WO2023065806A1 - Method for generating privacy protocol family of application, and client device and server - Google Patents

Method for generating privacy protocol family of application, and client device and server Download PDF

Info

Publication number
WO2023065806A1
WO2023065806A1 PCT/CN2022/114005 CN2022114005W WO2023065806A1 WO 2023065806 A1 WO2023065806 A1 WO 2023065806A1 CN 2022114005 W CN2022114005 W CN 2022114005W WO 2023065806 A1 WO2023065806 A1 WO 2023065806A1
Authority
WO
WIPO (PCT)
Prior art keywords
behavior
server
personal data
privacy
client device
Prior art date
Application number
PCT/CN2022/114005
Other languages
French (fr)
Chinese (zh)
Inventor
张述
孙靓
麻俊波
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2023065806A1 publication Critical patent/WO2023065806A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/61Installation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates

Definitions

  • the present application relates to the field of privacy technology, and in particular to a method for generating an applied privacy protocol suite, a client device and a server.
  • the privacy protocol family provides the user's privacy rights and interests for the application, and the privacy protocol family may include content such as privacy statements, user agreements, and privacy requirements.
  • FIG. 1 shows a block flow diagram of generating a privacy protocol suite for an application in a related art.
  • developers need to intervene in the early stage of the application development stage, and the specific process of writing and generating the privacy protocol suite of the application includes:
  • the R&D personnel can distinguish user scenarios and obtain user data definitions corresponding to the user scenario distinctions. Based on the definition of user data, combined with the relevant requirements of laws and regulations, it is written by professional privacy representatives among the R&D personnel, and then confirmed by professional privacy legal personnel among the R&D personnel to obtain the privacy protocol suite of the application. Finally, the developer can integrate the privacy protocol suite of the application into the installation package (or release package) of the application, and during the release and launch phase of the application, the privacy protocol suite of the application can be oriented to users along with the version release of the application.
  • This application provides a method for generating an applied privacy protocol family, a client device and a server, which can automatically generate a target privacy protocol family, and can solve the problems of long time, high cost and poor accuracy caused by manually writing a privacy protocol family.
  • the present application provides a method for generating an application privacy protocol suite, which is applied to a client device.
  • the method includes:
  • the client device After running the target application, the client device obtains the first personal data of the target application in the client device;
  • the client device After determining that the first privacy behavior uses the first personal data, the client device sends first information to the second server, the first information is used to describe the privacy situation of the first privacy behavior using the first personal data, and the first Privacy behavior includes all behaviors that all applications need to use personal data on the client device;
  • the client device sends the first personal data to the first server, so that the first server determines the second personal data of the target application in the first server based on the first personal data, and uses the second personal data when determining the second privacy behavior.
  • the second information is used to describe the privacy of the second privacy behavior using the second personal data.
  • the second privacy behavior includes all applications that need to use personal data in the first server. all acts;
  • the client device receives a target privacy protocol suite from the second server, where the target privacy protocol suite is generated by the second server based on the first information and the second information;
  • the client device stores the target privacy protocol suite into the installation package of the target application, so that the target application can display the target privacy protocol suite to the user after being started.
  • the client device and the first server adopt data flow analysis, data retention monitoring, SDK Detection and data cross-border detection can capture the privacy situation of all privacy behaviors using personal data during the operation of the target application, and the client device and the first server will transmit the information corresponding to the aforementioned privacy situation to the second server , so that the second server can accurately and quickly generate the target privacy protocol suite based on the user's privacy rights and interests in the target application represented by the aforementioned information.
  • the automatic generation of the target privacy protocol family is realized, avoiding the cumbersome process of the development phase of the associated application and the development and launch phase of the bound application, shortening the time cost of generating the target privacy protocol family, and reducing the cost of generating the target privacy protocol family.
  • the input cost improves the accuracy of generating the target privacy protocol family.
  • the client device runs target applications, including:
  • the client device receives the installation package of the target application
  • the client device When the client device determines that the installation package of the target application is not a new version, it runs the installation package of the target application.
  • the method also includes:
  • the client device determines that the installation package of the target application is a new version, it sends the installation package of the target application to the second server;
  • the client device receives the target privacy protocol suite corresponding to the new version from the second server.
  • the target privacy protocol suite corresponding to the new version is based on the installation package of the target application by the second server, determines the difference between the old and new versions, and based on the difference, the It is obtained by updating the target privacy protocol family corresponding to the old version;
  • the client device updates the target privacy protocol suite corresponding to the old version in the installation package of the target application to the target privacy protocol suite corresponding to the new version, so that the client device displays the target privacy protocol suite corresponding to the new version after the target application is started.
  • the method also includes:
  • the client device displays the entire content of the target privacy protocol family
  • the client device receives the revised content of the target privacy protocol family
  • the client device updates the target privacy protocol family in the installation package of the target application based on the correction content, and obtains the revised target privacy protocol family, so that the target application can display the revised target privacy protocol family to the user after it is started;
  • the client device sends the revised target privacy protocol family to the second server, so that the second server updates the target privacy protocol family to the revised target privacy protocol family.
  • the client device when the first privacy behavior includes: sensitive behavior and control operation, after determining that the first privacy behavior uses the first personal data, the client device sends the first information to the second server, including :
  • the client device After determining that the sensitive behavior uses the first personal data, the client device determines that the first information includes the identification of the sensitive behavior and the content and identification of the first personal data used by the sensitive behavior, and sends the sensitive behavior information to the second server. identification and the content and identification of the first personal data used in sensitive activities;
  • the client device determines that the control operation uses the first personal data, it determines that the first information includes the identification of the control operation and the content and identification of the first personal data used by the control operation, and sends a report to the second
  • the server sends the identification of the control operation and the content and identification of the first personal data used by the control operation.
  • the client device when the first privacy behavior includes: a disclosure behavior, after determining that the first privacy behavior uses the first personal data, the client device sends the first information to the second server, including:
  • the client device determines the data disclosure situation of the target application in the client device based on the content and identification of the first personal data
  • the client device determines that the first personal data is used in the disclosure behavior based on the data disclosure situation of the target application in the client device, it determines that the first information includes the identification of the disclosure behavior and the identity of the first personal data used in the disclosure behavior. content and logos;
  • the client device sends the identification of the disclosure act and the content and identification of the first personal data used in the disclosure action to the second server.
  • the client device when the first privacy behavior includes: cross-border behavior, the client device sends first information to the second server after determining that the first privacy behavior uses the first personal data, including:
  • the client device determines the data cross-border status of the target application in the client device
  • the client device After the client device determines that the first personal data is used in the cross-border behavior based on the cross-border data of the target application in the client device, it determines that the first information includes the identification of the cross-border behavior and the first personal data used in the cross-border behavior. the content and identification of personal data;
  • the client device sends the identifier of the cross-border behavior and the content and identifier of the first personal data used by the cross-border behavior to the second server.
  • the second information when the second privacy behavior includes: rights behavior and retention behavior, the second information includes: the identification of the rights behavior and the content and identification of the second personal data used by the rights behavior, and/or , the identification of the retention behavior and the content and identification of the second personal data used in the retention behavior;
  • the identification of the right action and the content and identification of the second personal data used by the right action are sent by the first server after determining that the right action uses the second personal data based on the data retention status of the target application in the first server
  • the identification of the retention behavior and the content and identification of the second personal data used in the retention behavior are sent by the first server after determining that the retention behavior uses the second personal data based on the data retention status of the target application in the first server.
  • the target application The data retention situation in the first server is determined by the first server based on the content and identification of the second personal data.
  • the method further includes:
  • the client device receives from the first server the identification of the disclosure act and the content and identification of the second personal data used in the disclosure act included in the second information, the identification of the disclosure act and the content and identification of the second personal data used in the disclosure act
  • the identification is sent by the first server after determining that the disclosure behavior uses the second personal data based on the data disclosure of the target application in the first server.
  • the data disclosure of the target application in the first server is based on the second personal data
  • the content and identification of the data are determined;
  • the client device sends the identification of the disclosure behavior and the content and identification of the second personal data used in the disclosure behavior to the second server.
  • the method when the second privacy behavior includes: cross-border behavior, the method further includes:
  • the client device receives from the first server the identifier of the cross-border behavior included in the second information and the content and identifier of the second personal data used in the cross-border behavior, the identifier of the cross-border behavior and the second person used in the cross-border behavior
  • the content and identification of the data are sent by the first server after determining that the cross-border behavior uses the second personal data based on the cross-border data of the target application in the first server.
  • the cross-border data of the target application in the first server is determined by the first server based on the content and identification of the second personal data;
  • the client device sends the identifier of the cross-border behavior and the content and identifier of the second personal data used by the cross-border behavior to the second server.
  • the present application provides a method for generating an application privacy protocol suite, which is applied to a first server.
  • the method includes:
  • the first server receives first personal data of the target application in the client device from the client device, and the first personal data is obtained by the client device after running the target application;
  • the first server determines the second personal data of the target application in the first server based on the first personal data
  • the first server After the first server determines that the second privacy behavior uses the second personal data, it sends the second information to the second server.
  • the second information is used to describe the privacy situation that the second privacy behavior uses the second personal data.
  • the second privacy behavior Including all the behaviors that all applications need to use personal data in the first server, so that the second server generates the target privacy protocol suite based on the first information and the second information, and sends the target privacy protocol suite to the client device, the target privacy protocol suite It is used to store the client device in the installation package of the target application, so that the target application can display the target privacy protocol suite to the user after the target application is started.
  • the first information is that the client device uses the first personal data when determining the first privacy behavior Later sent to the second server, the first information is used to describe the privacy situation that the first privacy behavior uses the first personal data, and the first privacy behavior includes all behaviors that all applications need to use personal data on the client device.
  • the first server when the second privacy behavior includes: rights behavior and retention behavior, the first server sends second information to the second server after determining that the second privacy behavior uses the second personal data, including:
  • the first server determines the data retention status of the target application in the first server based on the content and identification of the second personal data
  • the first server determines that the second personal data is used in the right action based on the data retention status, it determines that the second information includes the identification of the right action and the content and identification of the second personal data used in the right action, and sends the second information to the second server Identification of the right action and the content and identification of the second personal data used by the right action;
  • the first server determines that the second personal data is used in the retention behavior based on the data retention situation, it determines that the second information includes the identification of the retention behavior and the content and identification of the second personal data used in the retention behavior, and sends The second server sends the identification of the retention behavior and the content and identification of the second personal data used in the retention behavior.
  • the first server sends second information to the second server after determining that the second privacy behavior uses the second personal data, including:
  • the first server determines the data disclosure situation of the target application in the first server based on the content and identification of the second personal data
  • the first server determines that the second personal data is used in the disclosure based on the data disclosure of the target application in the first server, it determines that the second information includes the identification of the disclosure and the content and content of the second personal data used in the disclosure. logo;
  • the first server sends the identification of the disclosure act and the content and identification of the second personal data used for the disclosure to the second server;
  • the first server sends the identification of the disclosure behavior and the content and identification of the second personal data used in the disclosure behavior to the second server through the client device.
  • the first server when the second privacy behavior includes: cross-border behavior, the first server sends second information to the second server after determining that the second privacy behavior uses the second personal data, including:
  • the first server determines the data cross-border status of the target application in the first server
  • the first server determines that the second personal data is used in the cross-border behavior based on the cross-border data of the target application in the first server, it determines that the second information includes the identification of the cross-border behavior and the second person used in the cross-border behavior the content and identification of the data;
  • the first server sends the identification of the cross-border behavior and the content and identification of the second personal data used by the cross-border behavior to the second server;
  • the first server sends the identifier of the cross-border behavior and the content and identifier of the second personal data used by the cross-border behavior to the second server through the client device.
  • the present application provides a method for generating an application privacy protocol suite, which is applied to the second server.
  • the method includes:
  • the second server receives first information from the client device, the first information is sent by the client device after determining that the first privacy behavior uses the first personal data, and the first information is used to describe that the first privacy behavior uses the target application
  • the privacy of the first personal data in the client device, the first privacy behavior includes all the behaviors that all applications need to use personal data in the client device, the first personal data is obtained by the client device after running the target application Arrived;
  • the second server receives the second information from the first server.
  • the second information is sent by the first server after determining that the second privacy behavior uses the second personal data of the target application in the first server.
  • the second information is used to describe the first
  • the second privacy behavior uses the privacy of the second personal data, the second privacy behavior includes all the behaviors that require the use of personal data in all applications in the first server, and the second personal data is determined by the first server based on the first personal data;
  • the second server generates a target privacy protocol family based on the first information and the second information
  • the second server sends the target protocol suite to the client device, and the target privacy protocol suite is used for the client device to store in the installation package of the target application, so that the target application can display the target protocol suite to the user after being started.
  • the method also includes:
  • the second server receives the installation package of the target application from the client device, and the installation package of the target application is sent when the client device determines that the installation package of the target application is a new version;
  • the second server determines the differences between the old and new versions based on the installation package of the target application
  • the second server updates the target privacy protocol family corresponding to the old version to obtain the target privacy protocol family of the new version;
  • the second server sends the target privacy protocol family corresponding to the new version to the client device, and the target privacy protocol family corresponding to the new version is used for the client device to update the target privacy protocol family corresponding to the old version in the installation package of the target application to a new version
  • the corresponding target privacy protocol suite so that the target application can display the target privacy protocol suite corresponding to the new version to the user after it is launched.
  • the method also includes:
  • the second server receives the revised target privacy protocol family from the client device.
  • the revised target privacy protocol family is the target privacy protocol in the installation package of the target application based on the revised content of the received target privacy protocol family by the client device. family, the correction content is received by the client device after displaying all the contents of the target privacy protocol family;
  • the second server updates the target privacy protocol family to the revised target privacy protocol family.
  • the second server receives the first information from the client device, including:
  • the second server receives from the client device the identification of the sensitive behavior included in the first information and the content and identification of the first personal data used by the sensitive behavior, the identification of the sensitive behavior and the content of the first personal data used by the sensitive behavior.
  • the content and identification are sent by the client device after determining that the first personal data was used by the sensitive behavior;
  • the second server receives the identification of the control operation included in the first information and the content and identification of the first personal data used for the control operation, the identification of the control operation and the first personal data used for the control operation from the client device.
  • the content and identification of the personal data is sent by the client device after determining that the first personal data was used for the operation of the control.
  • the second server receives first information from the client device, including:
  • the second server receives from the client device the identification of the disclosure act and the content and identification of the first personal data used in the disclosure act included in the first information, the identification of the disclosure act and the content of the first personal data used in the disclosure act.
  • the content and identification are sent by the client device after it is determined that the first personal data is used in the disclosure based on the data disclosure of the target application on the client device.
  • the data disclosure of the target application on the client device is determined by the client device based on The content and identification of the first personal data is determined.
  • the second server receives the first information from the client device, including:
  • the second server receives from the client device the identifier of the cross-border behavior included in the first information and the content and identifier of the first personal data used in the cross-border behavior, the identifier of the cross-border behavior and the first personal data used in the cross-border behavior
  • the content and identification of personal data are sent by the client device after determining that the cross-border behavior uses the first personal data based on the cross-border data of the target application in the client device.
  • the cross-border data of the target application in the client device The context is determined by the client device based on the content and identification of the first personal data.
  • the second server receives the second information from the first server, including:
  • the second server receives from the first server the identification of the right action and the content and identification of the second personal data used in the right action included in the second information, the identification of the right action and the content and identification of the second personal data used in the right action.
  • the identification is sent by the first server after determining that the second personal data is used in the right action based on the data retention;
  • the second server receives from the first server the identification of the retention behavior included in the second information and the content and identification of the second personal data used in the retention behavior, the identification of the retention behavior and the second personal data used in the retention behavior
  • the content and identification of the data are sent by the first server after determining that the second personal data is used in the retention behavior based on the data retention situation;
  • the data retention status of the target application in the first server is determined by the first server based on the content and identification of the second personal data.
  • the second server receives second information from the first server, including:
  • the second server receives from the first server the identification of the disclosure act included in the second information and the content and identification of the second personal data used by the disclosure act;
  • the second server receives from the first server, through the client device, the identification of the disclosure act included in the second information and the content and identification of the second personal data used in the disclosure act;
  • the identification of the disclosure behavior and the content and identification of the second personal data used in the disclosure behavior are sent by the first server after determining that the disclosure behavior uses the second personal data based on the data disclosure situation of the target application in the first server,
  • the data disclosure situation of the target application in the first server is determined by the first server based on the content and identification of the second personal data.
  • the second server receives the second information from the first server, including:
  • the second server receives from the first server the identification of the cross-border behavior included in the second information and the content and identification of the second personal data used by the cross-border behavior;
  • the second server receives from the first server the identification of the cross-border behavior included in the second information and the content and identification of the second personal data used by the cross-border behavior from the first server through the client device;
  • the identification of the cross-border behavior and the content and identification of the second personal data used in the cross-border behavior is that the first server determines that the cross-border behavior uses the second personal data based on the cross-border data of the target application in the first server.
  • the cross-border status of the data sent by the target application in the first server is determined by the first server based on the content and identification of the second personal data.
  • the present application provides a client device, including: a memory and a processor; the memory is used to store program instructions; the processor is used to call the program instructions in the memory so that the client device executes any one of the first aspect and the first aspect.
  • a client device including: a memory and a processor; the memory is used to store program instructions; the processor is used to call the program instructions in the memory so that the client device executes any one of the first aspect and the first aspect.
  • the present application provides a server, including: a memory and a processor; the memory is used to store program instructions; the processor is used to call the program instructions in the memory so that the server executes any possible design of the second aspect and the second aspect
  • a method for generating a privacy protocol suite for an application and/or, the processor is used to invoke program instructions in the memory to make the server execute the third aspect and any one of the third aspect and the method for generating a privacy protocol suite for an application in a possible design.
  • the present application provides a computer-readable storage medium, on which a computer program is stored, and the computer program is executed by the processor to enable the client device to implement the first aspect and any possible application in the design of the first aspect The generation method of privacy protocol family.
  • the present application provides a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, the server realizes the privacy of the application in the second aspect and any possible design of the second aspect.
  • the present application provides a computer program product, including: execution instructions, the execution instructions are stored in a readable storage medium, at least one processor of the client device can read the execution instructions from the readable storage medium, and at least one processing The device executes the execution instruction so that the client device implements the privacy protocol suite generation method of the application in any possible design of the first aspect and the first aspect.
  • the present application provides a computer program product, including: an execution instruction, the execution instruction is stored in a readable storage medium, at least one processor of the server can read the execution instruction from the readable storage medium, and at least one processor executes the Executing instructions to enable the server to implement the second aspect and a method for generating a privacy protocol suite in any possible design of the second aspect, and/or, to realize the third aspect and any of the third aspect and any possible design of the application in the third aspect A method for generating a privacy protocol family.
  • FIG. 1 is a flow diagram of a privacy protocol family for generating applications in a related technology
  • FIG. 2 is a schematic diagram of the system architecture of a method for generating an applied privacy protocol suite provided by an embodiment of the present application
  • FIG. 3 is a block diagram of the respective software structures of a client device, an application server, and a hosting server provided by an embodiment of the present application;
  • FIG. 4 is a block diagram of the respective software structures of an application body, an application sandbox, a service plug-in set, and a hosting service provided by an embodiment of the present application;
  • FIG. 5 is a signaling interaction diagram of a method for generating an applied privacy protocol suite provided by an embodiment of the present application
  • Fig. 6 is a flowchart of a method for generating an applied privacy protocol suite provided by an embodiment of the present application
  • FIG. 7 is a flowchart of a method for generating an applied privacy protocol suite provided by an embodiment of the present application.
  • FIG. 8 is a signaling interaction diagram of a method for generating an applied privacy protocol suite provided by an embodiment of the present application.
  • FIG. 9 is a signaling interaction diagram of a method for generating an applied privacy protocol suite provided by an embodiment of the present application.
  • FIG. 10 is a signaling interaction diagram of a method for generating an applied privacy protocol suite provided by an embodiment of the present application.
  • At least one means one or more, and “multiple” means two or more.
  • “And/or” describes the association relationship of associated objects, indicating that there may be three types of relationships, for example, A and/or B, which can mean: A exists alone, A and B exist simultaneously, and B exists alone, where A, B can be singular or plural.
  • the character “/” generally indicates that the contextual objects are an “or” relationship.
  • “At least one of the following” or similar expressions refer to any combination of these items, including any combination of single or plural items.
  • At least one item (unit) of a alone, a b alone or a c alone can mean: a alone, b alone, c alone, a combination of a and b, a combination of a and c, a combination of b and c, or a combination of a, b and c, where a, b, c can be single or multiple.
  • the terms "first" and "second” are used for descriptive purposes only, and should not be understood as indicating or implying relative importance.
  • This application provides a method for generating a privacy protocol suite for an application, a client device, a server, a chip system, a computer-readable storage medium, and a computer program product. It can automatically generate the privacy protocol suite of the application, avoiding the cumbersome process of the development phase of the associated application and the release and launch phase of the bound application, shortening the time cost of generating the privacy protocol suite of the application, and reducing the privacy protocol suite of the generated application The input cost ensures the accuracy of the generated application privacy protocol suite.
  • it can also provide developers with a channel for secondary confirmation and manual correction of the privacy protocol suite of the application, so that through the secondary confirmation and manual correction of the privacy protocol suite of the application by the research and development personnel, it is beneficial to improve the privacy protocol suite of the application. accuracy.
  • differentiated privacy analysis can be performed on the old and new versions of the application, and the privacy protocol suite of the application corresponding to the new version can be quickly and accurately generated without requiring a lot of human investment for privacy analysis, and there is no need to tie it to the version release of the application It solves the pain points of slow application version release and poor accuracy of the application privacy protocol suite due to frequent version iterations.
  • Personal data refers to: relevant data related to the user's privacy rights and interests.
  • the personal data may include attribute parameters such as content and category.
  • the data content of personal data refers to the specific data of personal data.
  • Personal data identifiers are used to indicate specific categories of personal data.
  • categories of personal data may include: user data and device information.
  • the types of user data may include but are not limited to: name, identity information (such as ID number or photo, etc.), location data (such as latitude and longitude or room number, etc.), psychological state, genetic information, and social identity, etc.
  • Types of device information may include but not limited to: network identifier, device model, and physical address (physical address, MAC).
  • Privacy behavior refers to all behaviors that applications need to use personal data, which can fully involve the data life cycle of the client device 0 analyzing the user's privacy rights and the data life cycle of the application server 2 analyzing the user's privacy rights, etc.
  • the identifier of the privacy behavior may indicate the type of the privacy behavior.
  • the identifier of the privacy behavior may be represented by letters, numbers, binary, characters, and the like.
  • the types of privacy behaviors may include: sensitive behaviors (such as command execution, file upload, audio and video download, information storage, location information acquisition, etc.), control operations (such as user selection to agree to controls and other operations), right behaviors (that is, the user actively conducts behaviors such as accessing, deleting, and retaining), retention behavior (that is, the target application actively conducts behaviors such as accessing, deleting, and retaining), and disclosure behavior (such as transferring data to other applications/official accounts/webpages) behavior) and cross-border behavior (such as the behavior of transmitting data to servers in other countries), etc.
  • sensitive behaviors such as command execution, file upload, audio and video download, information storage, location information acquisition, etc.
  • control operations such as user selection to agree to controls and other operations
  • right behaviors that is, the user actively conducts behaviors such as accessing, deleting, and retaining
  • retention behavior that is, the target application actively conducts behaviors such as accessing, deleting, and retaining
  • disclosure behavior such as transferring data to other applications/official accounts/webpages) behavior
  • FIG. 2 shows a schematic diagram of a system architecture of a method for generating an applied privacy protocol suite provided by the present application.
  • the system architecture of the application privacy protocol suite generation method of the present application may include: a client device 0 , an application server 2 and a hosting server 3 .
  • the client device 0 communicates with the application server 2 and the hosting server 3 respectively, and the application server 2 also communicates with the hosting server 3 .
  • the communication connection mentioned in this application may include wireless connection and/or wired connection, which is not limited in this application.
  • both the client device 0 and the application server 2 can install and run the installation package of the target application.
  • the client device 0 is provided with the application client 1 of the target application
  • the application server 2 can be the application server of the target application 2, so that the client device 0 and the application server 2 can cooperate with each other to realize all services of the target application.
  • the hosting server 3 can be a server that generates the target privacy protocol suite.
  • the target application mentioned in this application is an application program (application, APP). This application does not limit parameters such as type, function, user interface, and display position of the target application.
  • the target privacy protocol suite mentioned in this application is the privacy protocol suite of the target application.
  • the target privacy protocol family provides the user's privacy rights and interests for the target application.
  • the target privacy protocol family may include content such as privacy statements, user agreements, and privacy requirements.
  • the client device 0 may be a terminal device, may also be a server, and may also include a terminal device and a server, which is not limited in this application.
  • the terminal device can be a mobile phone (such as a folding screen mobile phone, a large-screen mobile phone, a smart phone, etc.), a tablet computer, a notebook computer, a wearable device, a vehicle-mounted device, an augmented reality (augmented reality, AR)/virtual reality (virtual reality, VR) equipment, ultra-mobile personal computer (UMPC), netbook, personal digital assistant (PDA), smart TV, smart screen, high-definition TV, 4K TV, smart speaker, smart projector, etc. .
  • a mobile phone such as a folding screen mobile phone, a large-screen mobile phone, a smart phone, etc.
  • a tablet computer such as a folding screen mobile phone, a large-screen mobile phone, a smart phone, etc.
  • a notebook computer such as a notebook computer
  • a wearable device such as
  • the present application does not limit parameters such as type, quantity and the like of the application server 2 .
  • the application server 2 can be a cloud server.
  • the present application does not limit parameters such as type, quantity, and the like of the hosting server 3 .
  • the hosting server 3 can be the application server 2, or a server different from the application server 2.
  • the personal data 1 mentioned in this application is the personal data of the target application in the client device 0
  • the personal data 2 is the personal data of the target application in the application server 2
  • personal data 1 and personal data 2 may have the same content and type, or different content and type, which is not limited in this application.
  • the privacy behavior 1 mentioned in this application may include all behaviors that all applications need to use personal data on the client device 0, such as sensitive behaviors, control operations, disclosure behaviors, and cross-border behaviors.
  • the privacy behavior 2 mentioned in this application may include all behaviors that all applications need to use personal data in the application server 2, such as rights behavior, retention behavior, disclosure behavior, and cross-border behavior.
  • the application client 1 in the client device 0 is used to provide the installation package carrying the target application, run the installation package of the target application, identify personal data 1, trigger the application server 2 to identify personal data 2, and analyze privacy behavior 1 Whether to use personal data 1, push privacy behavior 1 uses the privacy status of personal data 1 and the ability to store target privacy protocol suites.
  • the client device 0 is also used to provide capabilities such as displaying the target privacy protocol family, modifying the target privacy protocol family, determining whether the installation package of the target application is a new version, and updating the target privacy protocol family corresponding to the old version.
  • the application server 2 is used to provide the ability to carry the installation package of the target application, run the installation package of the target application, identify personal data 2, analyze whether the privacy behavior 2 uses the personal data 2, and push the privacy status of the privacy behavior 2 using the personal data 2, etc. .
  • Hosting server 3 is used to provide the ability to receive the privacy situation of personal data 1 used in privacy behavior 1, receive the privacy situation of personal data 2 used in privacy behavior 2, analyze the aforementioned various privacy situations, and generate target privacy protocol suites.
  • the hosting server 3 is also used to provide capabilities such as storing the target privacy protocol suite, analyzing differences between new and old versions of the target application, and updating the target privacy protocol suite.
  • FIG. 3 shows a software structural block diagram of a client device 0 , an application server 2 and a hosting server 3 provided in the present application.
  • the application client 1 in the client device 0 of the present application may include: an application body 11 and an application sandbox 12 .
  • the application server 2 of the present application may include: a service plug-in set 20 .
  • the hosting server 3 of the present application may include: hosting service 30 .
  • the application body 11 communicates with the application sandbox 12 and the hosting service 30 respectively
  • the application sandbox 12 communicates with the service plug-in set 20 and the hosting service 30 respectively
  • the service plug-in set 20 also communicates with the hosting service 30 .
  • the application body 11 can be regarded as a container, which is used to provide the ability to carry the installation package of the target application and store the target privacy protocol suite.
  • the application body 11 is also used to provide capabilities such as displaying target privacy protocol suites.
  • the application sandbox 12 is used to provide the installation package for running the target application, identify personal data 1, trigger the application server 2 to identify personal data 2, analyze whether the privacy behavior 1 uses the personal data 1, and push the privacy of the privacy behavior 1 using the personal data 1 situational abilities.
  • the application sandbox 12 is also used to provide capabilities such as revising the target privacy protocol suite, determining whether the installation package of the target application is a new version, and updating the target privacy protocol suite corresponding to the old version.
  • the service plug-in set 20 is used to provide the ability to run the installation package of the target application, identify the personal data 2 , analyze whether the privacy behavior 2 uses the personal data 2 , and push the privacy status of the privacy behavior 2 using the personal data 2 .
  • Escrow service 30 used to provide the privacy situation of receiving privacy behavior 1 using personal data 1, receiving the privacy situation of privacy behavior 2 using personal data 2, analyzing the aforementioned various privacy situations, generating the target privacy protocol family, and storing the target privacy protocol ethnic ability.
  • the hosting service 30 is also used to provide capabilities such as analyzing differences between old and new versions of the target application and updating the target privacy protocol suite.
  • FIG. 4 respectively shows a software structure diagram of an application body 11 , an application sandbox 12 , a service plug-in set 20 and a hosting service 30 provided in the present application.
  • the application body 11 may include: a privacy protocol SDK (software development kit, software development kit) 105 .
  • the application sandbox 12 may include: a data identification module 101 , a behavior detection module 102 , an SDK detection module 103 and a data cross-border module 104 .
  • the service plug-in set 20 may include: a data identification stub 201 , a data processing stub 202 and an SDK detection stub 203 .
  • the hosting service 30 may include: a privacy statement/protocol generation service 301 , a semantic analysis service 302 , a version difference service 303 and an associated application service 304 .
