X-ray vision for privacy policies - Instant risk scores for the terms you'll never read
Privacy Forensics transforms impenetrable legal documents into clear, actionable privacy risk scores. Stop blindly clicking "I Agree" - know the risks first.
- Four Risk Categories: Data Resale, Biometric Collection, Indefinite Retention, Vague Language
- AI-Enhanced Validation: GPT-4o validates findings against GDPR regulations
- Specific Citations: Get exact GDPR article references (e.g., "Article 5(1)(b) - Purpose Limitation")
- Visual Dashboard: Color-coded risk scores (0-100) with interactive charts
- Clause-Level Breakdown: See exactly which sentences triggered each flag
- Auto-Detection: Recognizes privacy policy pages automatically
- Instant Risk Badges: See privacy scores without leaving the page
- Permission Alerts: Flags camera, microphone, location, and biometric data requests
- One-Click Analysis: Send policies to web app for detailed forensics
| Company | Risk Score | Category | Key Issues |
|---|---|---|---|
| 38.4 | Medium | Vague language (strong encryption) | |
| 30.5 | Medium | Transparent data monetization | |
| TikTok | 65.3 | High | Extensive collection + ad targeting |
- Python 3.11+
- Node.js 18+
- Backboard.io API key (Get one here)
# Clone the repository
git clone https://github.com/yourusername/privacy-forensics.git
cd privacy-forensics/backend
# Create virtual environment
python -m venv venv
# Activate virtual environment
# Windows:
venv\Scripts\activate
# Mac/Linux:
source venv/bin/activate
# Install dependencies
pip install -r requirements.txt
# Configure API key
cp .env.example .env
# Edit .env and add your Backboard.io API key
# Run backend
python app.pyBackend runs on http://localhost:5000
cd frontend
# Install dependencies
npm install
# Run development server
npm run devFrontend runs on http://localhost:5173
## ๐ฎ Usage Examples
### Web Application
1. **Paste a privacy policy** into the text area
2. **(Optional)** Enable AI Enhancement for GDPR validation
3. **Click "Analyze Policy"**
4. **View results**: Overall score + category breakdown + flagged clauses
### API Endpoint
```bash
curl -X POST http://localhost:5000/analyze \
-H "Content-Type: application/json" \
-d '{
"policy": "Your privacy policy text here...",
"use_ai": true
}'
Response:
{
"overall": {"score": 65.3, "risk_level": "high"},
"data_resale": {
"score": 100,
"matches": [
{
"text": "We share data with advertisers...",
"matched_keyword": "advertisers",
"ai_validation": "YES - conflicts with GDPR Article 6(1)(a)..."
}
]
}
}Frontend
- React 18 + Vite
- Tailwind CSS
- Chart.js + react-chartjs-2
- Axios
Backend
- Flask (Python)
- Requests
- Python-dotenv
AI/ML
- Backboard.io API
- GPT-4o
- Regex pattern matching
We validated against real-world privacy policies:
# Test with sample policies
cd backend
python -c "
from risk_analyzer import RiskAnalyzer
analyzer = RiskAnalyzer()
with open('test_policies/whatsapp.txt') as f:
result = analyzer.analyze(f.read())
print(f\"Risk Score: {result['overall']['score']}\")
"We welcome contributions! Here's how:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
- Follow PEP 8 for Python code
- Use ESLint rules for JavaScript
- Add tests for new features
- Update documentation
- True RAG implementation with vector database
- Side-by-side policy comparison
- Browser extension Chrome Web Store publication
- Export reports as PDF
- Multi-language support (ES, FR, DE, ZH)
- Mobile app with QR code scanning
- Historical tracking of policy changes
- CCPA, PIPEDA, LGPD regulation support
- Privacy score certification program
- Real-time policy change alerts
- Collective action features
- Enterprise compliance tools
- Analysis Speed: < 3 seconds (regex only), ~30-60 seconds (with AI)
- Accuracy: 85%+ on test dataset of 50 policies
- API Uptime: 99.9% (Flask + Backboard.io)
This project is licensed under the MIT License - see the LICENSE file for details.
- HackNC 2025 - The Agency Track Submission
- Backboard.io API Challenge - Participant
Built with โค๏ธ by:
- Rohan Khandare - Full Stack Development
- Harsh More - Full Stack Development
- Hrishikesh Salway - Full Stack Development
- Backboard.io for AI API access
- HackNC 2025 for hosting the hackathon
- GDPR documentation from EUR-Lex
- Privacy policy examples from WhatsApp, LinkedIn, TikTok
- Issues: Report a bug
- Email: [email protected], [email protected], [email protected]
โญ Star this repo if Privacy Forensics helped you make informed privacy decisions!
๐ Your privacy matters. Know what you're agreeing to.