US 12,314,449 B1
Systems and methods for managing privacy policy violations
Daniel Kats, Culver City, CA (US); Johann Roturier, Maynooth (IE); Yun Shen, Bristol (GB); and David Silva, Dublin (IE)
Assigned to Gen Digital Inc., Tempe, AZ (US)
Filed by GEN DIGITAL INC., Tempe, AZ (US)
Filed on Feb. 27, 2024, as Appl. No. 18/588,694.
Application 18/588,694 is a continuation of application No. 17/245,838, filed on Apr. 30, 2021, granted, now 11,941,156.
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/62 (2013.01); G06F 40/205 (2020.01); H04L 9/40 (2022.01)
CPC G06F 21/6263 (2013.01) [G06F 21/6254 (2013.01); G06F 40/205 (2020.01); H04L 63/0428 (2013.01); H04L 63/102 (2013.01); G06F 2221/2119 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A computer-implemented method for managing privacy policy violations, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
obtaining, by the computing device, an intermediate representation of a privacy policy, wherein the intermediate representation denotes a formal policy and is generated by extracting the privacy policy in natural language from a website and parsing the privacy policy, wherein the extracting includes:
determining that one or more documents look like privacy policies; and
recursively following any links found in all of the one or more documents that look like privacy policies;
comparing, by the computing device, behavior of the website against the intermediate representation, thereby detecting at least one violation of the formal policy; and
enforcing, by the computing device, the formal policy at least in part by taking a security action in response to the violation, wherein the security action includes denying one or more requests to add one or more networks if they are not listed in the privacy policy.