  • the privacy protocol SDK105 is used to provide the ability to store the target privacy protocol family and display the target privacy protocol family. It can realize the integration of the target privacy protocol family in the installation package of the target application, and can also realize the display of the target privacy protocol family.
  • the data identification module 101 is used to provide the capability of identifying personal data 1 and synchronizing personal data 1 , which can realize the identification of the personal data 1 of the target application in the client device 0 , and can also realize the synchronization of the personal data 1 to the application server 2 .
  • the behavior detection module 102 is used to provide the ability to monitor the sensitive behavior of the target application in the client device 0, analyze whether the sensitive behavior uses personal data 1, and push the privacy status of the personal data 1 used by the sensitive behavior, so as to realize the monitoring of sensitive behaviors. Real-time monitoring can also realize the push of privacy information that uses personal data1 for sensitive behaviors.
  • the behavior detection module 102 is also used to monitor the control operation of the target application in the client device 0, such as the underlying details of the control, binding events, operation types, etc., and analyze whether the control operation uses personal data 1 and whether the push control operation uses
  • the privacy status of personal data 1 and other capabilities can realize real-time monitoring of control operations, and can also realize the push of privacy status of personal data 1 used in control operations.
  • the SDK detection module 103 is used to monitor the disclosure behavior of the target application in the client device 0 by detecting whether the client device 0 is integrated with an SDK that communicates with other applications, other web pages, or other servers, etc.,
  • the ability to analyze whether the disclosure behavior uses personal data 1 and push the privacy situation of personal data 1 used in the disclosure behavior can realize the determination of whether the target application performs the disclosure behavior on the client device 0, and can also realize the use of personal data in the disclosure behavior.
  • the data cross-border module 104 is used to monitor the cross-border behavior of the target application in the client device 0, such as data or traffic, analyze whether the cross-border behavior uses personal data 1, and push the privacy situation of cross-border behavior using personal data 1 and other capabilities, can realize the determination of whether the target application performs cross-border behavior on the client device 0, and can also realize the push of the privacy status of the cross-border behavior using personal data 1.
  • the data identification stub 201 is used to cooperate with the data identification module 101 to provide the ability to identify the personal data 2 and synchronize the personal data 2, so as to realize the identification of the personal data of the target application in the application server 2.
  • the data processing stub 202 is used to cooperate with the data identification stub 201 to provide the ability to monitor the retention behavior of the target application in the application server 2, analyze whether the retention behavior uses personal data 2, and push the privacy status of the retention behavior using personal data 2, etc. , which can realize the real-time monitoring of the retention behavior, and also realize the push of the privacy status of the personal data 2 used in the retention behavior.
  • the data processing stub 202 is also used to cooperate with the data identification stub 201 to monitor the cross-border behavior of the target application in the application server 2 such as data or traffic, analyze whether the cross-border behavior uses personal data 2, and push the use of cross-border behavior.
  • the ability to monitor the privacy of personal data 2 can realize real-time monitoring of cross-border behaviors and push the privacy status of personal data 2 used in cross-border behaviors.
  • the SDK detection stub 203 is used to cooperate with the SDK detection module 103 to detect whether the SDK is integrated in the application server 2, determine which SDKs are integrated in the application server 2, and monitor the disclosure of the target application in the application server 2 Behavior, the ability to analyze whether the disclosure behavior uses personal data 2 and push the privacy status of personal data 2 used in the disclosure behavior can realize the determination of whether the target application performs the disclosure behavior in the application server 2, and can also realize the use of the disclosure behavior The push of the privacy situation of personal data 2.
  • Hosting service 30 used to analyze privacy statement/protocol generation service 301, semantic analysis service 302, version difference service 303, and associated application service 304, etc., to analyze privacy behavior 1 using personal data 1 and privacy behavior 2 using personal data 2 generate the target privacy protocol suite, and provide the application subject 11 with capabilities such as the target privacy protocol suite.
  • the hosting service 30 is also used to provide capabilities such as storing the target privacy protocol suite, analyzing differences between new and old versions of the target application, and updating the target privacy protocol suite.
  • the automatic generation of the target privacy protocol family can be realized, which solves the pain point of high cost and poor accuracy due to tedious version iteration and a large amount of manpower input.
  • FIG. 5 respectively shows a signaling interaction diagram of a method for generating an applied privacy protocol suite provided by the present application.
  • the target application is illustrated by taking Application 1 as an example.
  • the method for generating a privacy protocol suite applied in the present application may include the following steps:
  • the research and development personnel provide the installation package of the application 1 to the application subject 11. Therefore, the application body 11 can determine whether the installation package of the application 1 is a new version.
  • the application body 11 can determine that the version of application 1 is not updated, and the application body 11 can determine that application 1 needs to generate a new privacy protocol suite of application 1, and then execute S1.
  • the application body 11 can determine that Application 1 is updating the version, and the application body 11 can determine that Application 1 needs to generate the privacy protocol suite of Application 1 for the new version, and then execute S30.
  • the application body 11 can send an instruction 1 to the data identification module 101 and send an instruction 2 to the behavior detection module 102 . After the instruction 1 and instruction 2 are transmitted, the application body 11 can run the installation package of the application 1, so as to complete the service implementation of the application 1.
  • instruction 1 is used to instruct the data identification module 101 to identify personal data 1
  • instruction 2 is used to instruct the behavior detection module 102 to monitor sensitive behaviors and control operations.
  • Instruction 1 or instruction 2 can be expressed in letters, binary, characters, etc.
  • the present application does not limit the order in which the application body 11 transmits the instruction 1 and the instruction 2 in terms of time sequence, which may be executed simultaneously or sequentially.
  • the data identification module 101 can identify the personal data 1 of the application 1 in the client device 0 in response to the instruction 1.
  • the behavior detection module 102 can monitor the sensitive behavior and control operation of the application 1 in response to the instruction 2.
  • the data identification module 101 After the data identification module 101 identifies the personal data 1, the data identification module 101 can execute S4, S6, S11 and S17 respectively to realize data synchronization between the application client 1 and the application server 2 in the client device 0.
  • the present application does not limit the sequential order of S4, S6, S11 and S17 in terms of time sequence, and may be executed simultaneously or sequentially.
  • the data identification module 101 can send the content and identification of the personal data 1 to the behavior detection module 102 .
  • the behavior detection module 102 can determine whether the personal data 1 is used in sensitive behaviors and control operations based on the content and identification of the personal data 1.
  • the behavior detection module 102 may send the identifier of the sensitive behavior and the content and identifier of the personal data 1 used in the sensitive behavior to the hosting service 30 .
  • the behavior detection module 102 may send the identification of the control operation and the content and identification of the personal data 1 used in the control operation to the hosting service 30 .
  • the data identification module 101 can send the content and identification of the personal data 1 to the data identification post 201 to realize data synchronization between the data identification module 101 and the data identification post 201 .
  • the data identification stub 201 can identify the personal data 2 of the application 1 in the application server 2 based on the content and identification of the personal data 1 .
  • the data identification post 201 After the data identification post 201 identifies the personal data 2, the data identification post 201 can execute S8 and S13 respectively. Wherein, the present application does not limit the sequence of S8 and S13 in terms of time sequence, which may be executed simultaneously or sequentially.
  • the data identification post 201 can send the content and identification of the personal data 2 to the data processing post 202 .
  • the data processing stub 202 can determine the data storage status of the personal data 2 in the application server 2 based on the content and identification of the personal data 2.
  • the data processing post 202 can determine whether the personal data 2 is used in the right behavior and the retention behavior based on the data retention situation.
  • the data processing stub 202 may send the identification of the right action and the content and identification of the personal data 2 used in the right action to the escrow service 30 .
  • the data processing stub 202 may send the identification of the retention behavior and the content and identification of the personal data 2 used in the retention behavior to the escrow service 30 .
  • the data identification module 101 can send the content and identification of the personal data 1 to the SDK detection module 103 .
  • the SDK detection module 103 can determine the data disclosure situation 1 of the personal data 1 in the client device 0 based on the content and identification of the personal data 1.
  • the data identification post 201 can send the content and identification of the personal data 2 to the SDK detection post 203 .
  • the SDK detection stub 203 can determine the data disclosure situation 2 of the personal data 2 in the application server 2 based on the content and identification of the personal data 2.
  • the SDK detection stub 203 sends the data disclosure situation 2 to the SDK detection module 103 , realizing data synchronization between the SDK detection module 103 and the SDK detection stub 203 .
  • the SDK detection module 103 can determine whether personal data 1 and/or personal data 2 are used in the disclosure behavior based on data disclosure situation 1 and data disclosure situation 2.
  • the SDK detection module 103 can send the identification of the disclosure behavior and the content and identification of personal data 1 and/or personal data 2 used in the disclosure behavior to the hosting service 30 .
  • the SDK detection module 103 and the SDK detection stub 203 can respectively perform the following steps:
  • the SDK detection module 103 can determine whether the disclosure behavior uses personal data 1 based on the data disclosure situation 1 . After determining that the personal data 1 is used in the disclosure, the SDK detection module 103 may send the identification of the disclosure and the content and identification of the personal data 1 used in the disclosure to the hosting service 30 .
  • the SDK detection stub 203 can determine whether the disclosure behavior uses the personal data 2 based on the data disclosure situation 2 . After determining that the personal data 2 is used in the disclosure, the SDK detection stub 203 may send the identification of the disclosure and the content and identification of the personal data 2 used in the disclosure to the hosting service 30 .
  • the data identification module 101 can send the content and identification of the personal data 1 to the data cross-border module 104.
  • the data cross-border module 104 can determine the data cross-border situation 1 of the personal data 1 in the client device 0 based on the content and identification of the personal data 1.
  • the data processing post 202 can determine the data cross-border situation 2 of the personal data 2 in the application server 2 based on the content and identification of the personal data 2.
  • the data processing stub 202 can send the data cross-border situation 2 to the data cross-border module 104 .
  • the data cross-border module 104 can determine whether the cross-border behavior uses personal data 1 and/or personal data 2 based on data cross-border situation 1 and data cross-border situation 2.
  • the cross-border data module 104 can send the identification of the cross-border behavior and the ID of the personal data 1 and/or personal data 2 used in the cross-border behavior to the hosting service 30. Content and Identity.
  • the data cross-border module 104 and the data processing pile 202 can respectively perform the following steps:
  • the data cross-border module 104 can determine whether personal data 1 is used in the cross-border behavior based on the data cross-border situation 1. After determining that the personal data 1 is used in the cross-border behavior, the cross-border data module 104 may send the identifier of the cross-border behavior and the content and identifier of the personal data 1 used in the cross-border behavior to the escrow service 30 .
  • the data processing post 202 can determine whether personal data 2 is used in the cross-border behavior based on the data cross-border situation 2 . After determining that the personal data 2 is used in the cross-border behavior, the cross-border data module 104 may send the identifier of the cross-border behavior and the content and identifier of the personal data 2 used in the cross-border behavior to the escrow service 30 .
  • sensitive behaviors and control operations, rights behaviors and retention behaviors, disclosure behaviors, and cross-border behaviors use various privacy conditions corresponding to personal data, which can be executed simultaneously or sequentially. Do limited.
  • the hosting service 30 can respectively obtain corresponding privacy agreement information based on receiving the aforementioned various privacy situations. Therefore, the hosting service 30 can generate the privacy protocol suite of the application 1 based on the foregoing privacy protocol information. In addition, the hosting service 30 can also store the privacy protocol suite of the application 1 .
  • the hosting service 30 may send the privacy protocol suite of the application 1 to the application subject 11.
  • the application subject 11 After the application subject 11 receives the privacy protocol suite of application 1, it can store the privacy protocol suite of application 1 in the privacy protocol SDK 105, so that the application 1 can call the privacy protocol SDK 105 to implement the privacy protocol suite of application 1 after startup. show.
  • the hosting server 3 can automatically generate the privacy protocol suite of the application 1 through the cooperation of the application client 1 and the application server 2 in the client device 0.
  • the application subject 11 can use the privacy protocol SDK 105 to display the privacy protocol family of the application 1, so that the research and development personnel can clearly understand the privacy protocol family of the application 1.
  • the application subject 11 may update the privacy protocol suite of the application 1 in the privacy protocol SDK 105 to obtain the revised privacy protocol suite of the application 1.
  • the application body 11 may send the revised privacy protocol suite of the application 1 to the escrow service 30 .
  • the hosting service 30 may update the stored privacy protocol suite of the application 1 based on the revised privacy protocol suite of the application 1 .
  • the hosting service 30 may also store the modified privacy protocol suite of the application 1 .
  • the application client 1 in the client device 0 can provide developers with a channel to manually correct the privacy protocol suite of the application 1 by displaying the privacy protocol suite of the application 1, and carry out the modification of the privacy protocol suite of the application 1. A timely and accurate correction is made, and the accuracy of generating the privacy protocol suite of application 1 is improved.
  • the application body 11 may send the installation package of the application 1 to the hosting service 30 when the installation package of the application 1 is a new version.
  • the hosting service 30 may perform a privacy analysis on the difference between the old and new versions of the installation package, and obtain the difference between the old and new versions of the application 1.
  • the difference part refers to the different software codes in the installation package and the software codes for completing the necessary services of the application 1 (such as the software codes corresponding to the user interface displayed by the application 1 after it is started).
  • the hosting service 30 adopts a static and/or dynamic analysis method to generate a privacy protocol suite of the application 1 corresponding to the new version based on the difference part and the privacy protocol suite of the application 1 corresponding to the old version.
  • the hosting service 30 may also store the privacy protocol suite of the application 1 corresponding to the new version.
  • the static analysis method refers to that the hosting service 30 analyzes the privacy behavior of the personal data used in the application client 1 and the application server 2 through the software code of the difference part, and can determine the privacy of the application 1 corresponding to the old version. Whether there is deletion and/or addition of privacy protocol information in the protocol family.
  • the dynamic analysis means that the hosting service 30 uses the application body 11 and the application sandbox 12 to run the software code of the difference part, and can determine whether there is deletion and/or addition in the privacy protocol suite of the application 1 corresponding to the old version. Privacy Agreement Information.
  • the hosting service 30 After the hosting service 30 generates the privacy protocol suite of the application 1 corresponding to the new version, the hosting service 30 can execute S23 to transmit the privacy protocol suite of the application 1 corresponding to the new version to the application subject 11.
  • S23 For the specific implementation process, please refer to the description of S23 , which will not be described here.
  • the hosting service 30 can quickly and accurately generate the privacy protocol of the new version of the application 1 by comparing and analyzing the differences between the new and old versions of the application 1 and combining the privacy protocol suite of the application 1 corresponding to the old version family, which solves the problem that the privacy protocol family of application 1 needs to be updated due to version iteration of application 1.
  • the application body 11 determines that the installation package of application 1 is a new version, in addition to executing S30-S32 and S23-S24 to generate the privacy protocol suite of application 1, this application can also execute S1-S24 to generate application 1 privacy protocol family, without the need for the application body 11 to determine whether the installation package of the application 1 is a new version. Therefore, the step of determining whether the installation package of the application 1 corresponds to a new version by the application body 11 is optional.
  • FIG. 6 and FIG. 7 a specific implementation manner of generating the privacy protocol suite of application 1 by using each software module in FIG. 2-FIG. 5 is introduced in detail.
  • application 1 is illustrated by taking XX map APP as an example.
  • Fig. 6 and Fig. 7 respectively show a block flow diagram of a method for generating an application privacy protocol suite provided by the present application.
  • the method for generating a privacy protocol suite for the application of the present application may include: Step 0 - Step 25 .
  • Step 1 The R&D personnel send the installation package of XX Map APP to the application subject 11.
  • the application subject 11 determines that the installation package of XX Map APP is not a new version, and the application subject 11 runs the installation package of XX Map APP.
  • Step 1 the data identification module 101 can identify that the personal data 1 includes: international mobile equipment identity (international mobile equipment Identity, IMEI) and location information.
  • international mobile equipment identity international mobile equipment Identity, IMEI
  • location information location information.
  • the behavior detection module 102 can detect that the privacy behavior 1 includes: the sensitive behavior of uploading IMEI and location information on the network.
  • Step 3 behavior detection module 102 is based on personal data 1 and privacy behavior 1 in step 1 and step 2, can obtain the sensitive behavior of network uploading IMEI and location information using the privacy situation of IMEI and location information. Therefore, the behavior detection module 102 can push the aforementioned relevant information to the escrow service 30, so that the escrow service 30 generates the privacy agreement information of “collect and upload IMEI and location information”.
  • Step 4 the data identification module 101 can transmit the personal data 1 to the data identification post 201 including: IMEI and location information.
  • the data identification post 201 can identify that the personal data 2 includes: IMEI.
  • the data identification stub 201 can transmit personal data to the data processing stub 202.
  • 2 includes: IMEI.
  • Step 7 data processing pile 202 can be deleted after detecting IMEI t months. Therefore, the data processing stub 202 may determine that the data retention includes: the retention period of the IMEI is t months.
  • Step 8 Based on the data retention status in step 7, the data processing stub 202 can obtain the privacy status of using the IMEI in the retention behavior. Therefore, the data processing stub 202 can push the aforementioned relevant information to the escrow service 30, so that the escrow service 30 generates the privacy agreement information of “IMEI storage for t months”.
  • Step 9 the data identification module 101 can transmit the personal data 1 to the SDK detection module 103 including: IMEI and location information.
  • the SDK detection module 103 can recognize that the SDK marked as aaa is integrated in the XX map APP, and simultaneously disclose the IMEI to the YY mall APP through the SDK marked as aaa. Therefore, the SDK detection module 103 can obtain the data disclosure situation 1 .
  • Step 11 the data identification stub 201 can transmit personal data to the SDK detection stub 203 2 including: IMEI.
  • the SDK detection post 203 can identify that the SDK of the YY mall APP is integrated in the XX map APP, and simultaneously disclose the IMEI to the YY mall APP through the SDK of the YY mall APP. Therefore, the SDK detection stub 203 can determine the data disclosure situation 2, and then send the data disclosure situation 2 to the SDK detection module 103 .
  • the SDK detection module 103 can determine the privacy situation of personal data 1 and personal data 2 used in the disclosure behavior based on data disclosure situation 1 and data disclosure situation 2 in steps 10 and 12. Therefore, the SDK detection module 103 can push the aforementioned privacy information to the escrow service 30, so that the escrow service 30 generates the privacy agreement information of "disclose the IMEI to the YY mall APP".
  • Step 14 the data identification module 101 can transmit the personal data 1 to the cross-border data module 104, including: IMEI and location information.
  • Step 15 the data cross-border module 104 can identify that data cross-border situation 1 includes: transmitting location information to country m.
  • Step 16 The data processing stub 202 can detect that the IMEI has not cross-border data, and obtain data cross-border situation 2.
  • Step 17 the data processing stub 202 can transmit data cross-border situation 2 to the data cross-border module 104 .
  • Step 18 the data cross-border module 104 can determine the privacy situation of personal data 1 used in cross-border behavior based on the data cross-border situation 1 and data cross-border situation 2 in steps 15 and 17. Therefore, the data cross-border module 104 can push the aforementioned privacy information to the escrow service 30, so that the escrow service 30 generates the privacy agreement information of "transfer location information to country m".
  • Step 19 based on the privacy protocol information in step 3, step 8, step 13 and step 18, the hosting service 30 can generate the privacy protocol family of XX Map APP, which can specifically include: 1. Collect and upload IMEI and location information; 2. IMEI Store for t months; 3. Disclose the IMEI to the YY mall APP; 4. Transmit the location information to country m.
  • XX Map APP can specifically include: 1. Collect and upload IMEI and location information; 2. IMEI Store for t months; 3. Disclose the IMEI to the YY mall APP; 4. Transmit the location information to country m.
  • the hosting service 30 can use the privacy protocol suite of the XX map APP sent by the main body 11 .
  • Step 20 the application body 11 can store the privacy protocol suite of XX map APP in the privacy protocol SDK 105, so that the privacy protocol suite of XX map APP can be displayed after the XX map APP is started.
  • Step 21 the application body 11 can display the privacy protocol family of XX map APP through the privacy protocol SDK105.
  • Step 22 The R&D personnel manually update and correct the privacy protocol family of the XX Map APP according to the actual situation of the XX Map APP. Therefore, the application body 11 can transmit the revised privacy protocol suite of XX Map APP to the hosting service 30 .
  • the method for generating a privacy protocol suite applied in this application may include the following steps:
  • Step 23 the research and development personnel provide the installation package of XX Map APP to the application subject 11, and the installation package of XX Map APP is a new version.
  • Step 24 the application body 11 sends the installation package of XX map APP to the hosting service 30 .
  • Step 25 Based on the installation package of the XX map APP, the hosting service 30 can conduct privacy analysis on the difference between the old and new versions of the installation package, and obtain the difference between the old and new versions of the XX map APP.
  • the hosting service 30 can generate the privacy protocol suite of the application 1 corresponding to the new version based on the difference part and the privacy protocol suite of the application 1 corresponding to the old version, specifically including: 1. collecting and uploading IMEI, location information and bank card number; 2. , IMEI is stored for t months, and bank card number is stored for r months; 3. Disclose the IMEI to the YY mall APP; 4. Transmit location information to country m.
  • the data identification module 101 can identify that the personal data 1 includes: IMEI, location information and bank card number.
  • the behavior detection module 102 can detect that the privacy behavior 1 includes: the sensitive behavior of uploading IMEI, location information and bank card number through the network.
  • the data identification pile 201 can identify that the personal data 2 includes: IMEI and bank card number.
  • the data processing pile 202 can detect that the IMEI is deleted after t months, and the bank card number is deleted after r months.
  • each software module may refer to the description in FIG. 6 , which will not be repeated here.
  • the present application provides a method for generating an application privacy protocol suite.
  • FIG. 8 is a signaling interaction diagram of a method for generating an application privacy protocol suite provided by an embodiment of the present application.
  • the method for generating a privacy protocol suite in the application of the present application may include: S101-S108.
  • the client device After running the target application, the client device acquires first personal data of the target application in the client device.
  • the target application please refer to the description of the above-mentioned application 1
  • the client device please refer to the description of the above-mentioned client device 0 and the application client 1 in the client device 0
  • the first person for the data please refer to the description of the personal data 1 mentioned above.
  • S101 please refer to the installation package of the application body 11 running the application 1 in S0 and the identification of the personal data 1 by the data identification module 101 in S2 shown in FIG. 5 description, and will not be repeated here.
  • the client device After determining that the first privacy behavior uses the first personal data, the client device sends first information to the second server, where the first information is used to describe the privacy situation that the first privacy behavior uses the first personal data,
  • the first privacy behavior includes all behaviors in which all applications need to use personal data in the client device.
  • the specific implementation of the first privacy behavior can refer to the description of the aforementioned privacy behavior 1, and the second server can refer to the description of the aforementioned hosting server 3.
  • the first privacy behavior uses the privacy of the first personal data.
  • the situation please refer to the above-mentioned sensitive behavior, control operation, disclosure behavior and the description of the privacy situation of whether personal data is used in cross-border behavior.
  • the first information please refer to the aforementioned sensitive behavior identification and sensitive behavior.
  • the content and identification of data1 The content and identification of data1, the identification of control operations and the content and identification of personal data1 used in control operations, the identification of disclosure behaviors and the content and identification of personal data1 used in disclosure activities, and the identification of cross-border behaviors and cross-border
  • the specific implementation of S102 can be found in the sensitive behaviors, control operations, disclosure behaviors and cross-border behaviors involved in S5, S16, and S21 shown in Figure 5. Use of personal data 1 description, which will not be repeated here.
  • the client device sends the first personal data to the first server.
  • the first server determines the second personal data of the target application in the first server.
  • For the second personal data please refer to the description of personal data 2 mentioned above.
  • For the specific implementation of S104 please refer to the description of determining personal data 2 by the data identification post 201 in S7 shown in FIG. 5 , which will not be repeated here.
  • the first server After determining that the second privacy behavior uses the second personal data, the first server sends second information to the second server.
  • the second information is used to describe the privacy situation that the second privacy behavior uses the second personal data.
  • the second The privacy behavior includes all behaviors that all applications need to use personal data in the first server.
  • the specific implementation of the second privacy behavior can refer to the description of the privacy behavior 2 mentioned above, and the privacy situation of the second privacy behavior using the second personal data can refer to the rights behavior, retention behavior, disclosure behavior and Whether the cross-border behavior uses personal data 2 corresponds to a description of various privacy situations.
  • the second information please refer to the identification of the right behavior mentioned above, the content and identification of the personal data 2 used in the right behavior, the identification of the retention behavior, and the retention
  • the content and identification of the personal data2 used in the conduct, the identification of the disclosure and the content and identification of the personal data2 used in the disclosure, as well as the identification of the cross-border conduct and the description of the content and identification of the personal data2 used in the cross-border conduct For the specific implementation of S105, please refer to the description of the use of personal data 2 in S10, S16, and S21 shown in FIG. 5, which involves rights behaviors, retention behaviors, disclosure behaviors, and cross-border behaviors, and will not be repeated here.
  • the second server generates a target privacy protocol suite based on the first information and the second information.
  • the target privacy protocol suite can refer to the description of the privacy protocol suite of application 1 mentioned above, and the specific implementation of S106 can refer to the description of the privacy protocol suite of application 1 generated by the custody service 30 in S22 shown in FIG. 5 . I won't go into details here.
  • the second server sends the target protocol suite to the client device.
  • the client device stores the target privacy protocol suite in the installation package of the target application, so that the target application can display the target privacy protocol suite to the user after being started.
  • the privacy protocol family generation method applied in this application can automatically generate the target privacy protocol family, without the need for professionals to write the target privacy protocol family, without the development stage of associated applications, without the need to bind applications
  • the version is released online, and the time to generate the target privacy protocol family is short, the investment cost is low, and the accuracy is high.
  • the application privacy protocol family generation method provided by this application through the mutual cooperation between the client device, the first server and the second server, the client device and the first server adopt data flow analysis, data retention monitoring, SDK detection, etc. and data cross-border detection, etc., can capture the privacy situation of all privacy behaviors using personal data during the operation of the target application, and the client device and the first server transmit the information corresponding to the aforementioned privacy situation to the second server, so that The second server can accurately and quickly generate the target privacy protocol suite based on the user's privacy rights in the target application represented by the aforementioned information.
  • the automatic generation of the target privacy protocol family is realized, avoiding the cumbersome process of the development phase of the associated application and the development and launch phase of the bound application, shortening the time cost of generating the target privacy protocol family, and reducing the cost of generating the target privacy protocol family.
  • the input cost improves the accuracy of generating the target privacy protocol family.
  • the second server has the ability to analyze the privacy difference between the old and new versions of the application when it is iterating. Therefore, this application can also use the method of version difference comparison to analyze the privacy behavior of the target application in the full process of business implementation, and can quickly and accurately generate the target privacy protocol family corresponding to the new version, which solves the problem of frequent The version iteration of the target application leads to slow release of the version of the target application and poor accuracy of the target privacy protocol suite.
  • FIG. 9 is a signaling interaction diagram of a method for generating an application privacy protocol suite provided by an embodiment of the present application. As shown in FIG. 9 , the method for generating a privacy protocol suite in the application of the present application may include: S201-S208.
  • the client device receives the installation package of the target application.
  • S201 may refer to the description of the R&D personnel in S0 providing the installation package of the application 1 to the application subject 11 shown in FIG. 5 , which will not be repeated here.
  • the client device determines whether the installation package of the target application is a new version.
  • the client device may perform S203; when it is determined that the installation package of the target application is a new version, the client device may perform S204.
  • S202 can refer to the description of the application body 11 in S0 shown in FIG. 5 judging whether the installation package of the application 1 is a new version, and will not be repeated here.
  • the client device runs the installation package of the target application. After S203 is executed, the present application may continue to execute S101-S108 in FIG. 8 (S101-S108 are not shown in FIG. 9).
  • S203 may refer to the description of the installation package of the application 1 run by the application body 11 in S0 shown in FIG. 5 , which will not be repeated here.
  • the client device sends the installation package of the target application to the second server.
  • the second server determines a difference between the old and new versions based on the installation package of the target application.
  • the second server updates the target privacy protocol suite corresponding to the old version to obtain a new version of the target privacy protocol suite.
  • the second server sends the target privacy protocol suite corresponding to the new version to the client device.
  • the client device updates the target privacy protocol family corresponding to the old version in the installation package of the target application to the target privacy protocol family corresponding to the new version, so that the client device displays the target privacy protocol family corresponding to the new version after the target application is started. family.
  • the generated target privacy protocol family does not need to be written by professionals, and this application can also provide developers with channels for secondary confirmation and manual correction of the target privacy protocol family, which is conducive to improving the accuracy of the target privacy protocol family , which also enables the generation of the target privacy protocol family to take into account both automatic writing and manual correction.
  • FIG. 10 is a signaling interaction diagram of a method for generating an application privacy protocol suite provided by an embodiment of the present application. As shown in FIG. 10 , the method for generating a privacy protocol suite in the application of the present application may include: S301-S305.
  • the client device displays all content of the target privacy protocol suite.
  • the client device receives the modification content of the target privacy protocol suite.
  • amendment content please refer to the above-mentioned description of the amendment content of the privacy protocol family of application 1.
  • S302 please refer to the description of S26 shown in FIG. 5 , which will not be repeated here.
  • the client device updates the target privacy protocol family in the installation package of the target application based on the correction content, and obtains the revised target privacy protocol family, so that the target application can display the revised target privacy protocol family to the user after it is started. family.
  • the client device sends the revised target privacy protocol suite to the second server.
  • the second server updates the target privacy protocol suite to the revised target privacy protocol suite.
  • the client device determines first information respectively corresponding to each privacy behavior based on each privacy behavior in the first privacy behavior.
  • the client device may determine whether the first personal data is used in the sensitive behavior and control operation.
  • the client device After the client device determines that the sensitive behavior uses the first personal data, it can determine that the first information includes the identification of the sensitive behavior and the content and identification of the first personal data used by the sensitive behavior, and sends the sensitive behavior to the second server. The identification of the behavior and the content and identification of the first personal data used by the sensitive behavior.
