Privacy policies as decision-making tools: an evaluation of online privacy notices
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Elaborating Security Requirements by Construction of Intentional Anti-Models
Proceedings of the 26th International Conference on Software Engineering
Inside JetBlue's Privacy Policy Violations
IEEE Security and Privacy
Mining rule semantics to understand legislative compliance
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
HIPAA's Effect on Web Site Privacy Policies
IEEE Security and Privacy
A Requirements-based Comparison of Privacy Taxonomies
RELAW '08 Proceedings of the 2008 Requirements Engineering and Law
A Formalization of HIPAA for a Medical Messaging System
TrustBus '09 Proceedings of the 6th International Conference on Trust, Privacy and Security in Digital Business
Allocating goals to agent roles during MAS requirements engineering
AOSE'06 Proceedings of the 7th international conference on Agent-oriented software engineering VII
Towards a framework for tracking legal compliance in healthcare
CAiSE'07 Proceedings of the 19th international conference on Advanced information systems engineering
Towards a comprehensive requirements architecture for privacy-aware social recommender systems
APCCM '10 Proceedings of the Seventh Asia-Pacific Conference on Conceptual Modelling - Volume 110
TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
Security and trust requirements engineering
Foundations of Security Analysis and Design III
A more expressive softgoal conceptualization for quality requirements analysis
ER'06 Proceedings of the 25th international conference on Conceptual Modeling
| Hi-index | 0.00 |
Privacy has recently become a prominent issue in the context of electronic commerce websites. Increasingly, privacy policies posted on such websites are receiving considerable attention from the government and consumers. We have used goal-mining, to extract prerequirements goals from post-requirements text artifacts, as a technique for analyzing privacy policies. The identified goals are useful for analyzing implicit internal conflicts within privacy policies and conflicts with the corresponding websites and their manner of operation.These goals can be used to reconstruct the implicit requirements met by the privacy policies. This paper interrelates privacy policy and requirements for websites; it introduces a privacy goal taxonomy and reports the analysis of 23 Internet privacy policies for companies in three health care industries: pharmaceutical, health insurance and online drugstores. The evaluatedtaxonomy provides a valuable framework for requirements engineering practitioners, policy makers and regulatory bodies, and also benefits website users.