policy and uses clear and plain language. Amazon’s spokesperson said that its policies are compliant with the GDPR, and that users of its Alexa service are in control of their data. Facebook did not respond in time for publication.

Explore the issues

Privacy and data protection are two interrelated Internet governance issues. Data protection is a legal mechanism that ensures privacy. Privacy is usually defined as the right of any citizen to control their own personal information and to decide about it (to disclose information or not). Privacy is a fundamental human right. It is recognised in the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, and in many other international and regional human rights conventions. The July 2015 appointment of the first UN Special Rapporteur on the Right to Privacy in the Digital Age reflects the rising importance of privacy in global digital policy, and the recognition of the need to address privacy rights issues the the global, as well as national levels.

Consumer trust is one of the main preconditions for the success of e-commerce. E-commerce is still relatively new and consumers are not as confident with it as with real-world shopping. Consumer protection is an important legal method for developing trust in e-commerce.


The GIP Digital Watch observatory is provided by

in partnership with

and members of the GIP Steering Committee


GIP Digital Watch is operated by

Scroll to Top