  • the client device determines that the control operation uses the first personal data, it can determine that the first information includes the identification of the control operation and the content and identification of the first personal data used by the control operation, and send a report to the second
  • the second server sends the identification of the control operation and the content and identification of the first personal data used by the control operation.
  • the client device may determine the data disclosure situation of the target application in the client device based on the content and identification of the first personal data. Based on the data disclosure situation of the target application in the client device, the client device can determine whether the disclosure behavior uses the first personal data.
  • the client device determines that the first personal data is used in the disclosure, it can determine that the first information includes the identification of the disclosure and the content and identification of the first personal data used in the disclosure, and send the information to the second server Send the identification of the disclosure and the content and identification of the first personal data used for the disclosure.
  • the client device can determine the data cross-border situation of the target application in the client device based on the content and identification of the first personal data. The client device can determine whether the first personal data is used in the cross-border behavior based on the cross-border data of the target application in the client device.
  • the client device determines that the first personal data is used in the cross-border behavior, it can determine that the first information includes the identification of the cross-border behavior and the content and identification of the first personal data used in the cross-border behavior, and send The second server sends the identifier of the cross-border behavior and the content and identifier of the first personal data used in the cross-border behavior.
  • the client device determines the second information corresponding to each privacy behavior.
  • the first server may determine the data retention status of the target application in the first server based on the content and identification of the second personal data. Based on the data retention status, the first server can determine whether the second personal data is used in the right action and retention action.
  • the first server determines that the right action uses the second personal data, it can determine that the second information includes the identification of the right action and the content and identification of the second personal data used by the right action, and sends the right action to the second server. Identification of the action and the content and identification of the second personal data used by the right action.
  • the first server determines that the second personal data is used in the retention behavior, it can determine that the second information includes the identification of the retention behavior and the content and identification of the second personal data used in the retention behavior, and report to the second server Send the identification of the retention behavior and the content and identification of the second personal data used by the retention behavior.
  • the first server may determine the data disclosure situation of the target application in the first server based on the content and identification of the second personal data. Based on the data disclosure situation of the target application in the first server, the first server may determine whether the disclosure behavior uses the second personal data.
  • the first server determines that the second personal data is used in the disclosure, it can determine that the second information includes the identification of the disclosure and the content and identification of the second personal data used in the disclosure, and send the disclosure to the second server. Identification of the act and the content and identification of the second personal data used by the disclosure act.
  • the first server may send the identification of the disclosure behavior and the content and identification of the second personal data used in the disclosure behavior to the second server through the client device.
  • the first server can determine the data cross-border situation of the target application in the first server based on the content and identification of the second personal data. The first server can determine whether the second personal data is used in the cross-border behavior based on the data cross-border status of the target application in the first server.
  • the first server determines that the second personal data is used in the cross-border behavior, it can determine that the second information includes the identification of the cross-border behavior and the content and identification of the second personal data used in the cross-border behavior, and send a report to the second The server sends the identifier of the cross-border behavior and the content and identifier of the second personal data used in the cross-border behavior.
  • the first server may send the identifier of the cross-border behavior and the content and identifier of the second personal data used by the cross-border behavior to the second server through the client device.
  • the target privacy protocol suite can be displayed to users in various ways.
  • the electronic device may start the target application and display a first user interface of the target application, where the first user interface includes all content of the target privacy protocol suite.
  • the first operation may include but not limited to: operations such as clicking, double-clicking, or long-pressing.
  • operations such as clicking, double-clicking, or long-pressing.
  • the present application does not limit parameters such as size, shape, color or position of the first user interface.
  • the electronic device may display the first user interface on the main page of the target application in the form of a pop-up window. Therefore, the user can browse the privacy rights and interests of the user in the target application in a timely manner.
  • the electronic device may display a second user interface of the target application, where the second user interface includes adjustable content of the target privacy protocol suite. Therefore, the user can adjust the user's privacy rights in the target application according to his own wishes.
  • the second operation may include but not limited to: operations such as clicking, double-clicking, or long-pressing.
  • operations such as clicking, double-clicking, or long-pressing.
  • the present application does not limit parameters such as size, shape, color or position of the second user interface.
  • the electronic device After receiving a second operation, such as clicking, performed by the user on a control on the main page of the target application, the electronic device switches from displaying the main page of the target application to the second user interface, and the electronic device may adopt the option/ In the manner of a switch button, the adjustable content of the target privacy protocol family is displayed in the second user interface.
  • a second operation such as clicking, performed by the user on a control on the main page of the target application
  • the electronic device mentioned above may be the client device 0 mentioned above, or other terminal devices, which is not limited in this application.
  • the present application provides a client device, including: a memory and a processor; the memory is used to store program instructions; and the processor is used to call the program instructions in the memory so that the client device executes the privacy protocol of the application in the foregoing embodiments family generation method.
  • the present application provides a server, including: a memory and a processor; the memory is used to store program instructions; and the processor is used to call the program instructions in the memory to make the server execute the privacy protocol suite generation method of the application in the foregoing embodiments.
  • the present application provides a chip system, which is applied to an electronic device including a memory, a display screen, and a sensor; the chip system includes: a processor; when the processor executes the computer instructions stored in the memory, the client device or The server executes the method for generating a privacy protocol suite applied in the foregoing embodiments.
  • the present application provides a computer-readable storage medium on which a computer program is stored, and the computer program is executed by a processor to enable a client device or a server to implement the method for generating a privacy protocol suite applied in the foregoing embodiments.
  • the present application provides a computer program product, including: execution instructions, the execution instructions are stored in a readable storage medium, at least one processor of the client device or server can read the execution instructions from the readable storage medium, at least A processor executes the execution instruction so that the client device or the server implements the method for generating a privacy protocol suite applied in the foregoing embodiments.
  • all or part of the functions may be implemented by software, hardware, or a combination of software and hardware.
  • software When implemented using software, it may be implemented in whole or in part in the form of a computer program product.
  • the computer program product includes one or more computer instructions. When the computer program instructions are loaded and executed on the computer, the processes or functions according to the present application will be generated in whole or in part.
  • the computer can be a general purpose computer, a special purpose computer, a computer network, or other programmable devices.
  • the computer instructions may be stored on a computer readable storage medium.
  • the computer-readable storage medium may be any available medium that can be accessed by a computer, or a data storage device such as a server or a data center integrated with one or more available media.
  • the available medium may be a magnetic medium (for example, a floppy disk, a hard disk, a magnetic tape), an optical medium (for example, a DVD (, or a semiconductor medium (for example, a solid state disk, SSD)) and the like.
  • a magnetic medium for example, a floppy disk, a hard disk, a magnetic tape
  • an optical medium for example, a DVD (, or a semiconductor medium (for example, a solid state disk, SSD)
  • SSD solid state disk
  • the processes can be completed by computer programs to instruct related hardware.
  • the programs can be stored in computer-readable storage media.
  • When the programs are executed may include the processes of the foregoing method embodiments.
  • the aforementioned storage medium includes: ROM or random access memory RAM, magnetic disk or optical disk, and other various media that can store program codes.

Abstract

Provided in the present application are a method for generating a privacy protocol family of an application, and a client device and a server. The method comprises: after running a target application, a client device acquiring first personal data of the target application in the client device; after determining that the first personal data is used in a first privacy behavior, the client device sending first information to a second server; the client device sending the first personal data to a first server, so that the first server determines second personal data of the target application in the first server on the basis of the first personal data, and sending second information to the second server after determining that the second personal data is used in a second privacy behavior; the client device receiving a target privacy protocol family from the second server; and the client device storing the target privacy protocol family in an installation package of the target application, so that the target application can present the target privacy protocol family to a user after the target application is started. Therefore, a target privacy protocol family is automatically generated, thereby reducing the generation time and invested costs.

Description

应用的隐私协议族生成方法、客户端设备和服务器Applied privacy protocol suite generation method, client device and server
本申请要求于2021年10月20日提交国家知识产权局、申请号为202111223312.5、申请名称为“应用的隐私协议族生成方法、客户端设备和服务器”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese patent application submitted to the State Intellectual Property Office on October 20, 2021, with the application number 202111223312.5, and the application name is "Applied Privacy Protocol Family Generation Method, Client Device and Server", the entire content of which Incorporated in this application by reference.
技术领域technical field
本申请涉及隐私技术领域,尤其涉及一种应用的隐私协议族生成方法、客户端设备和服务器。The present application relates to the field of privacy technology, and in particular to a method for generating an applied privacy protocol suite, a client device and a server.
背景技术Background technique
随着用户对隐私权益的高度重视,诸多法律法规规定了:应用需要向用户展示该应用的隐私协议族,便于充分保障用户在使用各种应用时的隐私权益。其中,隐私协议族为该应用提供了用户的隐私权益的使用说明文本,隐私协议族可包括如隐私声明、用户协议、隐私要求等内容。As users attach great importance to privacy rights and interests, many laws and regulations stipulate that applications need to display the application's privacy protocol suite to users, so as to fully protect users' privacy rights and interests when using various applications. Among them, the privacy protocol family provides the user's privacy rights and interests for the application, and the privacy protocol family may include content such as privacy statements, user agreements, and privacy requirements.
目前,研发人员常常通过人工的撰写方式,生成应用的隐私协议族。请参阅图1,图1示出了一种相关技术中的生成应用的隐私协议族的流程框图。如图1所示,相关技术中,研发人员需要在应用的开发阶段的前期介入,其撰写并生成应用的隐私协议族的具体过程包括:At present, developers often generate application privacy protocol suites by manual writing. Please refer to FIG. 1 . FIG. 1 shows a block flow diagram of generating a privacy protocol suite for an application in a related art. As shown in Figure 1, in related technologies, developers need to intervene in the early stage of the application development stage, and the specific process of writing and generating the privacy protocol suite of the application includes:
在应用的设计阶段,研发人员可进行用户场景区分,并得到与用户场景区分对应的用户数据定义。基于用户数据定义,结合法律法规的相关要求,由研发人员中的专业隐私代表人员撰写,再由研发人员中的专业隐私法务人员确认,便可得到该应用的隐私协议族。最终,研发人员可将该应用的隐私协议族集成在应用的安装包(或发布包)中,并在应用的发布上线阶段,该应用的隐私协议族可随着应用的版本发布而面向用户。In the design stage of the application, the R&D personnel can distinguish user scenarios and obtain user data definitions corresponding to the user scenario distinctions. Based on the definition of user data, combined with the relevant requirements of laws and regulations, it is written by professional privacy representatives among the R&D personnel, and then confirmed by professional privacy legal personnel among the R&D personnel to obtain the privacy protocol suite of the application. Finally, the developer can integrate the privacy protocol suite of the application into the installation package (or release package) of the application, and during the release and launch phase of the application, the privacy protocol suite of the application can be oriented to users along with the version release of the application.
然而,相关技术的方案贯穿着应用的整个开发阶段,需要专业人员的隐私分析,导致生成隐私协议族的时间长、投入成本高且准确性低。However, the solutions of related technologies run through the entire development stage of the application, requiring professional privacy analysis, resulting in long time, high investment cost and low accuracy of generating privacy protocol suites.
发明内容Contents of the invention
本申请提供一种应用的隐私协议族生成方法、客户端设备和服务器,可自动化生成目标隐私协议族,能够解决由于人工撰写隐私协议族而带来的时间长、成本高且准确性差的问题。This application provides a method for generating an applied privacy protocol family, a client device and a server, which can automatically generate a target privacy protocol family, and can solve the problems of long time, high cost and poor accuracy caused by manually writing a privacy protocol family.
第一方面,本申请提供一种应用的隐私协议族生成方法,应用于客户端设备。In a first aspect, the present application provides a method for generating an application privacy protocol suite, which is applied to a client device.
该方法包括:The method includes:
客户端设备在运行目标应用后,获取目标应用在客户端设备中的第一个人数据;After running the target application, the client device obtains the first personal data of the target application in the client device;
客户端设备在确定第一隐私行为使用了第一个人数据后,向第二服务器发送第一信息,第一信息用于描述第一隐私行为使用了第一个人数据的隐私情况,第一隐私行为包括全部 应用在客户端设备中需要使用个人数据的全部行为;After determining that the first privacy behavior uses the first personal data, the client device sends first information to the second server, the first information is used to describe the privacy situation of the first privacy behavior using the first personal data, and the first Privacy behavior includes all behaviors that all applications need to use personal data on the client device;
客户端设备向第一服务器发送第一个人数据,以使第一服务器基于第一个人数据确定目标应用在第一服务器中的第二个人数据,并在确定第二隐私行为使用了第二个人数据后,向第二服务器发送第二信息,第二信息用于描述第二隐私行为使用了第二个人数据的隐私情况,第二隐私行为包括全部应用在第一服务器中需要使用个人数据的全部行为;The client device sends the first personal data to the first server, so that the first server determines the second personal data of the target application in the first server based on the first personal data, and uses the second personal data when determining the second privacy behavior. After receiving the personal data, send the second information to the second server. The second information is used to describe the privacy of the second privacy behavior using the second personal data. The second privacy behavior includes all applications that need to use personal data in the first server. all acts;
客户端设备从第二服务器接收目标隐私协议族,目标隐私协议族是第二服务器基于第一信息和第二信息生成的;The client device receives a target privacy protocol suite from the second server, where the target privacy protocol suite is generated by the second server based on the first information and the second information;
客户端设备将目标隐私协议族存储到目标应用的安装包中,以使目标应用在启动后可向用户展示目标隐私协议族。The client device stores the target privacy protocol suite into the installation package of the target application, so that the target application can display the target privacy protocol suite to the user after being started.
通过第一方面提供的应用的隐私协议族生成方法,基于客户端设备、第一服务器以及第二服务器之间的相互配合,客户端设备和第一服务器采用如数据流量分析、数据留存监测、SDK侦测和数据跨境检测等方式,可捕捉到全部隐私行为在目标应用的运行过程中使用了个人数据的隐私情况,客户端设备和第一服务器将前述隐私情况对应的信息传输给第二服务器,使得第二服务器基于前述信息表征的用户在目标应用中的隐私权益,可准确且快速地生成目标隐私协议族。从而,实现了目标隐私协议族的自动化生成,避开了关联应用的开发阶段和绑定应用的开发上线阶段的繁琐过程,缩短了生成目标隐私协议族的时间成本,降低了生成目标隐私协议族的投入成本,提升了生成目标隐私协议族的准确性。Through the application privacy protocol family generation method provided in the first aspect, based on the mutual cooperation between the client device, the first server and the second server, the client device and the first server adopt data flow analysis, data retention monitoring, SDK Detection and data cross-border detection can capture the privacy situation of all privacy behaviors using personal data during the operation of the target application, and the client device and the first server will transmit the information corresponding to the aforementioned privacy situation to the second server , so that the second server can accurately and quickly generate the target privacy protocol suite based on the user's privacy rights and interests in the target application represented by the aforementioned information. Thus, the automatic generation of the target privacy protocol family is realized, avoiding the cumbersome process of the development phase of the associated application and the development and launch phase of the bound application, shortening the time cost of generating the target privacy protocol family, and reducing the cost of generating the target privacy protocol family. The input cost improves the accuracy of generating the target privacy protocol family.
在一种可能的设计中,客户端设备运行目标应用,包括:In one possible design, the client device runs target applications, including:
客户端设备接收目标应用的安装包;The client device receives the installation package of the target application;
客户端设备在确定目标应用的安装包不为新版本时,运行目标应用的安装包。When the client device determines that the installation package of the target application is not a new version, it runs the installation package of the target application.
在一种可能的设计中,该方法还包括:In one possible design, the method also includes:
客户端设备在确定目标应用的安装包为新版本时,向第二服务器发送目标应用的安装包;When the client device determines that the installation package of the target application is a new version, it sends the installation package of the target application to the second server;
客户端设备从第二服务器接收新版本对应的目标隐私协议族,新版本对应的目标隐私协议族是第二服务器基于目标应用的安装包,确定新旧版本间的差异部分,并基于差异部分,对旧版本对应的目标隐私协议族进行更新得到的;The client device receives the target privacy protocol suite corresponding to the new version from the second server. The target privacy protocol suite corresponding to the new version is based on the installation package of the target application by the second server, determines the difference between the old and new versions, and based on the difference, the It is obtained by updating the target privacy protocol family corresponding to the old version;
客户端设备将目标应用的安装包中的旧版本对应的目标隐私协议族更新为新版本对应的目标隐私协议族,以使客户端设备在目标应用启动后显示新版本对应的目标隐私协议族。The client device updates the target privacy protocol suite corresponding to the old version in the installation package of the target application to the target privacy protocol suite corresponding to the new version, so that the client device displays the target privacy protocol suite corresponding to the new version after the target application is started.
在一种可能的设计中,该方法还包括:In one possible design, the method also includes:
客户端设备显示目标隐私协议族的全部内容;The client device displays the entire content of the target privacy protocol family;
客户端设备接收目标隐私协议族的修正内容;The client device receives the revised content of the target privacy protocol family;
客户端设备基于修正内容,对目标应用的安装包中的目标隐私协议族进行更新,得到修正后的目标隐私协议族,以使目标应用在启动后可向用户展示修正后的目标隐私协议族;The client device updates the target privacy protocol family in the installation package of the target application based on the correction content, and obtains the revised target privacy protocol family, so that the target application can display the revised target privacy protocol family to the user after it is started;
客户端设备向第二服务器发送修正后的目标隐私协议族,以使第二服务器将目标隐私协议族更新为修正后的目标隐私协议族。The client device sends the revised target privacy protocol family to the second server, so that the second server updates the target privacy protocol family to the revised target privacy protocol family.
在一种可能的设计中,在第一隐私行为包括:敏感行为和控件操作时,客户端设备在确定第一隐私行为使用了第一个人数据后,向第二服务器发送第一信息,包括:In a possible design, when the first privacy behavior includes: sensitive behavior and control operation, after determining that the first privacy behavior uses the first personal data, the client device sends the first information to the second server, including :
客户端设备在确定敏感行为使用了第一个人数据后,确定第一信息中包括敏感行为的 标识以及敏感行为所使用的第一个人数据的内容和标识,并向第二服务器发送敏感行为的标识以及敏感行为所使用的第一个人数据的内容和标识;After determining that the sensitive behavior uses the first personal data, the client device determines that the first information includes the identification of the sensitive behavior and the content and identification of the first personal data used by the sensitive behavior, and sends the sensitive behavior information to the second server. identification and the content and identification of the first personal data used in sensitive activities;
和/或,客户端设备在确定控件操作使用了第一个人数据后,确定第一信息中包括控件操作的标识以及控件操作所使用的第一个人数据的内容和标识,并向第二服务器发送控件操作的标识以及控件操作所使用的第一个人数据的内容和标识。And/or, after the client device determines that the control operation uses the first personal data, it determines that the first information includes the identification of the control operation and the content and identification of the first personal data used by the control operation, and sends a report to the second The server sends the identification of the control operation and the content and identification of the first personal data used by the control operation.
在一种可能的设计中,在第一隐私行为包括:披露行为时,客户端设备在确定第一隐私行为使用了第一个人数据后,向第二服务器发送第一信息,包括:In a possible design, when the first privacy behavior includes: a disclosure behavior, after determining that the first privacy behavior uses the first personal data, the client device sends the first information to the second server, including:
客户端设备基于第一个人数据的内容和标识,确定目标应用在客户端设备中的数据披露情况;The client device determines the data disclosure situation of the target application in the client device based on the content and identification of the first personal data;
客户端设备在基于目标应用在客户端设备中的数据披露情况确定披露行为使用了第一个人数据后,确定第一信息中包括披露行为的标识以及披露行为所使用的第一个人数据的内容和标识;After the client device determines that the first personal data is used in the disclosure behavior based on the data disclosure situation of the target application in the client device, it determines that the first information includes the identification of the disclosure behavior and the identity of the first personal data used in the disclosure behavior. content and logos;
客户端设备向第二服务器发送披露行为的标识以及披露行为所使用的第一个人数据的内容和标识。The client device sends the identification of the disclosure act and the content and identification of the first personal data used in the disclosure action to the second server.
在一种可能的设计中,在第一隐私行为包括:跨境行为时,客户端设备在确定第一隐私行为使用了第一个人数据后,向第二服务器发送第一信息,包括:In a possible design, when the first privacy behavior includes: cross-border behavior, the client device sends first information to the second server after determining that the first privacy behavior uses the first personal data, including:
客户端设备基于第一个人数据的内容和标识,确定目标应用在客户端设备中的数据跨境情况;Based on the content and identification of the first personal data, the client device determines the data cross-border status of the target application in the client device;
客户端设备在基于目标应用在客户端设备中的数据跨境情况确定跨境行为使用了第一个人数据后,确定第一信息中包括跨境行为的标识以及跨境行为所使用的第一个人数据的内容和标识;After the client device determines that the first personal data is used in the cross-border behavior based on the cross-border data of the target application in the client device, it determines that the first information includes the identification of the cross-border behavior and the first personal data used in the cross-border behavior. the content and identification of personal data;
客户端设备向第二服务器发送跨境行为的标识以及跨境行为所使用的第一个人数据的内容和标识。The client device sends the identifier of the cross-border behavior and the content and identifier of the first personal data used by the cross-border behavior to the second server.
在一种可能的设计中,在第二隐私行为包括:权利行为和留存行为时,第二信息中包括:权利行为的标识以及权利行为所使用的第二个人数据的内容和标识,和/或,留存行为的标识以及留存行为所使用的第二个人数据的内容和标识;In a possible design, when the second privacy behavior includes: rights behavior and retention behavior, the second information includes: the identification of the rights behavior and the content and identification of the second personal data used by the rights behavior, and/or , the identification of the retention behavior and the content and identification of the second personal data used in the retention behavior;
其中,权利行为的标识以及权利行为所使用的第二个人数据的内容和标识是第一服务器在基于目标应用在第一服务器中的数据留存情况确定权利行为使用了第二个人数据后发送的,留存行为的标识以及留存行为所使用的第二个人数据的内容和标识是第一服务器在基于目标应用在第一服务器中的数据留存情况确定留存行为使用了第二个人数据后发送的,目标应用在第一服务器中的数据留存情况是第一服务器基于第二个人数据的内容和标识确定的。Wherein, the identification of the right action and the content and identification of the second personal data used by the right action are sent by the first server after determining that the right action uses the second personal data based on the data retention status of the target application in the first server, The identification of the retention behavior and the content and identification of the second personal data used in the retention behavior are sent by the first server after determining that the retention behavior uses the second personal data based on the data retention status of the target application in the first server. The target application The data retention situation in the first server is determined by the first server based on the content and identification of the second personal data.
在一种可能的设计中,在第二隐私行为包括:披露行为时,该方法还包括:In a possible design, when the second privacy behavior includes: disclosure behavior, the method further includes:
客户端设备从第一服务器接收第二信息中包括的披露行为的标识以及披露行为所使用的第二个人数据的内容和标识,披露行为的标识以及披露行为所使用的第二个人数据的内容和标识是第一服务器在基于目标应用在第一服务器中的数据披露情况确定披露行为使用了第二个人数据后发送的,目标应用在第一服务器中的数据披露情况是第一服务器基于第二个人数据的内容和标识确定的;The client device receives from the first server the identification of the disclosure act and the content and identification of the second personal data used in the disclosure act included in the second information, the identification of the disclosure act and the content and identification of the second personal data used in the disclosure act The identification is sent by the first server after determining that the disclosure behavior uses the second personal data based on the data disclosure of the target application in the first server. The data disclosure of the target application in the first server is based on the second personal data The content and identification of the data are determined;
客户端设备向第二服务器发送披露行为的标识以及披露行为所使用的第二个人数据 的内容和标识。The client device sends the identification of the disclosure behavior and the content and identification of the second personal data used in the disclosure behavior to the second server.
在一种可能的设计中,在第二隐私行为包括:跨境行为时,该方法还包括:In a possible design, when the second privacy behavior includes: cross-border behavior, the method further includes:
客户端设备从第一服务器接收第二信息中包括的跨境行为的标识以及跨境行为所使用的第二个人数据的内容和标识,跨境行为的标识以及跨境行为所使用的第二个人数据的内容和标识是第一服务器在基于目标应用在第一服务器中的数据跨境情况确定跨境行为使用了第二个人数据后发送的,目标应用在第一服务器中的数据跨境情况是第一服务器基于第二个人数据的内容和标识确定的;The client device receives from the first server the identifier of the cross-border behavior included in the second information and the content and identifier of the second personal data used in the cross-border behavior, the identifier of the cross-border behavior and the second person used in the cross-border behavior The content and identification of the data are sent by the first server after determining that the cross-border behavior uses the second personal data based on the cross-border data of the target application in the first server. The cross-border data of the target application in the first server is determined by the first server based on the content and identification of the second personal data;
客户端设备向第二服务器发送跨境行为的标识以及跨境行为所使用的第二个人数据的内容和标识。The client device sends the identifier of the cross-border behavior and the content and identifier of the second personal data used by the cross-border behavior to the second server.
第二方面,本申请提供一种应用的隐私协议族生成方法,应用于第一服务器。In a second aspect, the present application provides a method for generating an application privacy protocol suite, which is applied to a first server.
该方法包括:The method includes:
第一服务器从客户端设备接收目标应用在客户端设备中的第一个人数据,第一个人数据是客户端设备在运行目标应用后获取到的;The first server receives first personal data of the target application in the client device from the client device, and the first personal data is obtained by the client device after running the target application;
第一服务器基于第一个人数据,确定目标应用在第一服务器中的第二个人数据;The first server determines the second personal data of the target application in the first server based on the first personal data;
第一服务器在确定第二隐私行为使用了第二个人数据后,向第二服务器发送第二信息,第二信息用于描述第二隐私行为使用了第二个人数据的隐私情况,第二隐私行为包括全部应用在第一服务器中需要使用个人数据的全部行为,以使第二服务器基于第一信息和第二信息生成目标隐私协议族,并向客户端设备发送目标隐私协议族,目标隐私协议族用于客户端设备存储到目标应用的安装包中,以使目标应用在启动后可向用户展示目标隐私协议族,第一信息是客户端设备在确定第一隐私行为使用了第一个人数据后发送给第二服务器的,第一信息用于描述第一隐私行为使用了第一个人数据的隐私情况,第一隐私行为包括全部应用在客户端设备中需要使用个人数据的全部行为。After the first server determines that the second privacy behavior uses the second personal data, it sends the second information to the second server. The second information is used to describe the privacy situation that the second privacy behavior uses the second personal data. The second privacy behavior Including all the behaviors that all applications need to use personal data in the first server, so that the second server generates the target privacy protocol suite based on the first information and the second information, and sends the target privacy protocol suite to the client device, the target privacy protocol suite It is used to store the client device in the installation package of the target application, so that the target application can display the target privacy protocol suite to the user after the target application is started. The first information is that the client device uses the first personal data when determining the first privacy behavior Later sent to the second server, the first information is used to describe the privacy situation that the first privacy behavior uses the first personal data, and the first privacy behavior includes all behaviors that all applications need to use personal data on the client device.
在一种可能的设计中,在第二隐私行为包括:权利行为和留存行为时,第一服务器在确定第二隐私行为使用了第二个人数据后,向第二服务器发送第二信息,包括:In a possible design, when the second privacy behavior includes: rights behavior and retention behavior, the first server sends second information to the second server after determining that the second privacy behavior uses the second personal data, including:
第一服务器基于第二个人数据的内容和标识,确定目标应用在第一服务器中的数据留存情况;The first server determines the data retention status of the target application in the first server based on the content and identification of the second personal data;
第一服务器在基于数据留存情况确定权利行为使用了第二个人数据后,确定第二信息中包括权利行为的标识以及权利行为所使用的第二个人数据的内容和标识,并向第二服务器发送权利行为的标识以及权利行为所使用的第二个人数据的内容和标识;After the first server determines that the second personal data is used in the right action based on the data retention status, it determines that the second information includes the identification of the right action and the content and identification of the second personal data used in the right action, and sends the second information to the second server Identification of the right action and the content and identification of the second personal data used by the right action;
和/或,第一服务器在基于数据留存情况确定留存行为使用了第二个人数据后,确定第二信息中包括留存行为的标识以及留存行为所使用的第二个人数据的内容和标识,并向第二服务器发送留存行为的标识以及留存行为所使用的第二个人数据的内容和标识。And/or, after the first server determines that the second personal data is used in the retention behavior based on the data retention situation, it determines that the second information includes the identification of the retention behavior and the content and identification of the second personal data used in the retention behavior, and sends The second server sends the identification of the retention behavior and the content and identification of the second personal data used in the retention behavior.
在一种可能的设计中,在第二隐私行为包括:披露行为时,第一服务器在确定第二隐私行为使用了第二个人数据后,向第二服务器发送第二信息,包括:In a possible design, when the second privacy behavior includes: a disclosure behavior, the first server sends second information to the second server after determining that the second privacy behavior uses the second personal data, including:
第一服务器基于第二个人数据的内容和标识,确定目标应用在第一服务器中的数据披露情况;The first server determines the data disclosure situation of the target application in the first server based on the content and identification of the second personal data;
第一服务器在基于目标应用在第一服务器中的数据披露情况确定披露行为使用了第二个人数据后,确定第二信息中包括披露行为的标识以及披露行为所使用的第二个人数据的内容和标识;After the first server determines that the second personal data is used in the disclosure based on the data disclosure of the target application in the first server, it determines that the second information includes the identification of the disclosure and the content and content of the second personal data used in the disclosure. logo;
第一服务器向第二服务器发送披露行为的标识以及披露行为所使用的第二个人数据的内容和标识;The first server sends the identification of the disclosure act and the content and identification of the second personal data used for the disclosure to the second server;
或者,第一服务器通过客户端设备,向第二服务器发送披露行为的标识以及披露行为所使用的第二个人数据的内容和标识。Alternatively, the first server sends the identification of the disclosure behavior and the content and identification of the second personal data used in the disclosure behavior to the second server through the client device.
在一种可能的设计中,在第二隐私行为包括:跨境行为时,第一服务器在确定第二隐私行为使用了第二个人数据后,向第二服务器发送第二信息,包括:In a possible design, when the second privacy behavior includes: cross-border behavior, the first server sends second information to the second server after determining that the second privacy behavior uses the second personal data, including:
第一服务器基于第二个人数据的内容和标识,确定目标应用在第一服务器中的数据跨境情况;Based on the content and identification of the second personal data, the first server determines the data cross-border status of the target application in the first server;
第一服务器在基于目标应用在第一服务器中的数据跨境情况确定跨境行为使用了第二个人数据后,确定第二信息中包括跨境行为的标识以及跨境行为所使用的第二个人数据的内容和标识;After the first server determines that the second personal data is used in the cross-border behavior based on the cross-border data of the target application in the first server, it determines that the second information includes the identification of the cross-border behavior and the second person used in the cross-border behavior the content and identification of the data;
第一服务器向第二服务器发送跨境行为的标识以及跨境行为所使用的第二个人数据的内容和标识;The first server sends the identification of the cross-border behavior and the content and identification of the second personal data used by the cross-border behavior to the second server;
或者,第一服务器通过客户端设备,向第二服务器发送跨境行为的标识以及跨境行为所使用的第二个人数据的内容和标识。Alternatively, the first server sends the identifier of the cross-border behavior and the content and identifier of the second personal data used by the cross-border behavior to the second server through the client device.
上述第二方面以及上述第二方面的各可能的设计中所提供的应用的隐私协议族生成方法,其有益效果可以参见上述第一方面和第一方面的各可能的实施方式所带来的有益效果,在此不再赘述。The above-mentioned second aspect and the method for generating an applied privacy protocol suite provided in each possible design of the above-mentioned second aspect, its beneficial effect can refer to the above-mentioned first aspect and the benefits brought by each possible implementation of the first aspect effect, which will not be repeated here.
第三方面,本申请提供一种应用的隐私协议族生成方法,应用于第二服务器。In a third aspect, the present application provides a method for generating an application privacy protocol suite, which is applied to the second server.
该方法包括:The method includes:
第二服务器从客户端设备接收第一信息,第一信息是客户端设备在确定第一隐私行为使用了第一个人数据后发送的,第一信息用于描述第一隐私行为使用了目标应用在客户端设备中的第一个人数据的隐私情况,第一隐私行为包括全部应用在客户端设备中需要使用个人数据的全部行为,第一个人数据是客户端设备在运行目标应用后获取到的;The second server receives first information from the client device, the first information is sent by the client device after determining that the first privacy behavior uses the first personal data, and the first information is used to describe that the first privacy behavior uses the target application The privacy of the first personal data in the client device, the first privacy behavior includes all the behaviors that all applications need to use personal data in the client device, the first personal data is obtained by the client device after running the target application Arrived;
第二服务器从第一服务器接收第二信息,第二信息是第一服务器在确定第二隐私行为使用了目标应用在第一服务器中的第二个人数据后发送的,第二信息用于描述第二隐私行为使用了第二个人数据的隐私情况,第二隐私行为包括全部应用在第一服务器中需要使用个人数据的全部行为,第二个人数据是第一服务器基于第一个人数据确定的;The second server receives the second information from the first server. The second information is sent by the first server after determining that the second privacy behavior uses the second personal data of the target application in the first server. The second information is used to describe the first The second privacy behavior uses the privacy of the second personal data, the second privacy behavior includes all the behaviors that require the use of personal data in all applications in the first server, and the second personal data is determined by the first server based on the first personal data;
第二服务器基于第一信息和第二信息,生成目标隐私协议族;The second server generates a target privacy protocol family based on the first information and the second information;
第二服务器向客户端设备发送目标协议族,目标隐私协议族用于客户端设备存储到目标应用的安装包中,以使目标应用在启动后可向用户展示目标协议族。The second server sends the target protocol suite to the client device, and the target privacy protocol suite is used for the client device to store in the installation package of the target application, so that the target application can display the target protocol suite to the user after being started.
在一种可能的设计中,该方法还包括:In one possible design, the method also includes:
第二服务器从客户端设备接收目标应用的安装包,目标应用的安装包是客户端设备在确定目标应用的安装包为新版本时发送的;The second server receives the installation package of the target application from the client device, and the installation package of the target application is sent when the client device determines that the installation package of the target application is a new version;
第二服务器基于目标应用的安装包,确定新旧版本间的差异部分;The second server determines the differences between the old and new versions based on the installation package of the target application;
第二服务器基于差异部分,对旧版本对应的目标隐私协议族进行更新,得到新版本的目标隐私协议族;Based on the difference part, the second server updates the target privacy protocol family corresponding to the old version to obtain the target privacy protocol family of the new version;
第二服务器向客户端设备发送新版本对应的目标隐私协议族,新版本对应的目标隐私协议族用于客户端设备将目标应用的安装包中的旧版本对应的目标隐私协议族更新为新 版本对应的目标隐私协议族,以使目标应用在启动后可向用户展示新版本对应的目标隐私协议族。The second server sends the target privacy protocol family corresponding to the new version to the client device, and the target privacy protocol family corresponding to the new version is used for the client device to update the target privacy protocol family corresponding to the old version in the installation package of the target application to a new version The corresponding target privacy protocol suite, so that the target application can display the target privacy protocol suite corresponding to the new version to the user after it is launched.
在一种可能的设计中,该方法还包括:In one possible design, the method also includes:
第二服务器从客户端设备接收修正后的目标隐私协议族,修正后的目标隐私协议族是客户端设备基于接收到的目标隐私协议族的修正内容,对目标应用的安装包中的目标隐私协议族进行更新得到的,修正内容是客户端设备在显示目标隐私协议族的全部内容后接收到的;The second server receives the revised target privacy protocol family from the client device. The revised target privacy protocol family is the target privacy protocol in the installation package of the target application based on the revised content of the received target privacy protocol family by the client device. family, the correction content is received by the client device after displaying all the contents of the target privacy protocol family;
第二服务器将目标隐私协议族更新为修正后的目标隐私协议族。The second server updates the target privacy protocol family to the revised target privacy protocol family.
在一种可能的设计中,在第一隐私行为包括:敏感行为和控件操作时,第二服务器从客户端设备接收第一信息,包括:In a possible design, when the first privacy behavior includes: sensitive behavior and control operation, the second server receives the first information from the client device, including:
第二服务器从客户端设备接收第一信息中包括的敏感行为的标识以及敏感行为所使用的第一个人数据的内容和标识,敏感行为的标识以及敏感行为所使用的第一个人数据的内容和标识是客户端设备在确定敏感行为使用了第一个人数据后发送的;The second server receives from the client device the identification of the sensitive behavior included in the first information and the content and identification of the first personal data used by the sensitive behavior, the identification of the sensitive behavior and the content of the first personal data used by the sensitive behavior The content and identification are sent by the client device after determining that the first personal data was used by the sensitive behavior;
和/或,第二服务器从客户端设备接收第一信息中包括的控件操作的标识以及控件操作所使用的第一个人数据的内容和标识,控件操作的标识以及控件操作所使用的第一个人数据的内容和标识是客户端设备在确定控件操作使用了第一个人数据后发送的。And/or, the second server receives the identification of the control operation included in the first information and the content and identification of the first personal data used for the control operation, the identification of the control operation and the first personal data used for the control operation from the client device. The content and identification of the personal data is sent by the client device after determining that the first personal data was used for the operation of the control.
在一种可能的设计中,在第一隐私行为包括:披露行为时,第二服务器从客户端设备接收第一信息,包括:In a possible design, when the first privacy behavior includes: a disclosure behavior, the second server receives first information from the client device, including:
第二服务器从客户端设备接收第一信息中包括的披露行为的标识以及披露行为所使用的第一个人数据的内容和标识,披露行为的标识以及披露行为所使用的第一个人数据的内容和标识是客户端设备在基于目标应用在客户端设备中的数据披露情况确定披露行为使用了第一个人数据后发送的,目标应用在客户端设备中的数据披露情况是客户端设备基于第一个人数据的内容和标识确定的。The second server receives from the client device the identification of the disclosure act and the content and identification of the first personal data used in the disclosure act included in the first information, the identification of the disclosure act and the content of the first personal data used in the disclosure act The content and identification are sent by the client device after it is determined that the first personal data is used in the disclosure based on the data disclosure of the target application on the client device. The data disclosure of the target application on the client device is determined by the client device based on The content and identification of the first personal data is determined.
在一种可能的设计中,在第一隐私行为包括:跨境行为时,第二服务器从客户端设备接收第一信息,包括:In a possible design, when the first privacy behavior includes: a cross-border behavior, the second server receives the first information from the client device, including:
第二服务器从客户端设备接收第一信息中包括的跨境行为的标识以及跨境行为所使用的第一个人数据的内容和标识,跨境行为的标识以及跨境行为所使用的第一个人数据的内容和标识是客户端设备在基于目标应用在客户端设备中的数据跨境情况确定跨境行为使用了第一个人数据后发送的,目标应用在客户端设备中的数据跨境情况是客户端设备基于第一个人数据的内容和标识确定的。The second server receives from the client device the identifier of the cross-border behavior included in the first information and the content and identifier of the first personal data used in the cross-border behavior, the identifier of the cross-border behavior and the first personal data used in the cross-border behavior The content and identification of personal data are sent by the client device after determining that the cross-border behavior uses the first personal data based on the cross-border data of the target application in the client device. The cross-border data of the target application in the client device The context is determined by the client device based on the content and identification of the first personal data.
在一种可能的设计中,在第二隐私行为包括:权利行为和留存行为时,第二服务器从第一服务器接收第二信息,包括:In a possible design, when the second privacy behavior includes: rights behavior and retention behavior, the second server receives the second information from the first server, including:
第二服务器从第一服务器接收第二信息中包括的权利行为的标识以及权利行为所使用的第二个人数据的内容和标识,权利行为的标识以及权利行为所使用的第二个人数据的内容和标识是第一服务器在基于数据留存情况确定权利行为使用了第二个人数据后发送的;The second server receives from the first server the identification of the right action and the content and identification of the second personal data used in the right action included in the second information, the identification of the right action and the content and identification of the second personal data used in the right action The identification is sent by the first server after determining that the second personal data is used in the right action based on the data retention;
和/或,第二服务器从第一服务器接收第二信息中包括的留存行为的标识以及留存行为所使用的第二个人数据的内容和标识,留存行为的标识以及留存行为所使用的第二个人数据的内容和标识是第一服务器在基于数据留存情况确定留存行为使用了第二个人数据后 发送的;And/or, the second server receives from the first server the identification of the retention behavior included in the second information and the content and identification of the second personal data used in the retention behavior, the identification of the retention behavior and the second personal data used in the retention behavior The content and identification of the data are sent by the first server after determining that the second personal data is used in the retention behavior based on the data retention situation;
其中,目标应用在第一服务器中的数据留存情况是第一服务器基于第二个人数据的内容和标识确定的。Wherein, the data retention status of the target application in the first server is determined by the first server based on the content and identification of the second personal data.
在一种可能的设计中,在第二隐私行为包括:披露行为时,第二服务器从第一服务器接收第二信息,包括:In a possible design, when the second privacy behavior includes: a disclosure behavior, the second server receives second information from the first server, including:
第二服务器从第一服务器接收第二信息中包括的披露行为的标识以及披露行为所使用的第二个人数据的内容和标识;The second server receives from the first server the identification of the disclosure act included in the second information and the content and identification of the second personal data used by the disclosure act;
或者,第二服务器通过客户端设备,从第一服务器接收第二信息中包括的披露行为的标识以及披露行为所使用的第二个人数据的内容和标识;Or, the second server receives from the first server, through the client device, the identification of the disclosure act included in the second information and the content and identification of the second personal data used in the disclosure act;
其中,披露行为的标识以及披露行为所使用的第二个人数据的内容和标识是第一服务器在基于目标应用在第一服务器中的数据披露情况确定披露行为使用了第二个人数据后发送的,目标应用在第一服务器中的数据披露情况是第一服务器基于第二个人数据的内容和标识确定的。Wherein, the identification of the disclosure behavior and the content and identification of the second personal data used in the disclosure behavior are sent by the first server after determining that the disclosure behavior uses the second personal data based on the data disclosure situation of the target application in the first server, The data disclosure situation of the target application in the first server is determined by the first server based on the content and identification of the second personal data.
在一种可能的设计中,在第二隐私行为包括:跨境行为时,第二服务器从第一服务器接收第二信息,包括:In a possible design, when the second privacy behavior includes: a cross-border behavior, the second server receives the second information from the first server, including:
第二服务器从第一服务器接收第二信息中包括的跨境行为的标识以及跨境行为所使用的第二个人数据的内容和标识;The second server receives from the first server the identification of the cross-border behavior included in the second information and the content and identification of the second personal data used by the cross-border behavior;
或者,第二服务器通过客户端设备,从第一服务器接收第二信息中包括的跨境行为的标识以及跨境行为所使用的第二个人数据的内容和标识;Or, the second server receives from the first server the identification of the cross-border behavior included in the second information and the content and identification of the second personal data used by the cross-border behavior from the first server through the client device;
其中,跨境行为的标识以及跨境行为所使用的第二个人数据的内容和标识是第一服务器在基于目标应用在第一服务器中的数据跨境情况确定跨境行为使用了第二个人数据后发送的,目标应用在第一服务器中的数据跨境情况是第一服务器基于第二个人数据的内容和标识确定的。Among them, the identification of the cross-border behavior and the content and identification of the second personal data used in the cross-border behavior is that the first server determines that the cross-border behavior uses the second personal data based on the cross-border data of the target application in the first server. The cross-border status of the data sent by the target application in the first server is determined by the first server based on the content and identification of the second personal data.
上述第三方面以及上述第三方面的各可能的设计中所提供的应用的隐私协议族生成方法,其有益效果可以参见上述第一方面和第一方面的各可能的实施方式所带来的有益效果,在此不再赘述。For the beneficial effects of the method for generating privacy protocol suites for applications provided in the above-mentioned third aspect and each possible design of the above-mentioned third aspect, please refer to the benefits brought by the above-mentioned first aspect and each possible implementation of the first aspect effect, which will not be repeated here.
第四方面,本申请提供一种客户端设备,包括:存储器和处理器;存储器用于存储程序指令;处理器用于调用存储器中的程序指令使得客户端设备执行第一方面及第一方面任一种可能的设计中的应用的隐私协议族生成方法。In a fourth aspect, the present application provides a client device, including: a memory and a processor; the memory is used to store program instructions; the processor is used to call the program instructions in the memory so that the client device executes any one of the first aspect and the first aspect. A method for generating privacy protocol suites for applications in a possible design.
第五方面,本申请提供一种服务器,包括:存储器和处理器;存储器用于存储程序指令;处理器用于调用存储器中的程序指令使得服务器执行第二方面及第二方面任一种可能的设计中的应用的隐私协议族生成方法,和/或,处理器用于调用存储器中的程序指令使得服务器执行第三方面及第三方面任一种可能的设计中的应用的隐私协议族生成方法。In a fifth aspect, the present application provides a server, including: a memory and a processor; the memory is used to store program instructions; the processor is used to call the program instructions in the memory so that the server executes any possible design of the second aspect and the second aspect A method for generating a privacy protocol suite for an application, and/or, the processor is used to invoke program instructions in the memory to make the server execute the third aspect and any one of the third aspect and the method for generating a privacy protocol suite for an application in a possible design.
第六方面,本申请提供一种计算机可读存储介质,其上存储有计算机程序,计算机程序被处理器使得客户端设备执行时实现第一方面及第一方面任一种可能的设计中的应用的隐私协议族生成方法。In the sixth aspect, the present application provides a computer-readable storage medium, on which a computer program is stored, and the computer program is executed by the processor to enable the client device to implement the first aspect and any possible application in the design of the first aspect The generation method of privacy protocol family.
第七方面,本申请提供一种计算机可读存储介质,其上存储有计算机程序,计算机程序被处理器使得服务器执行时实现第二方面及第二方面任一种可能的设计中的应用的隐私协议族生成方法,和/或,实现第三方面及第三方面任一种可能的设计中的应用的隐私协 议族生成方法。In the seventh aspect, the present application provides a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, the server realizes the privacy of the application in the second aspect and any possible design of the second aspect. A method for generating a protocol suite, and/or, a method for generating a privacy protocol suite that implements the third aspect and any possible design of the third aspect.
第八方面,本申请提供一种计算机程序产品,包括:执行指令,执行指令存储在可读存储介质中,客户端设备的至少一个处理器可以从可读存储介质读取执行指令,至少一个处理器执行执行指令使得客户端设备实现第一方面及第一方面任一种可能的设计中的应用的隐私协议族生成方法。In an eighth aspect, the present application provides a computer program product, including: execution instructions, the execution instructions are stored in a readable storage medium, at least one processor of the client device can read the execution instructions from the readable storage medium, and at least one processing The device executes the execution instruction so that the client device implements the privacy protocol suite generation method of the application in any possible design of the first aspect and the first aspect.
第九方面,本申请提供一种计算机程序产品,包括:执行指令,执行指令存储在可读存储介质中,服务器的至少一个处理器可以从可读存储介质读取执行指令,至少一个处理器执行执行指令使得服务器实现第二方面及第二方面任一种可能的设计中的应用的隐私协议族生成方法,和/或,实现第三方面及第三方面任一种可能的设计中的应用的隐私协议族生成方法。In a ninth aspect, the present application provides a computer program product, including: an execution instruction, the execution instruction is stored in a readable storage medium, at least one processor of the server can read the execution instruction from the readable storage medium, and at least one processor executes the Executing instructions to enable the server to implement the second aspect and a method for generating a privacy protocol suite in any possible design of the second aspect, and/or, to realize the third aspect and any of the third aspect and any possible design of the application in the third aspect A method for generating a privacy protocol family.
附图说明Description of drawings
图1为一种相关技术中的生成应用的隐私协议族的流程框图;FIG. 1 is a flow diagram of a privacy protocol family for generating applications in a related technology;
图2为本申请一实施例提供的一种应用的隐私协议族生成方法的系统架构示意图;FIG. 2 is a schematic diagram of the system architecture of a method for generating an applied privacy protocol suite provided by an embodiment of the present application;
图3为本申请一实施例提供的一种客户端设备、应用服务器和托管服务器各自的软件结构框图;FIG. 3 is a block diagram of the respective software structures of a client device, an application server, and a hosting server provided by an embodiment of the present application;
图4为本申请一实施例提供的一种应用主体、应用沙箱、服务插件集和托管服务各自的软件结构框图;FIG. 4 is a block diagram of the respective software structures of an application body, an application sandbox, a service plug-in set, and a hosting service provided by an embodiment of the present application;
图5为本申请一实施例提供的一种应用的隐私协议族生成方法的信令交互图;FIG. 5 is a signaling interaction diagram of a method for generating an applied privacy protocol suite provided by an embodiment of the present application;
图6为本申请一实施例提供的一种应用的隐私协议族生成方法的流程框图;Fig. 6 is a flowchart of a method for generating an applied privacy protocol suite provided by an embodiment of the present application;
图7为本申请一实施例提供的一种应用的隐私协议族生成方法的流程框图;FIG. 7 is a flowchart of a method for generating an applied privacy protocol suite provided by an embodiment of the present application;
图8为本申请一实施例提供的一种应用的隐私协议族生成方法的信令交互图;FIG. 8 is a signaling interaction diagram of a method for generating an applied privacy protocol suite provided by an embodiment of the present application;
图9为本申请一实施例提供的一种应用的隐私协议族生成方法的信令交互图;FIG. 9 is a signaling interaction diagram of a method for generating an applied privacy protocol suite provided by an embodiment of the present application;
图10为本申请一实施例提供的一种应用的隐私协议族生成方法的信令交互图。FIG. 10 is a signaling interaction diagram of a method for generating an applied privacy protocol suite provided by an embodiment of the present application.
具体实施方式Detailed ways
本申请中,“至少一个”是指一个或者多个,“多个”是指两个或两个以上。“和/或”,描述关联对象的关联关系,表示可以存在三种关系,例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B的情况,其中A,B可以是单数或者复数。字符“/”一般表示前后关联对象是一种“或”的关系。“以下至少一项(个)”或其类似表达,是指的这些项中的任意组合,包括单项(个)或复数项(个)的任意组合。例如,单独a,单独b或单独c中的至少一项(个),可以表示:单独a,单独b,单独c,组合a和b,组合a和c,组合b和c,或组合a、b和c,其中a,b,c可以是单个,也可以是多个。此外,术语“第一”、“第二”仅用于描述目的,而不能理解为指示或暗示相对重要性。In this application, "at least one" means one or more, and "multiple" means two or more. "And/or" describes the association relationship of associated objects, indicating that there may be three types of relationships, for example, A and/or B, which can mean: A exists alone, A and B exist simultaneously, and B exists alone, where A, B can be singular or plural. The character "/" generally indicates that the contextual objects are an "or" relationship. "At least one of the following" or similar expressions refer to any combination of these items, including any combination of single or plural items. For example, at least one item (unit) of a alone, a b alone or a c alone can mean: a alone, b alone, c alone, a combination of a and b, a combination of a and c, a combination of b and c, or a combination of a, b and c, where a, b, c can be single or multiple. In addition, the terms "first" and "second" are used for descriptive purposes only, and should not be understood as indicating or implying relative importance.
本申请提供一种应用的隐私协议族生成方法、客户端设备、服务器、芯片系统、计算机可读存储介质和计算机程序产品,基于全部隐私行为在应用的运行过程中所使用个人数据的隐私情况,可自动化生成实现应用的隐私协议族,避开了关联应用的开发阶段和绑定 应用的发布上线阶段的繁琐过程,缩短了生成应用的隐私协议族的时间成本,降低了生成应用的隐私协议族的投入成本,确保了生成应用的隐私协议族的准确性。This application provides a method for generating a privacy protocol suite for an application, a client device, a server, a chip system, a computer-readable storage medium, and a computer program product. It can automatically generate the privacy protocol suite of the application, avoiding the cumbersome process of the development phase of the associated application and the release and launch phase of the bound application, shortening the time cost of generating the privacy protocol suite of the application, and reducing the privacy protocol suite of the generated application The input cost ensures the accuracy of the generated application privacy protocol suite.
另外,还可向研发人员提供二次确认和手动修正应用的隐私协议族的渠道,从而通过研发人员对应用的隐私协议族进行的二次确认和手动修正,有利于提升应用的隐私协议族的准确性。In addition, it can also provide developers with a channel for secondary confirmation and manual correction of the privacy protocol suite of the application, so that through the secondary confirmation and manual correction of the privacy protocol suite of the application by the research and development personnel, it is beneficial to improve the privacy protocol suite of the application. accuracy.
另外,还可对应用的新旧版本进行差异化的隐私分析,快速且准确地生成了新版本对应的应用的隐私协议族,无需大量的人力投入进行隐私分析,还无需与应用的版本发布进行绑定,解决了由于频繁的版本迭代而导致应用的版本发布缓慢和应用的隐私协议族准确差的痛点。In addition, differentiated privacy analysis can be performed on the old and new versions of the application, and the privacy protocol suite of the application corresponding to the new version can be quickly and accurately generated without requiring a lot of human investment for privacy analysis, and there is no need to tie it to the version release of the application It solves the pain points of slow application version release and poor accuracy of the application privacy protocol suite due to frequent version iterations.
下面,对本申请中的部分用语进行解释说明,以便于本领域技术人员理解。In the following, some terms used in this application are explained to facilitate the understanding of those skilled in the art.
1、个人数据1. Personal data
个人数据指的是:涉及到用户的隐私权益的相关数据。Personal data refers to: relevant data related to the user's privacy rights and interests.
其中,个人数据可包括如内容、种类等属性参数。个人数据的数据内容指的是个人数据的具体数据。个人数据的标识用于表示个人数据的具体种类。Among them, the personal data may include attribute parameters such as content and category. The data content of personal data refers to the specific data of personal data. Personal data identifiers are used to indicate specific categories of personal data.
在一些实施例中,个人数据的种类可以包括:用户数据和设备信息。用户数据的种类可以包括但不限于:姓名、身份信息(如身份证号码或照片等)、定位数据(如经纬度或房间号等)、心理状态、基因信息以及社会身份等。设备信息的种类可以包括但不限于:网络标识、设备型号以及物理地址(physical address,MAC)等。In some embodiments, categories of personal data may include: user data and device information. The types of user data may include but are not limited to: name, identity information (such as ID number or photo, etc.), location data (such as latitude and longitude or room number, etc.), psychological state, genetic information, and social identity, etc. Types of device information may include but not limited to: network identifier, device model, and physical address (physical address, MAC).
2、隐私行为2. Privacy behavior
隐私行为指的是:应用需要使用个人数据的全部行为,可全面涉及客户端设备0分析用户的隐私权益的数据生命周期以及应用服务器2分析用户的隐私权益的数据生命周期等。Privacy behavior refers to all behaviors that applications need to use personal data, which can fully involve the data life cycle of the client device 0 analyzing the user's privacy rights and the data life cycle of the application server 2 analyzing the user's privacy rights, etc.
另外,隐私行为的标识可表示隐私行为的种类。其中,隐私行为的标识可采用如字母、数字、二进制、字符等表示方式。In addition, the identifier of the privacy behavior may indicate the type of the privacy behavior. Wherein, the identifier of the privacy behavior may be represented by letters, numbers, binary, characters, and the like.
在一些实施例中,隐私行为的种类可以包括:敏感行为(如命令执行、文件上传、音视频下载、信息存储、位置信息获取等)、控件操作(如用户选择同意控件等操作)、权利行为(即用户主动进行如访问、删除、留存等的行为)、留存行为(即目标应用主动进行如访问、删除、留存等的行为)、披露行为(如向其他应用/公众号/网页传输数据的行为)和跨境行为(如向其他国家的服务器传输数据的行为)等。In some embodiments, the types of privacy behaviors may include: sensitive behaviors (such as command execution, file upload, audio and video download, information storage, location information acquisition, etc.), control operations (such as user selection to agree to controls and other operations), right behaviors (that is, the user actively conducts behaviors such as accessing, deleting, and retaining), retention behavior (that is, the target application actively conducts behaviors such as accessing, deleting, and retaining), and disclosure behavior (such as transferring data to other applications/official accounts/webpages) behavior) and cross-border behavior (such as the behavior of transmitting data to servers in other countries), etc.
请参阅图2,图2示出了本申请提供的一种应用的隐私协议族生成方法的系统架构示意图。Please refer to FIG. 2 . FIG. 2 shows a schematic diagram of a system architecture of a method for generating an applied privacy protocol suite provided by the present application.
如图2所示,本申请的应用的隐私协议族生成方法的系统架构可以包括:客户端设备0、应用服务器2以及托管服务器3。As shown in FIG. 2 , the system architecture of the application privacy protocol suite generation method of the present application may include: a client device 0 , an application server 2 and a hosting server 3 .
客户端设备0分别与应用服务器2和托管服务器3通信连接,应用服务器2还与托管服务器3通信连接。本申请提及的通信连接可包括无线连接和/或有线连接,本申请对此不做限定。The client device 0 communicates with the application server 2 and the hosting server 3 respectively, and the application server 2 also communicates with the hosting server 3 . The communication connection mentioned in this application may include wireless connection and/or wired connection, which is not limited in this application.
其中,客户端设备0和应用服务器2中均可安装并运行目标应用的安装包,对应的,客户端设备0中设置有目标应用的应用客户端1,应用服务器2可为目标应用的应用服务器2,使得客户端设备0和应用服务器2可相互配合实现目标应用的全部业务。托管服务器3可为生成目标隐私协议族的服务器。Wherein, both the client device 0 and the application server 2 can install and run the installation package of the target application. Correspondingly, the client device 0 is provided with the application client 1 of the target application, and the application server 2 can be the application server of the target application 2, so that the client device 0 and the application server 2 can cooperate with each other to realize all services of the target application. The hosting server 3 can be a server that generates the target privacy protocol suite.
其中,本申请提及的目标应用为一个应用程序(application,APP)。本申请对目标应用的如类型、功能、用户界面、显示位置等参数不做限定。本申请提及的目标隐私协议族即为目标应用的隐私协议族。目标隐私协议族为目标应用提供了用户的隐私权益的使用说明文本,目标隐私协议族可包括如隐私声明、用户协议、隐私要求等内容。Wherein, the target application mentioned in this application is an application program (application, APP). This application does not limit parameters such as type, function, user interface, and display position of the target application. The target privacy protocol suite mentioned in this application is the privacy protocol suite of the target application. The target privacy protocol family provides the user's privacy rights and interests for the target application. The target privacy protocol family may include content such as privacy statements, user agreements, and privacy requirements.
其中,客户端设备0可以为终端设备,也可以为服务器,也可包括终端设备和服务器,本申请对此不做限定。例如,终端设备可以是手机(如折叠屏手机、大屏手机、智能手机等)、平板电脑、笔记本电脑、可穿戴设备、车载设备、增强现实(augmented reality,AR)/虚拟现实(virtual reality,VR)设备、超级移动个人计算机(ultra-mobile personal computer,UMPC)、上网本、个人数字助理(personal digital assistant,PDA)、智能电视、智慧屏、高清电视、4K电视、智能音箱、智能投影仪等。Wherein, the client device 0 may be a terminal device, may also be a server, and may also include a terminal device and a server, which is not limited in this application. For example, the terminal device can be a mobile phone (such as a folding screen mobile phone, a large-screen mobile phone, a smart phone, etc.), a tablet computer, a notebook computer, a wearable device, a vehicle-mounted device, an augmented reality (augmented reality, AR)/virtual reality (virtual reality, VR) equipment, ultra-mobile personal computer (UMPC), netbook, personal digital assistant (PDA), smart TV, smart screen, high-definition TV, 4K TV, smart speaker, smart projector, etc. .
其中,本申请对应用服务器2的如类型、数量和等参数不做限定。例如,应用服务器2可为云服务器。Wherein, the present application does not limit parameters such as type, quantity and the like of the application server 2 . For example, the application server 2 can be a cloud server.
其中,本申请对托管服务器3的如类型、数量和等参数不做限定。在一些实施例中,托管服务器3可为应用服务器2,也可为与应用服务器2不同的服务器。Wherein, the present application does not limit parameters such as type, quantity, and the like of the hosting server 3 . In some embodiments, the hosting server 3 can be the application server 2, or a server different from the application server 2.
基于前述描述,详细介绍图2中客户端设备0、应用服务器2和托管服务器3各自的功能实现。Based on the foregoing description, the implementation of respective functions of the client device 0, the application server 2, and the hosting server 3 in FIG. 2 will be introduced in detail.
为了便于说明,本申请提及的个人数据1即为目标应用在客户端设备0中的个人数据,个人数据2即为目标应用在应用服务器2中的个人数据。另外,个人数据1和个人数据2可以相同的内容和种类,也可以不同的内容和种类,本申请对此不做限定。For ease of description, the personal data 1 mentioned in this application is the personal data of the target application in the client device 0 , and the personal data 2 is the personal data of the target application in the application server 2 . In addition, personal data 1 and personal data 2 may have the same content and type, or different content and type, which is not limited in this application.
为了便于说明,本申请提及的隐私行为1可以包括全部应用在客户端设备0中需要使用个人数据的全部行为,如敏感行为、控件操作、披露行为和跨境行为等。本申请提及的隐私行为2可以包括全部应用在应用服务器2中需要使用个人数据的全部行为,如权利行为、留存行为、披露行为和跨境行为等。For ease of description, the privacy behavior 1 mentioned in this application may include all behaviors that all applications need to use personal data on the client device 0, such as sensitive behaviors, control operations, disclosure behaviors, and cross-border behaviors. The privacy behavior 2 mentioned in this application may include all behaviors that all applications need to use personal data in the application server 2, such as rights behavior, retention behavior, disclosure behavior, and cross-border behavior.
本申请中,客户端设备0中的应用客户端1,用于提供承载目标应用的安装包、运行目标应用的安装包、识别个人数据1、触发应用服务器2识别个人数据2、分析隐私行为1是否使用个人数据1、推送隐私行为1使用了个人数据1的隐私情况以及存储目标隐私协议族等能力。In this application, the application client 1 in the client device 0 is used to provide the installation package carrying the target application, run the installation package of the target application, identify personal data 1, trigger the application server 2 to identify personal data 2, and analyze privacy behavior 1 Whether to use personal data 1, push privacy behavior 1 uses the privacy status of personal data 1 and the ability to store target privacy protocol suites.
另外,客户端设备0,还用于提供显示目标隐私协议族、修正目标隐私协议族、确定目标应用的安装包是否为新版本以及更新旧版本对应的目标隐私协议族等能力。In addition, the client device 0 is also used to provide capabilities such as displaying the target privacy protocol family, modifying the target privacy protocol family, determining whether the installation package of the target application is a new version, and updating the target privacy protocol family corresponding to the old version.
应用服务器2,用于提供承载目标应用的安装包、运行目标应用的安装包、识别个人数据2、分析隐私行为2是否使用个人数据2以及推送隐私行为2使用了个人数据2的隐私情况等能力。The application server 2 is used to provide the ability to carry the installation package of the target application, run the installation package of the target application, identify personal data 2, analyze whether the privacy behavior 2 uses the personal data 2, and push the privacy status of the privacy behavior 2 using the personal data 2, etc. .
托管服务器3,用于提供接收隐私行为1使用了个人数据1的隐私情况、接收隐私行为2使用了个人数据2的隐私情况、分析前述各种隐私情况以及生成目标隐私协议族等能力。Hosting server 3 is used to provide the ability to receive the privacy situation of personal data 1 used in privacy behavior 1, receive the privacy situation of personal data 2 used in privacy behavior 2, analyze the aforementioned various privacy situations, and generate target privacy protocol suites.
另外,托管服务器3,还用于提供存储目标隐私协议族、分析目标应用的新旧版本间的差异以及更新目标隐私协议族等能力。In addition, the hosting server 3 is also used to provide capabilities such as storing the target privacy protocol suite, analyzing differences between new and old versions of the target application, and updating the target privacy protocol suite.
基于上述描述,结合图3,分别介绍图2中的客户端设备0、应用服务器2和托管服务器3各自的具体实现方式。Based on the above description, with reference to FIG. 3 , specific implementations of the client device 0 , the application server 2 and the hosting server 3 in FIG. 2 are respectively introduced.
请参阅图3,图3示出了本申请提供的一种客户端设备0、应用服务器2和托管服务器3各自的软件结构框图。Please refer to FIG. 3 . FIG. 3 shows a software structural block diagram of a client device 0 , an application server 2 and a hosting server 3 provided in the present application.
如图3所示,本申请的客户端设备0中的应用客户端1可以包括:应用主体11和应用沙箱12。本申请的应用服务器2中可以包括:服务插件集20。本申请的托管服务器3中可以包括:托管服务30。As shown in FIG. 3 , the application client 1 in the client device 0 of the present application may include: an application body 11 and an application sandbox 12 . The application server 2 of the present application may include: a service plug-in set 20 . The hosting server 3 of the present application may include: hosting service 30 .
其中,应用主体11分别与应用沙箱12和托管服务30通信连接,应用沙箱12分别与服务插件集20和托管服务30通信连接,服务插件集20还与托管服务30通信连接。Wherein, the application body 11 communicates with the application sandbox 12 and the hosting service 30 respectively, the application sandbox 12 communicates with the service plug-in set 20 and the hosting service 30 respectively, and the service plug-in set 20 also communicates with the hosting service 30 .
应用主体11可看作一个容器,用于提供承载目标应用的安装包以及存储目标隐私协议族等能力。The application body 11 can be regarded as a container, which is used to provide the ability to carry the installation package of the target application and store the target privacy protocol suite.
另外,应用主体11,还用于提供显示目标隐私协议族等能力。In addition, the application body 11 is also used to provide capabilities such as displaying target privacy protocol suites.
应用沙箱12,用于提供运行目标应用的安装包、识别个人数据1、触发应用服务器2识别个人数据2、分析隐私行为1是否使用个人数据1以及推送隐私行为1使用了个人数据1的隐私情况等能力。The application sandbox 12 is used to provide the installation package for running the target application, identify personal data 1, trigger the application server 2 to identify personal data 2, analyze whether the privacy behavior 1 uses the personal data 1, and push the privacy of the privacy behavior 1 using the personal data 1 situational abilities.
另外,应用沙箱12,还用于提供修正目标隐私协议族、确定目标应用的安装包是否为新版本、更新旧版本对应的目标隐私协议族等能力。In addition, the application sandbox 12 is also used to provide capabilities such as revising the target privacy protocol suite, determining whether the installation package of the target application is a new version, and updating the target privacy protocol suite corresponding to the old version.
服务插件集20,用于提供运行目标应用的安装包、识别个人数据2、分析隐私行为2是否使用个人数据2以及推送隐私行为2使用了个人数据2的隐私情况等能力。The service plug-in set 20 is used to provide the ability to run the installation package of the target application, identify the personal data 2 , analyze whether the privacy behavior 2 uses the personal data 2 , and push the privacy status of the privacy behavior 2 using the personal data 2 .
托管服务30,用于提供接收隐私行为1使用了个人数据1的隐私情况、接收隐私行为2使用了个人数据2的隐私情况、分析前述各种隐私情况、生成目标隐私协议族以及存储目标隐私协议族等能力。Escrow service 30, used to provide the privacy situation of receiving privacy behavior 1 using personal data 1, receiving the privacy situation of privacy behavior 2 using personal data 2, analyzing the aforementioned various privacy situations, generating the target privacy protocol family, and storing the target privacy protocol ethnic ability.
另外,托管服务30,还用于提供分析目标应用的新旧版本间的差异以及更新目标隐私协议族等能力。In addition, the hosting service 30 is also used to provide capabilities such as analyzing differences between old and new versions of the target application and updating the target privacy protocol suite.
基于上述各个软件模块的描述,结合图4,分别介绍图3中的应用主体11、应用沙箱12、服务插件集20和托管服务30各自的具体实现方式。Based on the description of each software module above, with reference to FIG. 4 , specific implementations of the application body 11 , application sandbox 12 , service plug-in set 20 and hosting service 30 in FIG. 3 are respectively introduced.
请参阅图4,图4分别示出了本申请提供的一种应用主体11、应用沙箱12、服务插件集20以及托管服务30各自的软件结构框图。Please refer to FIG. 4 . FIG. 4 respectively shows a software structure diagram of an application body 11 , an application sandbox 12 , a service plug-in set 20 and a hosting service 30 provided in the present application.
如图4所示,应用主体11可以包括:隐私协议SDK(软件开发工具包,software development kit)105。应用沙箱12可以包括:数据识别模块101、行为检测模块102、SDK侦测模块103和数据跨境模块104。服务插件集20可以包括:数据识别桩201、数据处理桩202和SDK侦测桩203。托管服务30可以包括:隐私声明/协议生成服务301、语义分析服务302、版本差异性服务303以及关联应用服务304。As shown in FIG. 4 , the application body 11 may include: a privacy protocol SDK (software development kit, software development kit) 105 . The application sandbox 12 may include: a data identification module 101 , a behavior detection module 102 , an SDK detection module 103 and a data cross-border module 104 . The service plug-in set 20 may include: a data identification stub 201 , a data processing stub 202 and an SDK detection stub 203 . The hosting service 30 may include: a privacy statement/protocol generation service 301 , a semantic analysis service 302 , a version difference service 303 and an associated application service 304 .
隐私协议SDK105,用于提供存储目标隐私协议族以及显示目标隐私协议族等能力,可实现将目标隐私协议族集成在目标应用的安装包中,还可实现对目标隐私协议族的显示。The privacy protocol SDK105 is used to provide the ability to store the target privacy protocol family and display the target privacy protocol family. It can realize the integration of the target privacy protocol family in the installation package of the target application, and can also realize the display of the target privacy protocol family.
数据识别模块101,用于提供识别个人数据1以及同步个人数据1等能力,可实现对目标应用在客户端设备0中的个人数据1的识别,还可实现向应用服务器2同步个人数据1。The data identification module 101 is used to provide the capability of identifying personal data 1 and synchronizing personal data 1 , which can realize the identification of the personal data 1 of the target application in the client device 0 , and can also realize the synchronization of the personal data 1 to the application server 2 .
行为检测模块102,用于提供监测目标应用在客户端设备0中的敏感行为、分析敏感行为是否使用个人数据1以及推送敏感行为使用了个人数据1的隐私情况等能力,可实现对敏感行为的实时监测,还可实现对敏感行为使用了个人数据1的隐私情况的推送。The behavior detection module 102 is used to provide the ability to monitor the sensitive behavior of the target application in the client device 0, analyze whether the sensitive behavior uses personal data 1, and push the privacy status of the personal data 1 used by the sensitive behavior, so as to realize the monitoring of sensitive behaviors. Real-time monitoring can also realize the push of privacy information that uses personal data1 for sensitive behaviors.
行为检测模块102,还用于提供监测目标应用在客户端设备0中的控件操作的如控件底层细节、绑定事件、操作类型等内容、分析控件操作是否使用个人数据1以及推送控件操作使用了个人数据1的隐私情况等能力,可实现对控件操作的实时监测,还可实现控件操作使用了个人数据1的隐私情况的推送。The behavior detection module 102 is also used to monitor the control operation of the target application in the client device 0, such as the underlying details of the control, binding events, operation types, etc., and analyze whether the control operation uses personal data 1 and whether the push control operation uses The privacy status of personal data 1 and other capabilities can realize real-time monitoring of control operations, and can also realize the push of privacy status of personal data 1 used in control operations.
SDK侦测模块103,用于通过侦测客户端设备0中是否集成有与其他应用、其他网页或其他服务器等进行通信的SDK的方式,提供监测目标应用在客户端设备0中的披露行为,分析披露行为是否使用个人数据1以及推送披露行为使用了个人数据1的隐私情况等能力,可实现对目标应用是否在客户端设备0中执行披露行为的确定,还可实现对披露行为使用了个人数据1的隐私情况的推送。The SDK detection module 103 is used to monitor the disclosure behavior of the target application in the client device 0 by detecting whether the client device 0 is integrated with an SDK that communicates with other applications, other web pages, or other servers, etc., The ability to analyze whether the disclosure behavior uses personal data 1 and push the privacy situation of personal data 1 used in the disclosure behavior can realize the determination of whether the target application performs the disclosure behavior on the client device 0, and can also realize the use of personal data in the disclosure behavior. The push of the privacy status of data 1.
数据跨境模块104,用于提供监测目标应用在客户端设备0中的如数据或流量等跨境行为、分析跨境行为是否使用个人数据1以及推送跨境行为使用了个人数据1的隐私情况等能力,可实现对目标应用是否在客户端设备0中执行跨境行为的确定,还可实现对跨境行为使用了个人数据1的隐私情况的推送。The data cross-border module 104 is used to monitor the cross-border behavior of the target application in the client device 0, such as data or traffic, analyze whether the cross-border behavior uses personal data 1, and push the privacy situation of cross-border behavior using personal data 1 and other capabilities, can realize the determination of whether the target application performs cross-border behavior on the client device 0, and can also realize the push of the privacy status of the cross-border behavior using personal data 1.
数据识别桩201,用于通过与数据识别模块101协同,提供识别个人数据2以及同步个人数据2等能力,可实现对目标应用在应用服务器2中的个人数据的识别。The data identification stub 201 is used to cooperate with the data identification module 101 to provide the ability to identify the personal data 2 and synchronize the personal data 2, so as to realize the identification of the personal data of the target application in the application server 2.
数据处理桩202,用于通过与数据识别桩201协同,提供监测目标应用在应用服务器2中的留存行为、分析留存行为是否使用个人数据2以及推送留存行为使用了个人数据2的隐私情况等能力,可实现对留存行为的实时监测,还可实现留存行为使用了个人数据2的隐私情况的推送。The data processing stub 202 is used to cooperate with the data identification stub 201 to provide the ability to monitor the retention behavior of the target application in the application server 2, analyze whether the retention behavior uses personal data 2, and push the privacy status of the retention behavior using personal data 2, etc. , which can realize the real-time monitoring of the retention behavior, and also realize the push of the privacy status of the personal data 2 used in the retention behavior.
数据处理桩202,还用于通过与数据识别桩201协同,提供监测目标应用在应用服务器2中的如数据或流量等跨境行为、分析跨境行为是否使用个人数据2以及推送跨境行为使用了个人数据2的隐私情况等能力,可实现对跨境行为的实时监测,还可实现跨境行为使用了个人数据2的隐私情况的推送。The data processing stub 202 is also used to cooperate with the data identification stub 201 to monitor the cross-border behavior of the target application in the application server 2 such as data or traffic, analyze whether the cross-border behavior uses personal data 2, and push the use of cross-border behavior. The ability to monitor the privacy of personal data 2 can realize real-time monitoring of cross-border behaviors and push the privacy status of personal data 2 used in cross-border behaviors.
SDK侦测桩203,用于通过与SDK侦测模块103协同,提供侦测应用服务器2中是否集成有SDK、确定应用服务器2中集成的SDK有哪些、监测目标应用在应用服务器2中的披露行为,分析披露行为是否使用个人数据2以及推送披露行为使用了个人数据2的隐私情况等能力,可实现对目标应用是否在应用服务器2中执行披露行为的确定,还可实现对披露行为使用了个人数据2的隐私情况的推送。The SDK detection stub 203 is used to cooperate with the SDK detection module 103 to detect whether the SDK is integrated in the application server 2, determine which SDKs are integrated in the application server 2, and monitor the disclosure of the target application in the application server 2 Behavior, the ability to analyze whether the disclosure behavior uses personal data 2 and push the privacy status of personal data 2 used in the disclosure behavior can realize the determination of whether the target application performs the disclosure behavior in the application server 2, and can also realize the use of the disclosure behavior The push of the privacy situation of personal data 2.
托管服务30,用于通过隐私声明/协议生成服务301、语义分析服务302、版本差异性服务303以及关联应用服务304等,分析隐私行为1使用了个人数据1和隐私行为2使用了个人数据2的隐私情况,生成目标隐私协议族,并向应用主体11提供目标隐私协议族等能力。Hosting service 30, used to analyze privacy statement/protocol generation service 301, semantic analysis service 302, version difference service 303, and associated application service 304, etc., to analyze privacy behavior 1 using personal data 1 and privacy behavior 2 using personal data 2 generate the target privacy protocol suite, and provide the application subject 11 with capabilities such as the target privacy protocol suite.
另外,托管服务30,还用于提供存储目标隐私协议族、分析目标应用的新旧版本间的差异以及更新目标隐私协议族等能力。In addition, the hosting service 30 is also used to provide capabilities such as storing the target privacy protocol suite, analyzing differences between new and old versions of the target application, and updating the target privacy protocol suite.
基于上述软件模块的相互配合,可实现目标隐私协议族的自动化生成,解决了由于繁琐的版本迭代和大量的人力投入而导致成本高且准确性差的痛点。Based on the mutual cooperation of the above software modules, the automatic generation of the target privacy protocol family can be realized, which solves the pain point of high cost and poor accuracy due to tedious version iteration and a large amount of manpower input.
下面,结合图5,介绍图4中的各个软件模块生成目标隐私协议族的详细过程。Next, with reference to FIG. 5 , the detailed process of generating the target privacy protocol suite by each software module in FIG. 4 is introduced.
请参阅图5,图5分别示出了本申请提供的一种应用的隐私协议族生成方法的信令交互图。为了便于说明,图5中,目标应用以应用1为例进行示意。Please refer to FIG. 5 . FIG. 5 respectively shows a signaling interaction diagram of a method for generating an applied privacy protocol suite provided by the present application. For ease of description, in FIG. 5 , the target application is illustrated by taking Application 1 as an example.
如图5所示,本申请的应用的隐私协议族生成方法可以包括如下步骤:As shown in FIG. 5, the method for generating a privacy protocol suite applied in the present application may include the following steps:
S0、研发人员向应用主体11提供应用1的安装包。从而,应用主体11可判断应用1的安装包是否为新版本。S0. The research and development personnel provide the installation package of the application 1 to the application subject 11. Therefore, the application body 11 can determine whether the installation package of the application 1 is a new version.
在确定应用1的安装包不为新版本时,应用主体11可确定应用1不是进行版本更新,且应用主体11可确定应用1需要新生成应用1的隐私协议族,便可执行S1。在确定应用1的安装包为新版本时,应用主体11可确定是应用1是进行版本更新,且应用主体11可确定应用1需要针对新版本生成应用1的隐私协议族,便可执行S30。When it is determined that the installation package of application 1 is not a new version, the application body 11 can determine that the version of application 1 is not updated, and the application body 11 can determine that application 1 needs to generate a new privacy protocol suite of application 1, and then execute S1. When it is determined that the installation package of Application 1 is a new version, the application body 11 can determine that Application 1 is updating the version, and the application body 11 can determine that Application 1 needs to generate the privacy protocol suite of Application 1 for the new version, and then execute S30.
S1、应用主体11在确定应用1的安装包不为新版本时,应用主体11可向数据识别模块101发送指令1,并向行为检测模块102发送指令2。在指令1和指令2传输后,应用主体11可运行应用1的安装包,以便完成应用1的业务实现。S1. When the application body 11 determines that the installation package of the application 1 is not a new version, the application body 11 can send an instruction 1 to the data identification module 101 and send an instruction 2 to the behavior detection module 102 . After the instruction 1 and instruction 2 are transmitted, the application body 11 can run the installation package of the application 1, so as to complete the service implementation of the application 1.
其中,指令1用于指示数据识别模块101识别个人数据1,指令2用于指示行为检测模块102监测敏感行为和控件操作,指令1或指令2可采用如字母、二进制、字符等表示形式。另外,本申请不限定应用主体11传输指令1和指令2在时序上的先后顺序,可同时执行,也可顺序执行。Among them, instruction 1 is used to instruct the data identification module 101 to identify personal data 1, and instruction 2 is used to instruct the behavior detection module 102 to monitor sensitive behaviors and control operations. Instruction 1 or instruction 2 can be expressed in letters, binary, characters, etc. In addition, the present application does not limit the order in which the application body 11 transmits the instruction 1 and the instruction 2 in terms of time sequence, which may be executed simultaneously or sequentially.
S2、在应用主体11运行应用1的安装包后,数据识别模块101响应于指令1,可识别应用1在客户端设备0中的个人数据1。S2. After the application body 11 runs the installation package of the application 1, the data identification module 101 can identify the personal data 1 of the application 1 in the client device 0 in response to the instruction 1.
S3、在应用主体11运行应用1的安装包后,行为检测模块102响应于指令2,可监测应用1的敏感行为和控件操作。S3. After the application body 11 runs the installation package of the application 1, the behavior detection module 102 can monitor the sensitive behavior and control operation of the application 1 in response to the instruction 2.
在数据识别模块101识别到个人数据1后,数据识别模块101可分别执行S4、S6、S11和S17,实现客户端设备0中的应用客户端1与应用服务器2之间的数据同步。其中,本申请不限定S4、S6、S11和S17在时序上的先后顺序,可同时执行,也可顺序执行。After the data identification module 101 identifies the personal data 1, the data identification module 101 can execute S4, S6, S11 and S17 respectively to realize data synchronization between the application client 1 and the application server 2 in the client device 0. Wherein, the present application does not limit the sequential order of S4, S6, S11 and S17 in terms of time sequence, and may be executed simultaneously or sequentially.
S4、数据识别模块101可向行为检测模块102发送个人数据1的内容和标识。S4. The data identification module 101 can send the content and identification of the personal data 1 to the behavior detection module 102 .
S5、行为检测模块102在接收到个人数据1后,基于个人数据1的内容和标识,可判断敏感行为和控件操作是否使用了个人数据1。S5. After receiving the personal data 1, the behavior detection module 102 can determine whether the personal data 1 is used in sensitive behaviors and control operations based on the content and identification of the personal data 1.
在确定敏感行为使用了个人数据1后,行为检测模块102可向托管服务30发送敏感行为的标识以及敏感行为所使用个人数据1的内容和标识。After determining that the personal data 1 is used in the sensitive behavior, the behavior detection module 102 may send the identifier of the sensitive behavior and the content and identifier of the personal data 1 used in the sensitive behavior to the hosting service 30 .
和/或,在确定控件操作使用了个人数据1后,行为检测模块102可向托管服务30发送控件操作的标识以及控件操作所使用个人数据1的内容和标识。And/or, after determining that the control operation uses the personal data 1 , the behavior detection module 102 may send the identification of the control operation and the content and identification of the personal data 1 used in the control operation to the hosting service 30 .
基于S4-S5的描述,客户端设备0中的应用客户端1在运行应用1的安装包后,通过分析应用1的业务实现,可捕捉到敏感行为和控件操作使用了个人数据1的隐私情况。Based on the description of S4-S5, after the application client 1 in the client device 0 runs the installation package of the application 1, by analyzing the business implementation of the application 1, it can capture the privacy of the sensitive behavior and control operation using the personal data 1 .
S6、数据识别模块101可向数据识别桩201发送个人数据1的内容和标识,实现数据识别模块101与数据识别桩201之间的数据同步。S6. The data identification module 101 can send the content and identification of the personal data 1 to the data identification post 201 to realize data synchronization between the data identification module 101 and the data identification post 201 .
S7、数据识别桩201基于个人数据1的内容和标识,可识别应用1在应用服务器2中的个人数据2。S7. The data identification stub 201 can identify the personal data 2 of the application 1 in the application server 2 based on the content and identification of the personal data 1 .
在数据识别桩201识别到个人数据2后,数据识别桩201可分别执行S8和S13。其中,本申请不限定S8和S13在时序上的先后顺序,可同时执行,也可顺序执行。After the data identification post 201 identifies the personal data 2, the data identification post 201 can execute S8 and S13 respectively. Wherein, the present application does not limit the sequence of S8 and S13 in terms of time sequence, which may be executed simultaneously or sequentially.
S8、数据识别桩201可向数据处理桩202发送个人数据2的内容和标识。S8. The data identification post 201 can send the content and identification of the personal data 2 to the data processing post 202 .
S9、数据处理桩202在接收到个人数据2后,基于个人数据2的内容和标识,可确定个人数据2在应用服务器2中的数据留存情况。S9. After receiving the personal data 2, the data processing stub 202 can determine the data storage status of the personal data 2 in the application server 2 based on the content and identification of the personal data 2.
S10、数据处理桩202基于数据留存情况,可判断权利行为和留存行为是否使用了个人数据2。S10, the data processing post 202 can determine whether the personal data 2 is used in the right behavior and the retention behavior based on the data retention situation.
在确定权利行为使用了个人数据2后,数据处理桩202可向托管服务30发送权利行为的标识和权利行为所使用个人数据2的内容和标识。After determining that the personal data 2 is used in the right action, the data processing stub 202 may send the identification of the right action and the content and identification of the personal data 2 used in the right action to the escrow service 30 .
和/或,在确定留存行为使用了个人数据2后,数据处理桩202可向托管服务30发送留存行为的标识和留存行为所使用个人数据2的内容和标识。And/or, after determining that the personal data 2 is used in the retention behavior, the data processing stub 202 may send the identification of the retention behavior and the content and identification of the personal data 2 used in the retention behavior to the escrow service 30 .
基于S6-S10的描述,客户端设备0中的应用客户端1以及应用服务器2在运行应用1的安装包后,通过分析应用1的业务实现,可捕捉到权利行为和留存行为使用了个人数据2的隐私情况。Based on the description of S6-S10, after the application client 1 and the application server 2 in the client device 0 run the installation package of the application 1, by analyzing the business implementation of the application 1, it is possible to capture the use of personal data in the right behavior and retention behavior 2 Privacy situation.
S11、数据识别模块101可向SDK侦测模块103发送个人数据1的内容和标识。S11 , the data identification module 101 can send the content and identification of the personal data 1 to the SDK detection module 103 .
S12、SDK侦测模块103在接收到个人数据1后,基于个人数据1的内容和标识,可确定个人数据1在客户端设备0中的数据披露情况1。S12. After receiving the personal data 1, the SDK detection module 103 can determine the data disclosure situation 1 of the personal data 1 in the client device 0 based on the content and identification of the personal data 1.
S13、数据识别桩201可向SDK侦测桩203发送个人数据2的内容和标识。S13. The data identification post 201 can send the content and identification of the personal data 2 to the SDK detection post 203 .
S14、SDK侦测桩203在接收到个人数据2后,基于个人数据2的内容和标识,可确定个人数据2在应用服务器2中的数据披露情况2。S14. After receiving the personal data 2, the SDK detection stub 203 can determine the data disclosure situation 2 of the personal data 2 in the application server 2 based on the content and identification of the personal data 2.
S15、SDK侦测桩203向SDK侦测模块103发送数据披露情况2,实现SDK侦测模块103与SDK侦测桩203的数据同步。S15 , the SDK detection stub 203 sends the data disclosure situation 2 to the SDK detection module 103 , realizing data synchronization between the SDK detection module 103 and the SDK detection stub 203 .
S16、SDK侦测模块103基于数据披露情况1和数据披露情况2,可判断披露行为是否使用了个人数据1和/或个人数据2。S16. The SDK detection module 103 can determine whether personal data 1 and/or personal data 2 are used in the disclosure behavior based on data disclosure situation 1 and data disclosure situation 2.
在确定披露行为使用了个人数据1和/或个人数据2后,SDK侦测模块103可向托管服务30发送披露行为的标识和披露行为所使用个人数据1和/或个人数据2的内容和标识。After determining that the disclosure behavior uses personal data 1 and/or personal data 2, the SDK detection module 103 can send the identification of the disclosure behavior and the content and identification of personal data 1 and/or personal data 2 used in the disclosure behavior to the hosting service 30 .
需要说明的是,除了S15-S16的实现方式之外,SDK侦测模块103和SDK侦测桩203可分别执行如下步骤:It should be noted that, in addition to the implementation of S15-S16, the SDK detection module 103 and the SDK detection stub 203 can respectively perform the following steps:
SDK侦测模块103可基于数据披露情况1,可判断披露行为是否使用了个人数据1。在确定披露行为使用了个人数据1后,SDK侦测模块103可向托管服务30发送披露行为的标识和披露行为所使用个人数据1的内容和标识。The SDK detection module 103 can determine whether the disclosure behavior uses personal data 1 based on the data disclosure situation 1 . After determining that the personal data 1 is used in the disclosure, the SDK detection module 103 may send the identification of the disclosure and the content and identification of the personal data 1 used in the disclosure to the hosting service 30 .
并且,SDK侦测桩203可基于数据披露情况2,可判断披露行为是否使用了个人数据2。在确定披露行为使用了个人数据2后,SDK侦测桩203可向托管服务30发送披露行为的标识和披露行为所使用个人数据2的内容和标识。Moreover, the SDK detection stub 203 can determine whether the disclosure behavior uses the personal data 2 based on the data disclosure situation 2 . After determining that the personal data 2 is used in the disclosure, the SDK detection stub 203 may send the identification of the disclosure and the content and identification of the personal data 2 used in the disclosure to the hosting service 30 .
基于S11-S16的描述,客户端设备0中的应用客户端1以及应用服务器2在运行应用1的安装包后,通过分析应用1的业务实现,可捕捉到披露行为使用了个人数据1和/或个人数据2的隐私情况。Based on the description of S11-S16, after the application client 1 and the application server 2 in the client device 0 run the installation package of the application 1, by analyzing the business implementation of the application 1, it can be captured that the disclosure behavior uses the personal data 1 and/or or the privacy situation of personal data2.
S17、数据识别模块101可向数据跨境模块104发送个人数据1的内容和标识。S17. The data identification module 101 can send the content and identification of the personal data 1 to the data cross-border module 104.
S18、数据跨境模块104在接收到个人数据1后,基于个人数据1的内容和标识,可确定个人数据1在客户端设备0中的数据跨境情况1。S18. After receiving the personal data 1, the data cross-border module 104 can determine the data cross-border situation 1 of the personal data 1 in the client device 0 based on the content and identification of the personal data 1.
S19、数据处理桩202在接收到个人数据2后,基于个人数据2的内容和标识,可确定个人数据2在应用服务器2中的数据跨境情况2。S19. After receiving the personal data 2, the data processing post 202 can determine the data cross-border situation 2 of the personal data 2 in the application server 2 based on the content and identification of the personal data 2.
其中,本申请不限定S9和S19在时序上的先后顺序,可同时执行,也可顺序执行。Wherein, the present application does not limit the sequence of S9 and S19 in terms of time sequence, which may be executed simultaneously or sequentially.
S20、数据处理桩202可向数据跨境模块104发送数据跨境情况2。S20, the data processing stub 202 can send the data cross-border situation 2 to the data cross-border module 104 .
S21、数据跨境模块104基于数据跨境情况1和数据跨境情况2,可判断跨境行为是否使用了个人数据1和/或个人数据2。S21. The data cross-border module 104 can determine whether the cross-border behavior uses personal data 1 and/or personal data 2 based on data cross-border situation 1 and data cross-border situation 2.
在确定跨境行为使用了个人数据1和/或个人数据2后,数据跨境模块104可向托管服务30发送跨境行为的标识和跨境行为所使用个人数据1和/或个人数据2的内容和标识。After determining that the cross-border behavior uses personal data 1 and/or personal data 2, the cross-border data module 104 can send the identification of the cross-border behavior and the ID of the personal data 1 and/or personal data 2 used in the cross-border behavior to the hosting service 30. Content and Identity.
需要说明的是,除了S20-S21的实现方式之外,数据跨境模块104和数据处理桩202可分别执行如下步骤:It should be noted that, in addition to the implementation of S20-S21, the data cross-border module 104 and the data processing pile 202 can respectively perform the following steps:
数据跨境模块104基于数据跨境情况1,可判断跨境行为是否使用了个人数据1。在确定跨境行为使用了个人数据1后,数据跨境模块104可向托管服务30发送跨境行为的标识和跨境行为所使用个人数据1的内容和标识。The data cross-border module 104 can determine whether personal data 1 is used in the cross-border behavior based on the data cross-border situation 1. After determining that the personal data 1 is used in the cross-border behavior, the cross-border data module 104 may send the identifier of the cross-border behavior and the content and identifier of the personal data 1 used in the cross-border behavior to the escrow service 30 .
并且,数据处理桩202基于数据跨境情况2,可判断跨境行为是否使用了个人数据2。在确定跨境行为使用了个人数据2后,数据跨境模块104可向托管服务30发送跨境行为的标识和跨境行为所使用个人数据2的内容和标识。Moreover, the data processing post 202 can determine whether personal data 2 is used in the cross-border behavior based on the data cross-border situation 2 . After determining that the personal data 2 is used in the cross-border behavior, the cross-border data module 104 may send the identifier of the cross-border behavior and the content and identifier of the personal data 2 used in the cross-border behavior to the escrow service 30 .
基于S17-S21的描述,客户端设备0中的应用客户端1以及应用服务器2在运行应用1的安装包后,通过分析应用1的业务实现,可捕捉到跨境行为使用了个人数据1和/或个人数据2的隐私情况。Based on the description of S17-S21, after the application client 1 and the application server 2 in the client device 0 run the installation package of the application 1, by analyzing the business implementation of the application 1, it can be captured that the cross-border behavior uses personal data 1 and / or the privacy situation of personal data 2.
需要说明的是,敏感行为和控件操作、权利行为和留存行为、披露行为以及跨境行为各自是否使用了个人数据对应的各种隐私情况,可同步执行,也可先后执行,本申请对此不做限定。It should be noted that sensitive behaviors and control operations, rights behaviors and retention behaviors, disclosure behaviors, and cross-border behaviors use various privacy conditions corresponding to personal data, which can be executed simultaneously or sequentially. Do limited.
S22、托管服务30基于接收到前述各种隐私情况,可分别得到对应的隐私协议信息。从而,托管服务30基于前述隐私协议信息,可生成应用1的隐私协议族。另外,托管服务30还可存储应用1的隐私协议族。S22. The hosting service 30 can respectively obtain corresponding privacy agreement information based on receiving the aforementioned various privacy situations. Therefore, the hosting service 30 can generate the privacy protocol suite of the application 1 based on the foregoing privacy protocol information. In addition, the hosting service 30 can also store the privacy protocol suite of the application 1 .
S23、托管服务30可向应用主体11发送应用1的隐私协议族。S23. The hosting service 30 may send the privacy protocol suite of the application 1 to the application subject 11.
S24、应用主体11在接收到应用1的隐私协议族后,可将应用1的隐私协议族存储在隐私协议SDK105中,使得应用1在启动后可调用隐私协议SDK105实现应用1的隐私协议族的显示。S24. After the application subject 11 receives the privacy protocol suite of application 1, it can store the privacy protocol suite of application 1 in the privacy protocol SDK 105, so that the application 1 can call the privacy protocol SDK 105 to implement the privacy protocol suite of application 1 after startup. show.
基于S22-S24的描述,托管服务器3通过客户端设备0中的应用客户端1和应用服务器2的配合,可自动化生成应用1的隐私协议族。Based on the description of S22-S24, the hosting server 3 can automatically generate the privacy protocol suite of the application 1 through the cooperation of the application client 1 and the application server 2 in the client device 0.
S25、应用主体11可利用隐私协议SDK105,显示应用1的隐私协议族,使得研发人员能够清楚了解到应用1的隐私协议族。S25. The application subject 11 can use the privacy protocol SDK 105 to display the privacy protocol family of the application 1, so that the research and development personnel can clearly understand the privacy protocol family of the application 1.
S26、研发人员基于应用1的实际情况,可对应用1的隐私协议族进行修正,并向应用主体11提供应用1的隐私协议族的修正内容。S26. Based on the actual situation of the application 1, the research and development personnel can modify the privacy protocol suite of the application 1, and provide the amendment content of the privacy protocol suite of the application 1 to the application subject 11.
S27、应用主体11基于修正内容,可对隐私协议SDK105中的应用1的隐私协议族进行更新,得到修正后的应用1的隐私协议族。S27. Based on the revised content, the application subject 11 may update the privacy protocol suite of the application 1 in the privacy protocol SDK 105 to obtain the revised privacy protocol suite of the application 1.
S28、应用主体11可向托管服务30发送修正后的应用1的隐私协议族。S28 , the application body 11 may send the revised privacy protocol suite of the application 1 to the escrow service 30 .
S29、托管服务30基于修正后的应用1的隐私协议族,可对存储的应用1的隐私协议族进行更新。另外,托管服务30还可存储修正后的应用1的隐私协议族。S29. The hosting service 30 may update the stored privacy protocol suite of the application 1 based on the revised privacy protocol suite of the application 1 . In addition, the hosting service 30 may also store the modified privacy protocol suite of the application 1 .
需要说明的是,S25-S29为可选地步骤。It should be noted that S25-S29 are optional steps.
基于S25-S29的描述,客户端设备0中的应用客户端1通过显示应用1的隐私协议族,可向研发人员提供手动修正应用1的隐私协议族的渠道,对应用1的隐私协议族进行了及 时且准确的修正,提升了生成应用1的隐私协议族的准确性。Based on the descriptions in S25-S29, the application client 1 in the client device 0 can provide developers with a channel to manually correct the privacy protocol suite of the application 1 by displaying the privacy protocol suite of the application 1, and carry out the modification of the privacy protocol suite of the application 1. A timely and accurate correction is made, and the accuracy of generating the privacy protocol suite of application 1 is improved.
S30、应用主体11在应用1的安装包为新版本时,可向托管服务30发送应用1的安装包。S30. The application body 11 may send the installation package of the application 1 to the hosting service 30 when the installation package of the application 1 is a new version.
S31、托管服务30基于应用1的安装包,可对安装包的新旧版本间的差异进行隐私分析,得到应用1的新旧版本间的差异部分。其中,差异部分指的是安装包中不同的软件代码以及完成应用1必要的业务实现的软件代码(如应用1在启动后所显示的用户界面对应的软件代码)。S31. Based on the installation package of the application 1, the hosting service 30 may perform a privacy analysis on the difference between the old and new versions of the installation package, and obtain the difference between the old and new versions of the application 1. Wherein, the difference part refers to the different software codes in the installation package and the software codes for completing the necessary services of the application 1 (such as the software codes corresponding to the user interface displayed by the application 1 after it is started).
S32、托管服务30采用静态和/或动态的分析方式,基于差异部分以及旧版本对应的应用1的隐私协议族,可生成新版本对应的应用1的隐私协议族。另外,托管服务30还可存储新版本对应的应用1的隐私协议族。S32. The hosting service 30 adopts a static and/or dynamic analysis method to generate a privacy protocol suite of the application 1 corresponding to the new version based on the difference part and the privacy protocol suite of the application 1 corresponding to the old version. In addition, the hosting service 30 may also store the privacy protocol suite of the application 1 corresponding to the new version.
其中,静态的分析方式指的是托管服务30通过差异部分的软件代码,分析隐私行为在应用客户端1和应用服务器2中使用个人数据的隐私情况,可确定出旧版本对应的应用1的隐私协议族中是否有删除和/或新增隐私协议信息。Among them, the static analysis method refers to that the hosting service 30 analyzes the privacy behavior of the personal data used in the application client 1 and the application server 2 through the software code of the difference part, and can determine the privacy of the application 1 corresponding to the old version. Whether there is deletion and/or addition of privacy protocol information in the protocol family.
其中,动态的分析方式指的是托管服务30利用应用主体11和应用沙箱12运行差异部分的软件代码,可确定出旧版本对应的应用1的隐私协议族中是否有删除和/或新增隐私协议信息。Among them, the dynamic analysis means that the hosting service 30 uses the application body 11 and the application sandbox 12 to run the software code of the difference part, and can determine whether there is deletion and/or addition in the privacy protocol suite of the application 1 corresponding to the old version. Privacy Agreement Information.
在托管服务30生成新版本对应的应用1的隐私协议族后,托管服务30可执行S23,实现将新版本对应的应用1的隐私协议族传输给应用主体11,具体实现过程可参见S23的描述,此处不做赘述。After the hosting service 30 generates the privacy protocol suite of the application 1 corresponding to the new version, the hosting service 30 can execute S23 to transmit the privacy protocol suite of the application 1 corresponding to the new version to the application subject 11. For the specific implementation process, please refer to the description of S23 , which will not be described here.
基于S30-S32的描述,托管服务30通过比较和分析应用1的新旧版本间的差异,结合旧版本对应的应用1的隐私协议族,可快速且准确地生成新版本对应的应用1的隐私协议族,解决了由于应用1进行版本迭代而需要更新应用1的隐私协议族的问题。Based on the descriptions of S30-S32, the hosting service 30 can quickly and accurately generate the privacy protocol of the new version of the application 1 by comparing and analyzing the differences between the new and old versions of the application 1 and combining the privacy protocol suite of the application 1 corresponding to the old version family, which solves the problem that the privacy protocol family of application 1 needs to be updated due to version iteration of application 1.
需要说明的是,在应用主体11确定应用1的安装包为新版本时,除了执行S30-S32和S23-S24生成应用1的隐私协议族之外,本申请也可执行S1-S24生成应用1的隐私协议族,无需应用主体11确定应用1的安装包是否为新版本。由此,应用主体11判断应用1的安装包是否为新版本对应的步骤为可选地。It should be noted that when the application body 11 determines that the installation package of application 1 is a new version, in addition to executing S30-S32 and S23-S24 to generate the privacy protocol suite of application 1, this application can also execute S1-S24 to generate application 1 privacy protocol family, without the need for the application body 11 to determine whether the installation package of the application 1 is a new version. Therefore, the step of determining whether the installation package of the application 1 corresponds to a new version by the application body 11 is optional.
在一个具体的实施例中,结合图6和图7,详细介绍采用图2-图5中的各个软件模块生成应用1的隐私协议族的具体实现方式。为了便于说明,图6和图7中,应用1以XX地图APP为例进行示意。In a specific embodiment, with reference to FIG. 6 and FIG. 7 , a specific implementation manner of generating the privacy protocol suite of application 1 by using each software module in FIG. 2-FIG. 5 is introduced in detail. For the convenience of description, in Fig. 6 and Fig. 7, application 1 is illustrated by taking XX map APP as an example.
在图2-图4所示的软件结构框图的基础上,请参阅图6和图7,图6和图7分别示出了本申请提供的一种应用的隐私协议族生成方法的流程框图。On the basis of the software structure diagrams shown in Fig. 2-Fig. 4, please refer to Fig. 6 and Fig. 7. Fig. 6 and Fig. 7 respectively show a block flow diagram of a method for generating an application privacy protocol suite provided by the present application.
如图6所示,本申请的应用的隐私协议族生成方法可以包括:步骤0-步骤25。As shown in FIG. 6 , the method for generating a privacy protocol suite for the application of the present application may include: Step 0 - Step 25 .
步骤0、研发人员向应用主体11发送XX地图APP的安装包,应用主体11确定XX地图APP的安装包不为新版本,且应用主体11运行XX地图APP的安装包。Step 0. The R&D personnel send the installation package of XX Map APP to the application subject 11. The application subject 11 determines that the installation package of XX Map APP is not a new version, and the application subject 11 runs the installation package of XX Map APP.
步骤1、数据识别模块101可识别到个人数据1包括:国际移动设备识别码(international mobile equipment Identity,IMEI)和位置信息。Step 1, the data identification module 101 can identify that the personal data 1 includes: international mobile equipment identity (international mobile equipment Identity, IMEI) and location information.
步骤2、行为检测模块102可监测到隐私行为1包括:网络上传IMEI和位置信息的敏感行为。Step 2. The behavior detection module 102 can detect that the privacy behavior 1 includes: the sensitive behavior of uploading IMEI and location information on the network.
步骤3、行为检测模块102基于步骤1和步骤2中的个人数据1和隐私行为1,可得 到网络上传IMEI和位置信息的敏感行为使用了IMEI和位置信息的隐私情况。从而,行为检测模块102可向托管服务30推送前述相关信息,使得托管服务30生成“收集上传IMEI和位置信息”的隐私协议信息。Step 3, behavior detection module 102 is based on personal data 1 and privacy behavior 1 in step 1 and step 2, can obtain the sensitive behavior of network uploading IMEI and location information using the privacy situation of IMEI and location information. Therefore, the behavior detection module 102 can push the aforementioned relevant information to the escrow service 30, so that the escrow service 30 generates the privacy agreement information of “collect and upload IMEI and location information”.
步骤4、数据识别模块101可向数据识别桩201传输个人数据1包括:IMEI和位置信息。Step 4, the data identification module 101 can transmit the personal data 1 to the data identification post 201 including: IMEI and location information.
步骤5、数据识别桩201可识别到个人数据2包括:IMEI。Step 5. The data identification post 201 can identify that the personal data 2 includes: IMEI.
步骤6、数据识别桩201可向数据处理桩202传输个人数据2包括:IMEI。Step 6. The data identification stub 201 can transmit personal data to the data processing stub 202. 2 includes: IMEI.
步骤7、数据处理桩202可检测到IMEI t个月后删除。从而,数据处理桩202可确定数据留存情况包括:IMEI的留存时长为t个月。Step 7, data processing pile 202 can be deleted after detecting IMEI t months. Therefore, the data processing stub 202 may determine that the data retention includes: the retention period of the IMEI is t months.
步骤8、数据处理桩202基于步骤7中的数据留存情况,可得到留存行为使用了IMEI的隐私情况。从而,数据处理桩202可向托管服务30推送前述相关信息,使得托管服务30生成“IMEI存储t个月”的隐私协议信息。Step 8. Based on the data retention status in step 7, the data processing stub 202 can obtain the privacy status of using the IMEI in the retention behavior. Therefore, the data processing stub 202 can push the aforementioned relevant information to the escrow service 30, so that the escrow service 30 generates the privacy agreement information of “IMEI storage for t months”.
步骤9、数据识别模块101可向SDK侦测模块103传输个人数据1包括:IMEI和位置信息。Step 9, the data identification module 101 can transmit the personal data 1 to the SDK detection module 103 including: IMEI and location information.
步骤10、SDK侦测模块103可识别到XX地图APP中集成有标识为aaa的SDK,且通过标识为aaa的SDK将IMEI同步披露给YY商场APP。从而,SDK侦测模块103可得到数据披露情况1。Step 10, the SDK detection module 103 can recognize that the SDK marked as aaa is integrated in the XX map APP, and simultaneously disclose the IMEI to the YY mall APP through the SDK marked as aaa. Therefore, the SDK detection module 103 can obtain the data disclosure situation 1 .
步骤11、数据识别桩201可向SDK侦测桩203传输个人数据2包括:IMEI。Step 11, the data identification stub 201 can transmit personal data to the SDK detection stub 203 2 including: IMEI.
步骤12、SDK侦测桩203可识别到XX地图APP中集成有YY商场APP的SDK,且通过YY商场APP的SDK将IMEI同步披露给YY商场APP。从而,SDK侦测桩203可确定数据披露情况2,便可向SDK侦测模块103发送数据披露情况2。Step 12. The SDK detection post 203 can identify that the SDK of the YY mall APP is integrated in the XX map APP, and simultaneously disclose the IMEI to the YY mall APP through the SDK of the YY mall APP. Therefore, the SDK detection stub 203 can determine the data disclosure situation 2, and then send the data disclosure situation 2 to the SDK detection module 103 .
步骤13、SDK侦测模块103基于步骤10和步骤12中的数据披露情况1和数据披露情况2,可确定披露行为使用了个人数据1和个人数据2的隐私情况。从而,SDK侦测模块103可向托管服务30推送前述隐私情况,使得托管服务30生成“向YY商场APP披露IMEI”的隐私协议信息。In step 13, the SDK detection module 103 can determine the privacy situation of personal data 1 and personal data 2 used in the disclosure behavior based on data disclosure situation 1 and data disclosure situation 2 in steps 10 and 12. Therefore, the SDK detection module 103 can push the aforementioned privacy information to the escrow service 30, so that the escrow service 30 generates the privacy agreement information of "disclose the IMEI to the YY mall APP".
步骤14、数据识别模块101可向数据跨境模块104传输个人数据1包括:IMEI和位置信息。Step 14, the data identification module 101 can transmit the personal data 1 to the cross-border data module 104, including: IMEI and location information.
步骤15、数据跨境模块104可识别到数据跨境情况1包括:向m国传输位置信息。Step 15, the data cross-border module 104 can identify that data cross-border situation 1 includes: transmitting location information to country m.
步骤16、数据处理桩202可检测到IMEI未进行数据跨境,得到数据跨境情况2。Step 16. The data processing stub 202 can detect that the IMEI has not cross-border data, and obtain data cross-border situation 2.
步骤17、数据处理桩202可向数据跨境模块104传输数据跨境情况2。Step 17, the data processing stub 202 can transmit data cross-border situation 2 to the data cross-border module 104 .
步骤18、数据跨境模块104基于步骤15和步骤17中的数据跨境情况1和数据跨境情况2,可确定跨境行为使用了个人数据1的隐私情况。从而,数据跨境模块104可向托管服务30推送前述隐私情况,使得托管服务30生成“向m国传输位置信息”的隐私协议信息。Step 18, the data cross-border module 104 can determine the privacy situation of personal data 1 used in cross-border behavior based on the data cross-border situation 1 and data cross-border situation 2 in steps 15 and 17. Therefore, the data cross-border module 104 can push the aforementioned privacy information to the escrow service 30, so that the escrow service 30 generates the privacy agreement information of "transfer location information to country m".
步骤19、托管服务30基于步骤3、步骤8、步骤13和步骤18中的隐私协议信息,可生成XX地图APP的隐私协议族,具体可以包括:1、收集上传IMEI和位置信息;2、IMEI存储t个月;3、向YY商场APP披露IMEI;4、向m国传输位置信息。Step 19, based on the privacy protocol information in step 3, step 8, step 13 and step 18, the hosting service 30 can generate the privacy protocol family of XX Map APP, which can specifically include: 1. Collect and upload IMEI and location information; 2. IMEI Store for t months; 3. Disclose the IMEI to the YY mall APP; 4. Transmit the location information to country m.
从而,托管服务30可应用主体11发送XX地图APP的隐私协议族。Therefore, the hosting service 30 can use the privacy protocol suite of the XX map APP sent by the main body 11 .
步骤20、应用主体11可将XX地图APP的隐私协议族存储在隐私协议SDK105中, 使得XX地图APP在启动后可显示XX地图APP的隐私协议族。Step 20, the application body 11 can store the privacy protocol suite of XX map APP in the privacy protocol SDK 105, so that the privacy protocol suite of XX map APP can be displayed after the XX map APP is started.
步骤21、应用主体11通过隐私协议SDK105,可显示XX地图APP的隐私协议族。Step 21, the application body 11 can display the privacy protocol family of XX map APP through the privacy protocol SDK105.
步骤22、研发人员根据XX地图APP的实际情况,手动更新修正XX地图APP的隐私协议族。从而,应用主体11可向托管服务30传输修正后的XX地图APP的隐私协议族。Step 22. The R&D personnel manually update and correct the privacy protocol family of the XX Map APP according to the actual situation of the XX Map APP. Therefore, the application body 11 can transmit the revised privacy protocol suite of XX Map APP to the hosting service 30 .
在图6所示实施例的基础上,如图7所示,本申请的应用的隐私协议族生成方法可以包括如下步骤:On the basis of the embodiment shown in FIG. 6 , as shown in FIG. 7 , the method for generating a privacy protocol suite applied in this application may include the following steps:
步骤23、研发人员向应用主体11提供XX地图APP的安装包,且XX地图APP的安装包为新版本。Step 23, the research and development personnel provide the installation package of XX Map APP to the application subject 11, and the installation package of XX Map APP is a new version.
步骤24、应用主体11向托管服务30发送XX地图APP的安装包。Step 24, the application body 11 sends the installation package of XX map APP to the hosting service 30 .
步骤25、托管服务30基于XX地图APP的安装包的安装包,可对安装包的新旧版本间的差异进行隐私分析,得到XX地图APP的新旧版本间的差异部分。Step 25. Based on the installation package of the XX map APP, the hosting service 30 can conduct privacy analysis on the difference between the old and new versions of the installation package, and obtain the difference between the old and new versions of the XX map APP.
从而,托管服务30基于差异部分以及旧版本对应的应用1的隐私协议族,可生成新版本对应的应用1的隐私协议族,具体可以包括:1、收集上传IMEI、位置信息和银行卡号;2、IMEI存储t个月,银行卡号存储r个月;3、向YY商场APP披露IMEI;4、向m国传输位置信息。Therefore, the hosting service 30 can generate the privacy protocol suite of the application 1 corresponding to the new version based on the difference part and the privacy protocol suite of the application 1 corresponding to the old version, specifically including: 1. collecting and uploading IMEI, location information and bank card number; 2. , IMEI is stored for t months, and bank card number is stored for r months; 3. Disclose the IMEI to the YY mall APP; 4. Transmit location information to country m.
另外,如图7所示,基于新版本对应的应用1的隐私协议族,可见:In addition, as shown in Figure 7, based on the privacy protocol family of application 1 corresponding to the new version, it can be seen that:
数据识别模块101可识别到个人数据1包括:IMEI、位置信息和银行卡号。The data identification module 101 can identify that the personal data 1 includes: IMEI, location information and bank card number.
行为检测模块102可监测到隐私行为1包括:网络上传IMEI、位置信息和银行卡号的敏感行为。The behavior detection module 102 can detect that the privacy behavior 1 includes: the sensitive behavior of uploading IMEI, location information and bank card number through the network.
数据识别桩201可识别到个人数据2包括:IMEI和银行卡号。The data identification pile 201 can identify that the personal data 2 includes: IMEI and bank card number.
数据处理桩202可检测到IMEI t个月后删除,以及银行卡号r个月后删除。The data processing pile 202 can detect that the IMEI is deleted after t months, and the bank card number is deleted after r months.
需要说明的是,各个软件模块的具体实现过程可参见图6中的描述,此处不做赘述。It should be noted that, the specific implementation process of each software module may refer to the description in FIG. 6 , which will not be repeated here.
基于前述的一些实施例,下面介绍本申请提供的应用的隐私协议族生成方法。Based on the foregoing embodiments, the method for generating a privacy protocol suite for an application provided by this application is introduced below.
示例性地,本申请提供一种应用的隐私协议族生成方法。Exemplarily, the present application provides a method for generating an application privacy protocol suite.
请参阅图8,图8为本申请一实施例提供的一种应用的隐私协议族生成方法的信令交互图。如图8所示,本申请的应用的隐私协议族生成方法可以包括:S101-S108。Please refer to FIG. 8 . FIG. 8 is a signaling interaction diagram of a method for generating an application privacy protocol suite provided by an embodiment of the present application. As shown in FIG. 8 , the method for generating a privacy protocol suite in the application of the present application may include: S101-S108.
S101、客户端设备在运行目标应用后,获取目标应用在客户端设备中的第一个人数据。S101. After running the target application, the client device acquires first personal data of the target application in the client device.
其中,目标应用的具体实现方式可参见前文提及的应用1的描述,客户端设备可参见前文提及的客户端设备0以及客户端设备0中的应用客户端1的描述,第一个人数据可参见前文提及的个人数据1的描述,S101的具体实现方式可参见图5所示的S0中的应用主体11运行应用1的安装包以及S2中的数据识别模块101识别个人数据1的描述,此处不做赘述。Wherein, for the specific implementation of the target application, please refer to the description of the above-mentioned application 1, and for the client device, please refer to the description of the above-mentioned client device 0 and the application client 1 in the client device 0, the first person For the data, please refer to the description of the personal data 1 mentioned above. For the specific implementation of S101, please refer to the installation package of the application body 11 running the application 1 in S0 and the identification of the personal data 1 by the data identification module 101 in S2 shown in FIG. 5 description, and will not be repeated here.
S102、客户端设备在确定第一隐私行为使用了第一个人数据后,向第二服务器发送第一信息,第一信息用于描述第一隐私行为使用了第一个人数据的隐私情况,第一隐私行为包括全部应用在客户端设备中需要使用个人数据的全部行为。S102. After determining that the first privacy behavior uses the first personal data, the client device sends first information to the second server, where the first information is used to describe the privacy situation that the first privacy behavior uses the first personal data, The first privacy behavior includes all behaviors in which all applications need to use personal data in the client device.
其中,第一隐私行为的具体实现方式可参见前文提及的隐私行为1的描述,第二服务器可参见前文提及的托管服务器3的描述,第一隐私行为使用了第一个人数据的隐私情况可参见前文提及的敏感行为、控件操作、披露行为和跨境行为是否使用了个人数据1的隐私情况的描述,第一信息可参见前文提及的敏感行为的标识以及敏感行为所使用个人数据 1的内容和标识、控件操作的标识以及控件操作所使用个人数据1的内容和标识、披露行为的标识以及披露行为所使用个人数据1的内容和标识,以及跨境行为的标识以及跨境行为所使用个人数据1的内容和标识的描述,S102的具体实现方式可参见图5所示的S5、S16、S21中涉及的敏感行为、控件操作、披露行为和跨境行为使用了个人数据1的描述,此处不做赘述。Among them, the specific implementation of the first privacy behavior can refer to the description of the aforementioned privacy behavior 1, and the second server can refer to the description of the aforementioned hosting server 3. The first privacy behavior uses the privacy of the first personal data. For the situation, please refer to the above-mentioned sensitive behavior, control operation, disclosure behavior and the description of the privacy situation of whether personal data is used in cross-border behavior. For the first information, please refer to the aforementioned sensitive behavior identification and sensitive behavior. The content and identification of data1, the identification of control operations and the content and identification of personal data1 used in control operations, the identification of disclosure behaviors and the content and identification of personal data1 used in disclosure activities, and the identification of cross-border behaviors and cross-border For the description of the content and identification of personal data 1 used in the behavior, the specific implementation of S102 can be found in the sensitive behaviors, control operations, disclosure behaviors and cross-border behaviors involved in S5, S16, and S21 shown in Figure 5. Use of personal data 1 description, which will not be repeated here.
S103、客户端设备向第一服务器发送第一个人数据。S103. The client device sends the first personal data to the first server.
其中,第一服务器可参见前文提及的应用服务器2的描述,S103的具体实现方式可参见图5所示的S6中的数据识别模块101向数据识别桩201发送个人数据1的内容和标识的描述,此处不做赘述。For the first server, refer to the description of the application server 2 mentioned above. For the specific implementation of S103, refer to the data identification module 101 in S6 shown in FIG. description, and will not be repeated here.
S104、第一服务器基于第一个人数据,确定目标应用在第一服务器中的第二个人数据。S104. Based on the first personal data, the first server determines the second personal data of the target application in the first server.
其中,第二个人数据可参见前文提及的个人数据2的描述,S104的具体实现方式可参见图5所示的S7中的数据识别桩201确定个人数据2的描述,此处不做赘述。For the second personal data, please refer to the description of personal data 2 mentioned above. For the specific implementation of S104, please refer to the description of determining personal data 2 by the data identification post 201 in S7 shown in FIG. 5 , which will not be repeated here.
S105、第一服务器在确定第二隐私行为使用了第二个人数据后,向第二服务器发送第二信息,第二信息用于描述第二隐私行为使用了第二个人数据的隐私情况,第二隐私行为包括全部应用在第一服务器中需要使用个人数据的全部行为。S105. After determining that the second privacy behavior uses the second personal data, the first server sends second information to the second server. The second information is used to describe the privacy situation that the second privacy behavior uses the second personal data. The second The privacy behavior includes all behaviors that all applications need to use personal data in the first server.
其中,第二隐私行为的具体实现方式可参见前文提及的隐私行为2的描述,第二隐私行为使用了第二个人数据的隐私情况可参见前文提及的权利行为、留存行为、披露行为和跨境行为是否使用了个人数据2对应的各种隐私情况的描述,第二信息可参见前文提及的权利行为的标识以及权利行为所使用个人数据2的内容和标识、留存行为的标识以及留存行为所使用个人数据2的内容和标识、披露行为的标识以及披露行为所使用个人数据2的内容和标识,以及跨境行为的标识以及跨境行为所使用个人数据2的内容和标识的描述,S105的具体实现方式可参见图5所示的S10、S16、S21中涉及的权利行为、留存行为、披露行为和跨境行为使用了个人数据2的描述,此处不做赘述。Among them, the specific implementation of the second privacy behavior can refer to the description of the privacy behavior 2 mentioned above, and the privacy situation of the second privacy behavior using the second personal data can refer to the rights behavior, retention behavior, disclosure behavior and Whether the cross-border behavior uses personal data 2 corresponds to a description of various privacy situations. For the second information, please refer to the identification of the right behavior mentioned above, the content and identification of the personal data 2 used in the right behavior, the identification of the retention behavior, and the retention The content and identification of the personal data2 used in the conduct, the identification of the disclosure and the content and identification of the personal data2 used in the disclosure, as well as the identification of the cross-border conduct and the description of the content and identification of the personal data2 used in the cross-border conduct, For the specific implementation of S105, please refer to the description of the use of personal data 2 in S10, S16, and S21 shown in FIG. 5, which involves rights behaviors, retention behaviors, disclosure behaviors, and cross-border behaviors, and will not be repeated here.
S106、第二服务器基于第一信息和第二信息,生成目标隐私协议族。S106. The second server generates a target privacy protocol suite based on the first information and the second information.
其中,目标隐私协议族可参见前文提及的应用1的隐私协议族的描述,S106的具体实现方式可参见图5所示的S22中的托管服务30生成应用1的隐私协议族的描述,此处不做赘述。Wherein, the target privacy protocol suite can refer to the description of the privacy protocol suite of application 1 mentioned above, and the specific implementation of S106 can refer to the description of the privacy protocol suite of application 1 generated by the custody service 30 in S22 shown in FIG. 5 . I won't go into details here.
S107、第二服务器向客户端设备发送目标协议族。S107. The second server sends the target protocol suite to the client device.
其中,S107的具体实现方式可参见图5所示的S23的描述,此处不做赘述。Wherein, for the specific implementation manner of S107, reference may be made to the description of S23 shown in FIG. 5 , which will not be repeated here.
S108、客户端设备将目标隐私协议族存储到目标应用的安装包中,以使目标应用在启动后可向用户展示目标隐私协议族。S108. The client device stores the target privacy protocol suite in the installation package of the target application, so that the target application can display the target privacy protocol suite to the user after being started.
其中,S108的具体实现方式可参见图5所示的S24的描述,此处不做赘述。Wherein, the specific implementation manner of S108 may refer to the description of S24 shown in FIG. 5 , which will not be repeated here.
相比于图1所示的相关技术,本申请的应用的隐私协议族生成方法可自动化地生成目标隐私协议族,无需专业人员撰写目标隐私协议族,无需关联应用的开发阶段,无需绑定应用的版本发布上线,且生成目标隐私协议族的时间短、投入成本低且准确性高。Compared with the related technology shown in Figure 1, the privacy protocol family generation method applied in this application can automatically generate the target privacy protocol family, without the need for professionals to write the target privacy protocol family, without the development stage of associated applications, without the need to bind applications The version is released online, and the time to generate the target privacy protocol family is short, the investment cost is low, and the accuracy is high.
本申请提供的应用的隐私协议族生成方法,通过客户端设备、第一服务器以及第二服务器之间的相互配合,客户端设备和第一服务器采用如数据流量分析、数据留存监测、SDK侦测和数据跨境检测等方式,可捕捉到全部隐私行为在目标应用的运行过程中使用了个人数据的隐私情况,客户端设备和第一服务器将前述隐私情况对应的信息传输给第二服务器, 使得第二服务器基于前述信息表征的用户在目标应用中的隐私权益,可准确且快速地生成目标隐私协议族。从而,实现了目标隐私协议族的自动化生成,避开了关联应用的开发阶段和绑定应用的开发上线阶段的繁琐过程,缩短了生成目标隐私协议族的时间成本,降低了生成目标隐私协议族的投入成本,提升了生成目标隐私协议族的准确性。The application privacy protocol family generation method provided by this application, through the mutual cooperation between the client device, the first server and the second server, the client device and the first server adopt data flow analysis, data retention monitoring, SDK detection, etc. and data cross-border detection, etc., can capture the privacy situation of all privacy behaviors using personal data during the operation of the target application, and the client device and the first server transmit the information corresponding to the aforementioned privacy situation to the second server, so that The second server can accurately and quickly generate the target privacy protocol suite based on the user's privacy rights in the target application represented by the aforementioned information. Thus, the automatic generation of the target privacy protocol family is realized, avoiding the cumbersome process of the development phase of the associated application and the development and launch phase of the bound application, shortening the time cost of generating the target privacy protocol family, and reducing the cost of generating the target privacy protocol family. The input cost improves the accuracy of generating the target privacy protocol family.
基于上述实施例的描述,第二服务器具有分析应用进行版本迭代时新旧版本间的隐私差异性的能力。从而,本申请还可采用版本差异性比对的方式,对目标应用进行业务实现的全量流程中进行隐私行为的分析,可快速且准确地生成新版本对应的目标隐私协议族,解决了由于频繁的版本迭代而导致目标应用的版本发布缓慢和目标隐私协议族准确差的痛点。Based on the description of the above embodiments, the second server has the ability to analyze the privacy difference between the old and new versions of the application when it is iterating. Therefore, this application can also use the method of version difference comparison to analyze the privacy behavior of the target application in the full process of business implementation, and can quickly and accurately generate the target privacy protocol family corresponding to the new version, which solves the problem of frequent The version iteration of the target application leads to slow release of the version of the target application and poor accuracy of the target privacy protocol suite.
请参阅图9,图9为本申请一实施例提供的一种应用的隐私协议族生成方法的信令交互图。如图9所示,本申请的应用的隐私协议族生成方法可以包括:S201-S208。Please refer to FIG. 9 . FIG. 9 is a signaling interaction diagram of a method for generating an application privacy protocol suite provided by an embodiment of the present application. As shown in FIG. 9 , the method for generating a privacy protocol suite in the application of the present application may include: S201-S208.
S201、客户端设备接收目标应用的安装包。S201. The client device receives the installation package of the target application.
其中,S201的具体实现方式可参见图5所示的S0中的研发人员向应用主体11提供应用1的安装包的描述,此处不做赘述。Wherein, the specific implementation of S201 may refer to the description of the R&D personnel in S0 providing the installation package of the application 1 to the application subject 11 shown in FIG. 5 , which will not be repeated here.
S202、客户端设备判断目标应用的安装包是否为新版本。S202. The client device determines whether the installation package of the target application is a new version.
在确定目标应用的安装包不为新版本时,客户端设备可执行S203;在确定目标应用的安装包为新版本时,客户端设备可执行S204。When it is determined that the installation package of the target application is not a new version, the client device may perform S203; when it is determined that the installation package of the target application is a new version, the client device may perform S204.
其中,S202的具体实现方式可参见图5所示的S0中的应用主体11判断应用1的安装包是否为新版本的描述,此处不做赘述。Wherein, the specific implementation of S202 can refer to the description of the application body 11 in S0 shown in FIG. 5 judging whether the installation package of the application 1 is a new version, and will not be repeated here.
S203、客户端设备运行目标应用的安装包。在S203执行后,本申请可继续执行图8中的S101-S108(图9中未对S101-S108进行示意)。S203. The client device runs the installation package of the target application. After S203 is executed, the present application may continue to execute S101-S108 in FIG. 8 (S101-S108 are not shown in FIG. 9).
其中,S203的具体实现方式可参见图5所示的S0中的应用主体11运行应用1的安装包的描述,此处不做赘述。Wherein, the specific implementation of S203 may refer to the description of the installation package of the application 1 run by the application body 11 in S0 shown in FIG. 5 , which will not be repeated here.
S204、客户端设备向第二服务器发送目标应用的安装包。S204. The client device sends the installation package of the target application to the second server.
其中,S204的具体实现方式可参见图5所示的S30的描述,此处不做赘述。Wherein, the specific implementation manner of S204 may refer to the description of S30 shown in FIG. 5 , which will not be repeated here.
S205、第二服务器基于目标应用的安装包,确定新旧版本间的差异部分。S205. The second server determines a difference between the old and new versions based on the installation package of the target application.
其中,S205的具体实现方式可参见图5所示的S31的描述,此处不做赘述。Wherein, the specific implementation manner of S205 may refer to the description of S31 shown in FIG. 5 , which will not be repeated here.
S206、第二服务器基于差异部分,对旧版本对应的目标隐私协议族进行更新,得到新版本的目标隐私协议族。S206. Based on the difference part, the second server updates the target privacy protocol suite corresponding to the old version to obtain a new version of the target privacy protocol suite.
其中,S206的具体实现方式可参见图5所示的S32的描述,此处不做赘述。Wherein, the specific implementation manner of S206 may refer to the description of S32 shown in FIG. 5 , which will not be repeated here.
S207、第二服务器向客户端设备发送新版本对应的目标隐私协议族。S207. The second server sends the target privacy protocol suite corresponding to the new version to the client device.
其中,S207的具体实现方式可参见图5所示的S23的描述,此处不做赘述。Wherein, for the specific implementation manner of S207, reference may be made to the description of S23 shown in FIG. 5 , which will not be repeated here.
S208、客户端设备将目标应用的安装包中的旧版本对应的目标隐私协议族更新为新版本对应的目标隐私协议族,以使客户端设备在目标应用启动后显示新版本对应的目标隐私协议族。S208. The client device updates the target privacy protocol family corresponding to the old version in the installation package of the target application to the target privacy protocol family corresponding to the new version, so that the client device displays the target privacy protocol family corresponding to the new version after the target application is started. family.
其中,S208的具体实现方式可参见图5所示的S24的描述,此处不做赘述。Wherein, for the specific implementation manner of S208, reference may be made to the description of S24 shown in FIG. 5 , which will not be repeated here.
基于上述实施例的描述,生成的目标隐私协议族无需专业人员进行撰写,本申请还可向研发人员提供二次确认和手动修正目标隐私协议族的渠道,有利于提升目标隐私协议族的准确性,还使得生成目标隐私协议族可以兼顾自动撰写和手动修正两种方式。Based on the description of the above embodiments, the generated target privacy protocol family does not need to be written by professionals, and this application can also provide developers with channels for secondary confirmation and manual correction of the target privacy protocol family, which is conducive to improving the accuracy of the target privacy protocol family , which also enables the generation of the target privacy protocol family to take into account both automatic writing and manual correction.
请参阅图10,图10为本申请一实施例提供的一种应用的隐私协议族生成方法的信令交互图。如图10所示,本申请的应用的隐私协议族生成方法可以包括:S301-S305。Please refer to FIG. 10 . FIG. 10 is a signaling interaction diagram of a method for generating an application privacy protocol suite provided by an embodiment of the present application. As shown in FIG. 10 , the method for generating a privacy protocol suite in the application of the present application may include: S301-S305.
S301、客户端设备显示目标隐私协议族的全部内容。S301. The client device displays all content of the target privacy protocol suite.
其中,S301的具体实现方式可参见图5所示的S25的描述,此处不做赘述。Wherein, the specific implementation manner of S301 may refer to the description of S25 shown in FIG. 5 , which will not be repeated here.
S302、客户端设备接收目标隐私协议族的修正内容。S302. The client device receives the modification content of the target privacy protocol suite.
其中,修正内容的具体实现方式可参见前文提及的应用1的隐私协议族的修正内容的描述,S302的具体实现方式可参见图5所示的S26的描述,此处不做赘述。For the specific implementation of the amendment content, please refer to the above-mentioned description of the amendment content of the privacy protocol family of application 1. For the specific implementation of S302, please refer to the description of S26 shown in FIG. 5 , which will not be repeated here.
S303、客户端设备基于修正内容,对目标应用的安装包中的目标隐私协议族进行更新,得到修正后的目标隐私协议族,以使目标应用在启动后可向用户展示修正后的目标隐私协议族。S303. The client device updates the target privacy protocol family in the installation package of the target application based on the correction content, and obtains the revised target privacy protocol family, so that the target application can display the revised target privacy protocol family to the user after it is started. family.
其中,修正后的目标隐私协议族的具体实现方式可参见前文提及的修正后的应用1的隐私协议族的描述,S303的具体实现方式可参见图5所示的S27的描述,此处不做赘述。For the specific implementation of the revised target privacy protocol family, please refer to the description of the privacy protocol family of the revised application 1 mentioned above. For the specific implementation of S303, please refer to the description of S27 shown in FIG. Do repeat.
S304、客户端设备向第二服务器发送修正后的目标隐私协议族。S304. The client device sends the revised target privacy protocol suite to the second server.
其中,S304的具体实现方式可参见图5所示的S28的描述,此处不做赘述。Wherein, the specific implementation manner of S304 may refer to the description of S28 shown in FIG. 5 , which will not be repeated here.
S305、第二服务器将目标隐私协议族更新为修正后的目标隐私协议族。S305. The second server updates the target privacy protocol suite to the revised target privacy protocol suite.
其中,S305的具体实现方式可参见图5所示的S29的描述,此处不做赘述。Wherein, the specific implementation manner of S305 may refer to the description of S29 shown in FIG. 5 , which will not be repeated here.
S102中,由于目标应用在客户端设备中的隐私行为具有较多种类。因此,客户端设备基于第一隐私行为中的每种隐私行为,确定出与每种隐私行为分别对应的第一信息。In S102, since there are many types of privacy behaviors of the target application in the client device. Therefore, the client device determines first information respectively corresponding to each privacy behavior based on each privacy behavior in the first privacy behavior.
在一些实施例中,在第一隐私行为包括:敏感行为和控件操作时,客户端设备可判断敏感行为和控件操作是否使用了第一个人数据。In some embodiments, when the first privacy behavior includes: sensitive behavior and control operation, the client device may determine whether the first personal data is used in the sensitive behavior and control operation.
客户端设备在确定敏感行为使用了第一个人数据后,可确定第一信息中包括敏感行为的标识以及敏感行为所使用的第一个人数据的内容和标识,并向第二服务器发送敏感行为的标识以及敏感行为所使用的第一个人数据的内容和标识。After the client device determines that the sensitive behavior uses the first personal data, it can determine that the first information includes the identification of the sensitive behavior and the content and identification of the first personal data used by the sensitive behavior, and sends the sensitive behavior to the second server. The identification of the behavior and the content and identification of the first personal data used by the sensitive behavior.
和/或,客户端设备在确定控件操作使用了第一个人数据后,可确定第一信息中包括控件操作的标识以及控件操作所使用的第一个人数据的内容和标识,并向第二服务器发送控件操作的标识以及控件操作所使用的第一个人数据的内容和标识。And/or, after the client device determines that the control operation uses the first personal data, it can determine that the first information includes the identification of the control operation and the content and identification of the first personal data used by the control operation, and send a report to the second The second server sends the identification of the control operation and the content and identification of the first personal data used by the control operation.
其中,上述过程的具体实现方式可参见图5所示的S4-S5的描述,此处不做赘述。Wherein, for the specific implementation manner of the above process, refer to the description of S4-S5 shown in FIG. 5 , which will not be repeated here.
在一些实施例中,在第一隐私行为包括:披露行为时,客户端设备基于第一个人数据的内容和标识,可确定目标应用在客户端设备中的数据披露情况。客户端设备基于目标应用在客户端设备中的数据披露情况,可判断披露行为是否使用了第一个人数据。In some embodiments, when the first privacy behavior includes: a disclosure behavior, the client device may determine the data disclosure situation of the target application in the client device based on the content and identification of the first personal data. Based on the data disclosure situation of the target application in the client device, the client device can determine whether the disclosure behavior uses the first personal data.
从而,客户端设备在确定披露行为使用了第一个人数据后,可确定第一信息中包括披露行为的标识以及披露行为所使用的第一个人数据的内容和标识,并向第二服务器发送披露行为的标识以及披露行为所使用的第一个人数据的内容和标识。Therefore, after the client device determines that the first personal data is used in the disclosure, it can determine that the first information includes the identification of the disclosure and the content and identification of the first personal data used in the disclosure, and send the information to the second server Send the identification of the disclosure and the content and identification of the first personal data used for the disclosure.
其中,上述过程的具体实现方式可参见图5所示的S11-S16中的披露行为使用了个人数据1的描述,此处不做赘述。Wherein, the specific implementation of the above process can refer to the description of using personal data 1 in the disclosure behavior in S11-S16 shown in FIG. 5 , which will not be repeated here.
在一些实施例中,在第一隐私行为包括:跨境行为时,客户端设备基于第一个人数据的内容和标识,可确定目标应用在客户端设备中的数据跨境情况。客户端设备基于目标应用在客户端设备中的数据跨境情况,可判断跨境行为是否使用了第一个人数据。In some embodiments, when the first privacy behavior includes: cross-border behavior, the client device can determine the data cross-border situation of the target application in the client device based on the content and identification of the first personal data. The client device can determine whether the first personal data is used in the cross-border behavior based on the cross-border data of the target application in the client device.
从而,客户端设备在确定跨境行为使用了第一个人数据后,可确定第一信息中包括跨 境行为的标识以及跨境行为所使用的第一个人数据的内容和标识,并向第二服务器发送跨境行为的标识以及跨境行为所使用的第一个人数据的内容和标识。Therefore, after the client device determines that the first personal data is used in the cross-border behavior, it can determine that the first information includes the identification of the cross-border behavior and the content and identification of the first personal data used in the cross-border behavior, and send The second server sends the identifier of the cross-border behavior and the content and identifier of the first personal data used in the cross-border behavior.
其中,上述过程的具体实现方式可参见图5所示的S17-S21中的跨境行为使用了个人数据1的描述,此处不做赘述。Wherein, the specific implementation of the above process can refer to the description of the use of personal data 1 in the cross-border behavior in S17-S21 shown in Figure 5, and will not be repeated here.
S105中,由于目标应用在第一服务器中的隐私行为具有较多种类。因此,客户端设备基于第二隐私行为中的每种隐私行为,确定出与每种隐私行为分别对应的第二信息。In S105, since there are many kinds of privacy behaviors of the target application in the first server. Therefore, based on each privacy behavior in the second privacy behavior, the client device determines the second information corresponding to each privacy behavior.
在一些实施例中,在第二隐私行为包括:权利行为和留存行为时,第一服务器基于第二个人数据的内容和标识,可确定目标应用在第一服务器中的数据留存情况。第一服务器基于数据留存情况,可判断权利行为和留存行为是否使用了第二个人数据。In some embodiments, when the second privacy behavior includes: rights behavior and retention behavior, the first server may determine the data retention status of the target application in the first server based on the content and identification of the second personal data. Based on the data retention status, the first server can determine whether the second personal data is used in the right action and retention action.
从而,第一服务器在确定权利行为使用了第二个人数据后,可确定第二信息中包括权利行为的标识以及权利行为所使用的第二个人数据的内容和标识,并向第二服务器发送权利行为的标识以及权利行为所使用的第二个人数据的内容和标识。Therefore, after the first server determines that the right action uses the second personal data, it can determine that the second information includes the identification of the right action and the content and identification of the second personal data used by the right action, and sends the right action to the second server. Identification of the action and the content and identification of the second personal data used by the right action.
和/或,第一服务器在确定留存行为使用了第二个人数据后,可确定第二信息中包括留存行为的标识以及留存行为所使用的第二个人数据的内容和标识,并向第二服务器发送留存行为的标识以及留存行为所使用的第二个人数据的内容和标识。And/or, after the first server determines that the second personal data is used in the retention behavior, it can determine that the second information includes the identification of the retention behavior and the content and identification of the second personal data used in the retention behavior, and report to the second server Send the identification of the retention behavior and the content and identification of the second personal data used by the retention behavior.
其中,上述过程的具体实现方式可参见图5所示的S6-S10的描述,此处不做赘述。Wherein, for the specific implementation manner of the above process, refer to the description of S6-S10 shown in FIG. 5 , which will not be repeated here.
在一些实施例中,在第二隐私行为包括:披露行为时,第一服务器基于第二个人数据的内容和标识,可确定目标应用在第一服务器中的数据披露情况。第一服务器基于目标应用在第一服务器中的数据披露情况,可判断披露行为是否使用了第二个人数据。In some embodiments, when the second privacy behavior includes: a disclosure behavior, the first server may determine the data disclosure situation of the target application in the first server based on the content and identification of the second personal data. Based on the data disclosure situation of the target application in the first server, the first server may determine whether the disclosure behavior uses the second personal data.
从而,第一服务器在确定披露行为使用了第二个人数据后,可确定第二信息中包括披露行为的标识以及披露行为所使用的第二个人数据的内容和标识,并向第二服务器发送披露行为的标识以及披露行为所使用的第二个人数据的内容和标识。Therefore, after the first server determines that the second personal data is used in the disclosure, it can determine that the second information includes the identification of the disclosure and the content and identification of the second personal data used in the disclosure, and send the disclosure to the second server. Identification of the act and the content and identification of the second personal data used by the disclosure act.
或者,第一服务器通过客户端设备,可向第二服务器发送披露行为的标识以及披露行为所使用的第二个人数据的内容和标识。Alternatively, the first server may send the identification of the disclosure behavior and the content and identification of the second personal data used in the disclosure behavior to the second server through the client device.
其中,上述过程的具体实现方式可参见图5所示的S11-S16中的披露行为使用了个人数据2的描述,此处不做赘述。Wherein, for the specific implementation of the above process, please refer to the description of using personal data 2 in S11-S16 shown in FIG. 5 , which will not be repeated here.
在一些实施例中,在第二隐私行为包括:跨境行为时,第一服务器基于第二个人数据的内容和标识,可确定目标应用在第一服务器中的数据跨境情况。第一服务器基于目标应用在第一服务器中的数据跨境情况,可判断跨境行为是否使用了第二个人数据。In some embodiments, when the second privacy behavior includes: cross-border behavior, the first server can determine the data cross-border situation of the target application in the first server based on the content and identification of the second personal data. The first server can determine whether the second personal data is used in the cross-border behavior based on the data cross-border status of the target application in the first server.
从而,第一服务器在确定跨境行为使用了第二个人数据后,可确定第二信息中包括跨境行为的标识以及跨境行为所使用的第二个人数据的内容和标识,并向第二服务器发送跨境行为的标识以及跨境行为所使用的第二个人数据的内容和标识。Therefore, after the first server determines that the second personal data is used in the cross-border behavior, it can determine that the second information includes the identification of the cross-border behavior and the content and identification of the second personal data used in the cross-border behavior, and send a report to the second The server sends the identifier of the cross-border behavior and the content and identifier of the second personal data used in the cross-border behavior.
或者,第一服务器通过客户端设备,可向第二服务器发送跨境行为的标识以及跨境行为所使用的第二个人数据的内容和标识。Alternatively, the first server may send the identifier of the cross-border behavior and the content and identifier of the second personal data used by the cross-border behavior to the second server through the client device.
其中,上述过程的具体实现方式可参见图5所示的S17-S21中的跨境行为使用了个人数据2的描述,此处不做赘述。Wherein, the specific implementation of the above process can refer to the description of the use of personal data 2 in the cross-border behavior in S17-S21 shown in Figure 5, and will not be repeated here.
基于上述实施例的描述,目标隐私协议族可采用多种方式向用户进行展示。Based on the description of the above embodiments, the target privacy protocol suite can be displayed to users in various ways.
在一些实施例中,电子设备在接收到第一操作后,可启动目标应用,并显示目标应用的第一用户界面,第一用户界面中包括目标隐私协议族的全部内容。In some embodiments, after receiving the first operation, the electronic device may start the target application and display a first user interface of the target application, where the first user interface includes all content of the target privacy protocol suite.
其中,第一操作可包括但不限于:点击、双击或者长按等操作。本申请对第一用户界面的如大小、形状、颜色或位置等参数不做限定。Wherein, the first operation may include but not limited to: operations such as clicking, double-clicking, or long-pressing. The present application does not limit parameters such as size, shape, color or position of the first user interface.
例如,在接收到用户在目标应用的图标上执行如点击的第一操作后,电子设备可采用弹窗的形式,将第一用户界面悬浮显示在目标应用的主页面上。从而,使得用户能够及时浏览到用户在目标应用中的隐私权益。For example, after receiving the user's first operation such as clicking on the icon of the target application, the electronic device may display the first user interface on the main page of the target application in the form of a pop-up window. Therefore, the user can browse the privacy rights and interests of the user in the target application in a timely manner.
在另一些实施例中,电子设备在接收到第二操作后,可显示目标应用的第二用户界面,第二用户界面中包括目标隐私协议族的可调整内容。从而,使得用户能够根据自身意愿去调整用户在目标应用中的隐私权益。In some other embodiments, after receiving the second operation, the electronic device may display a second user interface of the target application, where the second user interface includes adjustable content of the target privacy protocol suite. Therefore, the user can adjust the user's privacy rights in the target application according to his own wishes.
其中,第二操作可包括但不限于:点击、双击或者长按等操作。本申请对第二用户界面的如大小、形状、颜色或位置等参数不做限定。Wherein, the second operation may include but not limited to: operations such as clicking, double-clicking, or long-pressing. The present application does not limit parameters such as size, shape, color or position of the second user interface.
例如,在接收到用户在目标应用的主页面上的一个控件上执行的如点击的第二操作后,电子设备从显示目标应用的主页面切换至第二用户界面,且电子设备可采用选项/开关按钮的方式,在第二用户界面中显示目标隐私协议族的可调整内容。For example, after receiving a second operation, such as clicking, performed by the user on a control on the main page of the target application, the electronic device switches from displaying the main page of the target application to the second user interface, and the electronic device may adopt the option/ In the manner of a switch button, the adjustable content of the target privacy protocol family is displayed in the second user interface.
需要说明的是,上述提及的电子设备可为前文提及的客户端设备0,也可为其他的终端设备,本申请对此不做限定。It should be noted that the electronic device mentioned above may be the client device 0 mentioned above, or other terminal devices, which is not limited in this application.
示例性地,本申请提供一种客户端设备,包括:存储器和处理器;存储器用于存储程序指令;处理器用于调用存储器中的程序指令使得客户端设备执行前文实施例中的应用的隐私协议族生成方法。Exemplarily, the present application provides a client device, including: a memory and a processor; the memory is used to store program instructions; and the processor is used to call the program instructions in the memory so that the client device executes the privacy protocol of the application in the foregoing embodiments family generation method.
示例性地,本申请提供一种服务器,包括:存储器和处理器;存储器用于存储程序指令;处理器用于调用存储器中的程序指令使得服务器执行前文实施例中的应用的隐私协议族生成方法。Exemplarily, the present application provides a server, including: a memory and a processor; the memory is used to store program instructions; and the processor is used to call the program instructions in the memory to make the server execute the privacy protocol suite generation method of the application in the foregoing embodiments.
示例性地,本申请提供一种芯片系统,芯片系统应用于包括存储器、显示屏和传感器的电子设备;芯片系统包括:处理器;当处理器执行存储器中存储的计算机指令时,客户端设备或服务器执行前文实施例中的应用的隐私协议族生成方法。Exemplarily, the present application provides a chip system, which is applied to an electronic device including a memory, a display screen, and a sensor; the chip system includes: a processor; when the processor executes the computer instructions stored in the memory, the client device or The server executes the method for generating a privacy protocol suite applied in the foregoing embodiments.
示例性地,本申请提供一种计算机可读存储介质,其上存储有计算机程序,计算机程序被处理器使得客户端设备或服务器执行时实现前文实施例中的应用的隐私协议族生成方法。Exemplarily, the present application provides a computer-readable storage medium on which a computer program is stored, and the computer program is executed by a processor to enable a client device or a server to implement the method for generating a privacy protocol suite applied in the foregoing embodiments.
示例性地,本申请提供一种计算机程序产品,包括:执行指令,执行指令存储在可读存储介质中,客户端设备或服务器的至少一个处理器可以从可读存储介质读取执行指令,至少一个处理器执行执行指令使得客户端设备或服务器实现前文实施例中的应用的隐私协议族生成方法。Exemplarily, the present application provides a computer program product, including: execution instructions, the execution instructions are stored in a readable storage medium, at least one processor of the client device or server can read the execution instructions from the readable storage medium, at least A processor executes the execution instruction so that the client device or the server implements the method for generating a privacy protocol suite applied in the foregoing embodiments.
在上述实施例中,全部或部分功能可以通过软件、硬件、或者软件加硬件的组合来实现。当使用软件实现时,可以全部或部分地以计算机程序产品的形式实现。所述计算机程序产品包括一个或多个计算机指令。在计算机上加载和执行所述计算机程序指令时,全部或部分地产生按照本申请所述的流程或功能。所述计算机可以是通用计算机、专用计算机、计算机网络、或者其他可编程装置。所述计算机指令可以存储在计算机可读存储介质中。所述计算机可读存储介质可以是计算机能够存取的任何可用介质或者是包含一个或多个可用介质集成的服务器、数据中心等数据存储设备。所述可用介质可以是磁性介质,(例如,软盘、硬盘、磁带)、光介质(例如,DVD(、或者半导体介质(例如,固态硬盘(solid  state disk,SSD))等。In the above embodiments, all or part of the functions may be implemented by software, hardware, or a combination of software and hardware. When implemented using software, it may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When the computer program instructions are loaded and executed on the computer, the processes or functions according to the present application will be generated in whole or in part. The computer can be a general purpose computer, a special purpose computer, a computer network, or other programmable devices. The computer instructions may be stored on a computer readable storage medium. The computer-readable storage medium may be any available medium that can be accessed by a computer, or a data storage device such as a server or a data center integrated with one or more available media. The available medium may be a magnetic medium (for example, a floppy disk, a hard disk, a magnetic tape), an optical medium (for example, a DVD (, or a semiconductor medium (for example, a solid state disk, SSD)) and the like.
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,该流程可以由计算机程序来指令相关的硬件完成,该程序可存储于计算机可读取存储介质中,该程序在执行时,可包括如上述各方法实施例的流程。而前述的存储介质包括:ROM或随机存储记忆体RAM、磁碟或者光盘等各种可存储程序代码的介质。Those of ordinary skill in the art can understand that all or part of the processes in the methods of the above embodiments are realized. The processes can be completed by computer programs to instruct related hardware. The programs can be stored in computer-readable storage media. When the programs are executed , may include the processes of the foregoing method embodiments. The aforementioned storage medium includes: ROM or random access memory RAM, magnetic disk or optical disk, and other various media that can store program codes.

Claims (27)

  1. 一种应用的隐私协议族生成方法,其特征在于,应用于客户端设备;所述方法包括:A method for generating an applied privacy protocol suite, characterized in that it is applied to a client device; the method includes:
    所述客户端设备在运行目标应用后,获取所述目标应用在所述客户端设备中的第一个人数据;After the client device runs the target application, acquiring the first personal data of the target application in the client device;
    所述客户端设备在确定第一隐私行为使用了所述第一个人数据后,向第二服务器发送第一信息,所述第一信息用于描述所述第一隐私行为使用了所述第一个人数据的隐私情况,所述第一隐私行为包括全部应用在所述客户端设备中需要使用个人数据的全部行为;After the client device determines that the first privacy behavior uses the first personal data, it sends first information to the second server, where the first information is used to describe that the first privacy behavior uses the first personal data. The privacy situation of a personal data, the first privacy behavior includes all behaviors that all applications need to use personal data in the client device;
    所述客户端设备向第一服务器发送所述第一个人数据,以使所述第一服务器基于所述第一个人数据确定所述目标应用在所述第一服务器中的第二个人数据,并在确定第二隐私行为使用了所述第二个人数据后,向所述第二服务器发送第二信息,所述第二信息用于描述所述第二隐私行为使用了所述第二个人数据的隐私情况,所述第二隐私行为包括全部应用在所述第一服务器中需要使用个人数据的全部行为;The client device sends the first personal data to a first server, so that the first server determines second personal data of the target application in the first server based on the first personal data , and after determining that the second privacy behavior uses the second personal data, send second information to the second server, the second information is used to describe that the second privacy behavior uses the second personal data Data privacy situation, the second privacy behavior includes all behaviors that all applications need to use personal data in the first server;
    所述客户端设备从所述第二服务器接收目标隐私协议族,所述目标隐私协议族是所述第二服务器基于所述第一信息和所述第二信息生成的;The client device receives a target privacy protocol suite from the second server, the target privacy protocol suite is generated by the second server based on the first information and the second information;
    所述客户端设备将所述目标隐私协议族存储到所述目标应用的安装包中,以使所述目标应用在启动后可向用户展示所述目标隐私协议族。The client device stores the target privacy protocol suite into the installation package of the target application, so that the target application can display the target privacy protocol suite to the user after being started.
  2. 根据权利要求1所述的方法,其特征在于,所述客户端设备运行目标应用,包括:The method according to claim 1, wherein the client device running the target application comprises:
    所述客户端设备接收所述目标应用的安装包;The client device receives the installation package of the target application;
    所述客户端设备在确定所述目标应用的安装包不为新版本时,运行所述目标应用的安装包。When the client device determines that the installation package of the target application is not a new version, it runs the installation package of the target application.
  3. 根据权利要求2所述的方法,其特征在于,所述方法还包括:The method according to claim 2, further comprising:
    所述客户端设备在确定所述目标应用的安装包为新版本时,向所述第二服务器发送所述目标应用的安装包;When the client device determines that the installation package of the target application is a new version, sending the installation package of the target application to the second server;
    所述客户端设备从所述第二服务器接收新版本对应的所述目标隐私协议族,新版本对应的所述目标隐私协议族是所述第二服务器基于所述目标应用的安装包,确定新旧版本间的差异部分,并基于所述差异部分,对旧版本对应的所述目标隐私协议族进行更新得到的;The client device receives the target privacy protocol suite corresponding to the new version from the second server, and the target privacy protocol suite corresponding to the new version is determined by the second server based on the installation package of the target application. The differences between versions are obtained by updating the target privacy protocol suite corresponding to the old version based on the differences;
    所述客户端设备将所述目标应用的安装包中的旧版本对应的所述目标隐私协议族更新为新版本对应的所述目标隐私协议族,以使所述客户端设备在所述目标应用启动后显示新版本对应的所述目标隐私协议族。The client device updates the target privacy protocol suite corresponding to the old version in the installation package of the target application to the target privacy protocol suite corresponding to the new version, so that the client device After startup, the target privacy protocol family corresponding to the new version is displayed.
  4. 根据权利要求1-3任一项所述的方法,其特征在于,所述方法还包括:The method according to any one of claims 1-3, wherein the method further comprises:
    所述客户端设备显示所述目标隐私协议族的全部内容;The client device displays all content of the target privacy protocol suite;
    所述客户端设备接收所述目标隐私协议族的修正内容;The client device receives the revised content of the target privacy protocol suite;
    所述客户端设备基于所述修正内容,对所述目标应用的安装包中的所述目标隐私协议族进行更新,得到修正后的所述目标隐私协议族,以使所述目标应用在启动后可向用户展示修正后的所述目标隐私协议族;The client device updates the target privacy protocol suite in the installation package of the target application based on the correction content, and obtains the revised target privacy protocol suite, so that the target application The modified target privacy protocol family can be displayed to the user;
    所述客户端设备向所述第二服务器发送修正后的所述目标隐私协议族,以使所述第二服务器将所述目标隐私协议族更新为修正后的所述目标隐私协议族。The client device sends the revised target privacy protocol suite to the second server, so that the second server updates the target privacy protocol suite to the revised target privacy protocol suite.
  5. 根据权利要求1-4任一项所述的方法,其特征在于,在所述第一隐私行为包括:敏感行为和控件操作时,所述客户端设备在确定第一隐私行为使用了所述第一个人数据后,向第二服务器发送第一信息,包括:The method according to any one of claims 1-4, wherein when the first privacy behavior includes: sensitive behavior and control operation, the client device uses the first privacy behavior when determining the first privacy behavior After one personal data, send the first information to the second server, including:
    所述客户端设备在确定所述敏感行为使用了所述第一个人数据后,确定所述第一信息中包括所述敏感行为的标识以及所述敏感行为所使用的所述第一个人数据的内容和标识,并向所述第二服务器发送所述敏感行为的标识以及所述敏感行为所使用的所述第一个人数据的内容和标识;After determining that the sensitive behavior uses the first personal data, the client device determines that the first information includes the identification of the sensitive behavior and the first personal data used by the sensitive behavior the content and identification of the data, and send the identification of the sensitive behavior and the content and identification of the first personal data used by the sensitive behavior to the second server;
    和/或,所述客户端设备在确定所述控件操作使用了所述第一个人数据后,确定所述第一信息中包括所述控件操作的标识以及所述控件操作所使用的所述第一个人数据的内容和标识,并向所述第二服务器发送所述控件操作的标识以及所述控件操作所使用的所述第一个人数据的内容和标识。And/or, after determining that the control operation uses the first personal data, the client device determines that the first information includes the identifier of the control operation and the The content and identification of the first personal data, and sending the identification of the control operation and the content and identification of the first personal data used by the control operation to the second server.
  6. 根据权利要求1-5任一项所述的方法,其特征在于,在所述第一隐私行为包括:披露行为时,所述客户端设备在确定第一隐私行为使用了所述第一个人数据后,向第二服务器发送第一信息,包括:The method according to any one of claims 1-5, wherein when the first privacy behavior includes: a disclosure behavior, when the client device determines that the first privacy behavior uses the first person After the data, send the first information to the second server, including:
    所述客户端设备基于所述第一个人数据的内容和标识,确定所述目标应用在所述客户端设备中的数据披露情况;The client device determines the data disclosure situation of the target application in the client device based on the content and identification of the first personal data;
    所述客户端设备在基于所述目标应用在所述客户端设备中的数据披露情况确定所述披露行为使用了所述第一个人数据后,确定所述第一信息中包括所述披露行为的标识以及所述披露行为所使用的所述第一个人数据的内容和标识;After the client device determines that the first personal data is used in the disclosure behavior based on the data disclosure situation of the target application in the client device, determine that the disclosure behavior is included in the first information and the content and identification of the first personal data used in the disclosure;
    所述客户端设备向所述第二服务器发送所述披露行为的标识以及所述披露行为所使用的所述第一个人数据的内容和标识。The client device sends the identification of the disclosure act and the content and identification of the first personal data used in the disclosure action to the second server.
  7. 根据权利要求1-6任一项所述的方法,其特征在于,在所述第一隐私行为包括:跨境行为时,所述客户端设备在确定第一隐私行为使用了所述第一个人数据后,向第二服务器发送第一信息,包括:The method according to any one of claims 1-6, wherein when the first privacy behavior includes: cross-border behavior, the client device uses the first After personal data, send the first information to the second server, including:
    所述客户端设备基于所述第一个人数据的内容和标识,确定所述目标应用在所述客户端设备中的数据跨境情况;The client device determines the data cross-border situation of the target application in the client device based on the content and identification of the first personal data;
    所述客户端设备在基于所述目标应用在所述客户端设备中的数据跨境情况确定所述跨境行为使用了所述第一个人数据后,确定所述第一信息中包括所述跨境行为的标识以及所述跨境行为所使用的所述第一个人数据的内容和标识;After the client device determines that the cross-border behavior uses the first personal data based on the cross-border data of the target application in the client device, it determines that the first information includes the The identification of the cross-border behavior and the content and identification of the first personal data used by the cross-border behavior;
    所述客户端设备向所述第二服务器发送所述跨境行为的标识以及所述跨境行为所使用的所述第一个人数据的内容和标识。The client device sends the identifier of the cross-border behavior and the content and identifier of the first personal data used by the cross-border behavior to the second server.
  8. 根据权利要求1-7任一项所述的方法,其特征在于,在所述第二隐私行为包括:权利行为和留存行为时,所述第二信息中包括:所述权利行为的标识以及所述权利行为所使用的所述第二个人数据的内容和标识,和/或,所述留存行为的标识以及所述留存行为所使用的所述第二个人数据的内容和标识;The method according to any one of claims 1-7, wherein when the second privacy behavior includes: rights behavior and retention behavior, the second information includes: the identification of the rights behavior and the The content and identification of the second personal data used in the above-mentioned right behavior, and/or, the identification of the retention behavior and the content and identification of the second personal data used in the retention behavior;
    其中,所述权利行为的标识以及所述权利行为所使用的所述第二个人数据的内容和标识是所述第一服务器在基于所述目标应用在所述第一服务器中的数据留存情况确定所述权利行为使用了所述第二个人数据后发送的,所述留存行为的标识以及所述留存行为所使用的所述第二个人数据的内容和标识是所述第一服务器在基于所述目标应用在所述第一服务器中的数据留存情况确定所述留存行为使用了所述第二个人数据后发送的,所述目标应用在所述第一服务器中的数据留存情况是所述第一服务器基于所述第二个人数据的内容和标识确定的。Wherein, the identification of the right action and the content and identification of the second personal data used by the right action are determined by the first server based on the data retention status of the target application in the first server The second personal data is sent after the right act uses the second personal data. The identification of the retention behavior and the content and identification of the second personal data used in the retention behavior are based on the first server’s The data retention status of the target application in the first server is sent after determining that the retention behavior uses the second personal data, and the data retention status of the target application in the first server is the first determined by the server based on the content and identification of the second personal data.
  9. 根据权利要求1-8任一项所述的方法,其特征在于,在所述第二隐私行为包括:披露行为时,所述方法还包括:The method according to any one of claims 1-8, wherein when the second privacy behavior includes: a disclosure behavior, the method further includes:
    所述客户端设备从所述第一服务器接收所述第二信息中包括的所述披露行为的标识以及所述披露行为所使用的所述第二个人数据的内容和标识,所述披露行为的标识以及所述披露行为所使用的所述第二个人数据的内容和标识是所述第一服务器在基于所述目标应用在所述第一服务器中的数据披露情况确定所述披露行为使用了所述第二个人数据后发送的,所述目标应用在所述第一服务器中的数据披露情况是所述第一服务器基于所述第二个人数据的内容和标识确定的;The client device receives from the first server the identifier of the disclosure act included in the second information and the content and identifier of the second personal data used by the disclosure act, and the disclosure behavior The identity and the content and identity of the second personal data used in the disclosure behavior are determined by the first server based on the data disclosure situation of the target application in the first server. The data disclosure of the target application in the first server is determined by the first server based on the content and identification of the second personal data;
    所述客户端设备向所述第二服务器发送所述披露行为的标识以及所述披露行为所使用的所述第二个人数据的内容和标识。The client device sends the identification of the disclosure act and the content and identification of the second personal data used in the disclosure action to the second server.
  10. 根据权利要求1-9任一项所述的方法,其特征在于,在所述第二隐私行为包括:跨境行为时,所述方法还包括:The method according to any one of claims 1-9, wherein when the second privacy behavior includes: cross-border behavior, the method further includes:
    所述客户端设备从所述第一服务器接收所述第二信息中包括的所述跨境行为的标识以及所述跨境行为所使用的所述第二个人数据的内容和标识,所述跨境行为的标识以及所述跨境行为所使用的所述第二个人数据的内容和标识是所述第一服务器在基于所述目标应用在所述第一服务器中的数据跨境情况确定所述跨境行为使用了所述第二个人数据后发送的,所述目标应用在所述第一服务器中的数据跨境情况是所述第一服务器基于所述第二个人数据的内容和标识确定的;The client device receives from the first server the identifier of the cross-border behavior included in the second information and the content and identifier of the second personal data used by the cross-border behavior, the cross-border behavior The identity of the cross-border behavior and the content and identity of the second personal data used by the cross-border behavior are determined by the first server based on the cross-border data of the target application in the first server. The cross-border behavior is sent after using the second personal data, and the data cross-border situation of the target application in the first server is determined by the first server based on the content and identification of the second personal data ;
    所述客户端设备向所述第二服务器发送所述跨境行为的标识以及所述跨境行为所使用的所述第二个人数据的内容和标识。The client device sends the identifier of the cross-border behavior and the content and identifier of the second personal data used by the cross-border behavior to the second server.
  11. 一种应用的隐私协议族生成方法,其特征在于,应用于第一服务器;所述方法包括:A method for generating an applied privacy protocol suite, characterized in that it is applied to a first server; the method includes:
    所述第一服务器从客户端设备接收目标应用在所述客户端设备中的第一个人数据,所述第一个人数据是所述客户端设备在运行所述目标应用后获取到的;The first server receives first personal data of a target application in the client device from the client device, the first personal data is obtained by the client device after running the target application;
    所述第一服务器基于所述第一个人数据,确定所述目标应用在所述第一服务器中的第二个人数据;The first server determines second personal data of the target application in the first server based on the first personal data;
    所述第一服务器在确定第二隐私行为使用了所述第二个人数据后,向第二服务器发送第二信息,所述第二信息用于描述所述第二隐私行为使用了所述第二个人数据的隐私情况,所述第二隐私行为包括全部应用在所述第一服务器中需要使用个人数据的全部行为,以使所述第二服务器基于第一信息和所述第二信息生成目标隐私协议族,并向所述客户端设备发送所述目标隐私协议族,所述目标隐私协议族用于所述客户端设备存储到所述目标应用 的安装包中,以使所述目标应用在启动后可向用户展示所述目标隐私协议族,所述第一信息是所述客户端设备在确定第一隐私行为使用了所述第一个人数据后发送给所述第二服务器的,所述第一信息用于描述第一隐私行为使用了所述第一个人数据的隐私情况,所述第一隐私行为包括全部应用在所述客户端设备中需要使用个人数据的全部行为。After the first server determines that the second privacy behavior uses the second personal data, it sends second information to the second server, and the second information is used to describe that the second privacy behavior uses the second personal data. The privacy situation of personal data, the second privacy behavior includes all the behaviors that all applications need to use personal data in the first server, so that the second server generates a target privacy policy based on the first information and the second information Protocol family, and send the target privacy protocol family to the client device, the target privacy protocol family is used for the client device to store in the installation package of the target application, so that the target application is started Afterwards, the target privacy protocol suite may be displayed to the user, the first information is sent to the second server by the client device after determining that the first privacy behavior uses the first personal data, and the The first information is used to describe a privacy situation in which the first privacy behavior uses the first personal data, and the first privacy behavior includes all behaviors of all applications that need to use the personal data in the client device.
  12. 根据权利要求11所述的方法,其特征在于,在所述第二隐私行为包括:权利行为和留存行为时,所述第一服务器在确定第二隐私行为使用了所述第二个人数据后,向第二服务器发送第二信息,包括:The method according to claim 11, wherein when the second privacy behavior includes: rights behavior and retention behavior, after the first server determines that the second privacy behavior uses the second personal data, Send the second information to the second server, including:
    所述第一服务器基于所述第二个人数据的内容和标识,确定所述目标应用在所述第一服务器中的数据留存情况;The first server determines the data retention status of the target application in the first server based on the content and identification of the second personal data;
    所述第一服务器在基于所述数据留存情况确定所述权利行为使用了所述第二个人数据后,确定所述第二信息中包括所述权利行为的标识以及所述权利行为所使用的所述第二个人数据的内容和标识,并向所述第二服务器发送所述权利行为的标识以及所述权利行为所使用的所述第二个人数据的内容和标识;After the first server determines that the right behavior uses the second personal data based on the data retention status, it determines that the second information includes the identifier of the right behavior and all the information used by the right behavior. the content and identification of the second personal data, and send the identification of the right action and the content and identification of the second personal data used by the right action to the second server;
    和/或,所述第一服务器在基于所述数据留存情况确定所述留存行为使用了所述第二个人数据后,确定所述第二信息中包括所述留存行为的标识以及所述留存行为所使用的所述第二个人数据的内容和标识,并向所述第二服务器发送所述留存行为的标识以及所述留存行为所使用的所述第二个人数据的内容和标识。And/or, after the first server determines that the retained behavior uses the second personal data based on the data retention situation, it determines that the second information includes the identifier of the retained behavior and the retention behavior The content and identification of the second personal data used, and sending the identification of the retention behavior and the content and identification of the second personal data used in the retention behavior to the second server.
  13. 根据权利要求11或12所述的方法,其特征在于,在所述第二隐私行为包括:披露行为时,所述第一服务器在确定第二隐私行为使用了所述第二个人数据后,向第二服务器发送第二信息,包括:The method according to claim 11 or 12, wherein when the second privacy behavior includes: disclosure behavior, after the first server determines that the second privacy behavior uses the second personal data, it sends The second server sends second information, including:
    所述第一服务器基于所述第二个人数据的内容和标识,确定所述目标应用在所述第一服务器中的数据披露情况;The first server determines the data disclosure situation of the target application in the first server based on the content and identification of the second personal data;
    所述第一服务器在基于所述目标应用在所述第一服务器中的数据披露情况确定所述披露行为使用了所述第二个人数据后,确定所述第二信息中包括所述披露行为的标识以及所述披露行为所使用的所述第二个人数据的内容和标识;After the first server determines that the second personal data is used in the disclosure behavior based on the data disclosure situation of the target application in the first server, it determines that the second information includes information about the disclosure behavior. identification and the content and identification of said second personal data used by said disclosure;
    所述第一服务器向所述第二服务器发送所述披露行为的标识以及所述披露行为所使用的所述第二个人数据的内容和标识;The first server sends the identification of the disclosure act and the content and identification of the second personal data used in the disclosure act to the second server;
    或者,所述第一服务器通过所述客户端设备,向所述第二服务器发送所述披露行为的标识以及所述披露行为所使用的所述第二个人数据的内容和标识。Alternatively, the first server sends the identification of the disclosure act and the content and identification of the second personal data used in the disclosure action to the second server through the client device.
  14. 根据权利要求11-13任一项所述的方法,其特征在于,在所述第二隐私行为包括:跨境行为时,所述第一服务器在确定第二隐私行为使用了所述第二个人数据后,向第二服务器发送第二信息,包括:The method according to any one of claims 11-13, wherein when the second privacy behavior includes: cross-border behavior, the first server uses the second personal information when determining the second privacy behavior After receiving the data, send the second information to the second server, including:
    所述第一服务器基于所述第二个人数据的内容和标识,确定所述目标应用在所述第一服务器中的数据跨境情况;The first server determines the data cross-border situation of the target application in the first server based on the content and identification of the second personal data;
    所述第一服务器在基于所述目标应用在所述第一服务器中的数据跨境情况确定所述跨境行为使用了所述第二个人数据后,确定所述第二信息中包括所述跨境行为的标识以及所述跨境行为所使用的所述第二个人数据的内容和标识;After the first server determines that the cross-border behavior uses the second personal data based on the cross-border data of the target application in the first server, it determines that the second information includes the cross-border The identification of the cross-border behavior and the content and identification of the second personal data used by the cross-border behavior;
    所述第一服务器向所述第二服务器发送所述跨境行为的标识以及所述跨境行为所使 用的所述第二个人数据的内容和标识;The first server sends the identification of the cross-border behavior and the content and identification of the second personal data used by the cross-border behavior to the second server;
    或者,所述第一服务器通过所述客户端设备,向所述第二服务器发送所述跨境行为的标识以及所述跨境行为所使用的所述第二个人数据的内容和标识。Alternatively, the first server sends the identifier of the cross-border behavior and the content and identifier of the second personal data used by the cross-border behavior to the second server through the client device.
  15. 一种应用的隐私协议族生成方法,其特征在于,应用于第二服务器;所述方法包括:A method for generating an applied privacy protocol suite, characterized in that it is applied to a second server; the method includes:
    所述第二服务器从客户端设备接收第一信息,所述第一信息是所述客户端设备在确定第一隐私行为使用了第一个人数据后发送的,所述第一信息用于描述所述第一隐私行为使用了目标应用在所述客户端设备中的第一个人数据的隐私情况,所述第一隐私行为包括全部应用在所述客户端设备中需要使用个人数据的全部行为,所述第一个人数据是所述客户端设备在运行目标应用后获取到的;The second server receives first information from the client device, the first information is sent by the client device after determining that the first privacy behavior uses the first personal data, and the first information is used to describe The first privacy behavior uses the privacy situation of the first personal data of the target application in the client device, and the first privacy behavior includes all behaviors that all applications need to use personal data in the client device , the first personal data is obtained by the client device after running the target application;
    所述第二服务器从第一服务器接收第二信息,所述第二信息是所述第一服务器在确定第二隐私行为使用了所述目标应用在所述第一服务器中的第二个人数据后发送的,所述第二信息用于描述所述第二隐私行为使用了所述第二个人数据的隐私情况,所述第二隐私行为包括全部应用在所述第一服务器中需要使用个人数据的全部行为,所述第二个人数据是所述第一服务器基于所述第一个人数据确定的;The second server receives second information from the first server, and the second information is after the first server determines that the second privacy behavior uses the second personal data of the target application in the first server sent, the second information is used to describe the privacy of the second privacy behavior using the second personal data, and the second privacy behavior includes all applications that need to use personal data in the first server All acts, the second personal data is determined by the first server based on the first personal data;
    所述第二服务器基于所述第一信息和第二信息,生成目标隐私协议族;The second server generates a target privacy protocol family based on the first information and the second information;
    所述第二服务器向所述客户端设备发送所述目标协议族,所述目标隐私协议族用于所述客户端设备存储到所述目标应用的安装包中,以使所述目标应用在启动后可向用户展示所述目标协议族。The second server sends the target protocol suite to the client device, the target privacy protocol suite is used for the client device to store in the installation package of the target application, so that the target application Afterwards, the target protocol family can be displayed to the user.
  16. 根据权利要求15所述的方法,其特征在于,所述方法还包括:The method according to claim 15, further comprising:
    所述第二服务器从所述客户端设备接收所述目标应用的安装包,所述目标应用的安装包是所述客户端设备在确定所述目标应用的安装包为新版本时发送的;The second server receives the installation package of the target application from the client device, and the installation package of the target application is sent by the client device when determining that the installation package of the target application is a new version;
    所述第二服务器基于所述目标应用的安装包,确定新旧版本间的差异部分;The second server determines the difference between the old and new versions based on the installation package of the target application;
    所述第二服务器基于所述差异部分,对旧版本对应的所述目标隐私协议族进行更新,得到新版本的所述目标隐私协议族;The second server updates the target privacy protocol suite corresponding to the old version based on the difference part to obtain a new version of the target privacy protocol suite;
    所述第二服务器向所述客户端设备发送新版本对应的所述目标隐私协议族,新版本对应的所述目标隐私协议族用于所述客户端设备将所述目标应用的安装包中的旧版本对应的所述目标隐私协议族更新为新版本对应的所述目标隐私协议族,以使所述目标应用在启动后可向用户展示新版本对应的所述目标隐私协议族。The second server sends the target privacy protocol suite corresponding to the new version to the client device, and the target privacy protocol suite corresponding to the new version is used by the client device to install the The target privacy protocol suite corresponding to the old version is updated to the target privacy protocol suite corresponding to the new version, so that the target application can display the target privacy protocol suite corresponding to the new version to the user after being started.
  17. 根据权利要求15或16所述的方法,其特征在于,所述方法还包括:The method according to claim 15 or 16, wherein the method further comprises:
    所述第二服务器从所述客户端设备接收修正后的所述目标隐私协议族,修正后的所述目标隐私协议族是所述客户端设备基于接收到的所述目标隐私协议族的修正内容,对所述目标应用的安装包中的所述目标隐私协议族进行更新得到的,所述修正内容是所述客户端设备在显示所述目标隐私协议族的全部内容后接收到的;The second server receives the revised target privacy protocol family from the client device, and the revised target privacy protocol family is the modified content of the client device based on the received target privacy protocol family , obtained by updating the target privacy protocol suite in the installation package of the target application, where the revised content is received by the client device after displaying all content of the target privacy protocol suite;
    所述第二服务器将所述目标隐私协议族更新为修正后的所述目标隐私协议族。The second server updates the target privacy protocol suite to the revised target privacy protocol suite.
  18. 根据权利要求15-17任一项所述的方法,其特征在于,在所述第一隐私行为包括: 敏感行为和控件操作时,所述第二服务器从客户端设备接收第一信息,包括:The method according to any one of claims 15-17, wherein when the first privacy behavior includes: sensitive behavior and control operation, the second server receives first information from the client device, including:
    所述第二服务器从所述客户端设备接收所述第一信息中包括的所述敏感行为的标识以及所述敏感行为所使用的所述第一个人数据的内容和标识,所述敏感行为的标识以及所述敏感行为所使用的所述第一个人数据的内容和标识是所述客户端设备在确定所述敏感行为使用了所述第一个人数据后发送的;The second server receives from the client device the identification of the sensitive behavior included in the first information and the content and identification of the first personal data used by the sensitive behavior, and the sensitive behavior and the content and identification of the first personal data used by the sensitive behavior are sent by the client device after determining that the sensitive behavior uses the first personal data;
    和/或,所述第二服务器从所述客户端设备接收所述第一信息中包括的所述控件操作的标识以及所述控件操作所使用的所述第一个人数据的内容和标识,所述控件操作的标识以及所述控件操作所使用的所述第一个人数据的内容和标识是所述客户端设备在确定所述控件操作使用了所述第一个人数据后发送的。And/or, the second server receives from the client device the identifier of the control operation included in the first information and the content and identifier of the first personal data used by the control operation, The identification of the control operation and the content and identification of the first personal data used in the control operation are sent by the client device after determining that the control operation uses the first personal data.
  19. 根据权利要求15-18任一项所述的方法,其特征在于,在所述第一隐私行为包括:披露行为时,所述第二服务器从客户端设备接收第一信息,包括:The method according to any one of claims 15-18, wherein when the first privacy behavior includes: a disclosure behavior, the second server receives first information from the client device, including:
    所述第二服务器从所述客户端设备接收所述第一信息中包括的所述披露行为的标识以及所述披露行为所使用的所述第一个人数据的内容和标识,所述披露行为的标识以及所述披露行为所使用的所述第一个人数据的内容和标识是所述客户端设备在基于所述目标应用在所述客户端设备中的数据披露情况确定所述披露行为使用了所述第一个人数据后发送的,所述目标应用在所述客户端设备中的数据披露情况是所述客户端设备基于所述第一个人数据的内容和标识确定的。The second server receives from the client device the identification of the disclosure behavior included in the first information and the content and identification of the first personal data used by the disclosure behavior, and the disclosure behavior The identity of the identity and the content and identity of the first personal data used in the disclosure behavior are determined by the client device based on the data disclosure situation of the target application in the client device. The data disclosure situation of the target application in the client device is determined by the client device based on the content and identification of the first personal data.
  20. 根据权利要求15-19任一项所述的方法,其特征在于,在所述第一隐私行为包括:跨境行为时,所述第二服务器从客户端设备接收第一信息,包括:The method according to any one of claims 15-19, wherein when the first privacy behavior includes: a cross-border behavior, the second server receives the first information from the client device, including:
    所述第二服务器从所述客户端设备接收所述第一信息中包括的所述跨境行为的标识以及所述跨境行为所使用的所述第一个人数据的内容和标识,所述跨境行为的标识以及所述跨境行为所使用的所述第一个人数据的内容和标识是所述客户端设备在基于所述目标应用在所述客户端设备中的数据跨境情况确定所述跨境行为使用了所述第一个人数据后发送的,所述目标应用在所述客户端设备中的数据跨境情况是所述客户端设备基于所述第一个人数据的内容和标识确定的。The second server receives from the client device the identifier of the cross-border behavior included in the first information and the content and identifier of the first personal data used by the cross-border behavior, the The identity of the cross-border behavior and the content and identity of the first personal data used by the cross-border behavior are determined by the client device based on the cross-border data of the target application in the client device The cross-border behavior is sent after using the first personal data, and the cross-border situation of the data of the target application in the client device is the content of the client device based on the first personal data and identified.
  21. 根据权利要求15-20任一项所述的方法,其特征在于,在所述第二隐私行为包括:权利行为和留存行为时,所述第二服务器从第一服务器接收第二信息,包括:The method according to any one of claims 15-20, wherein when the second privacy behavior includes: rights behavior and retention behavior, the second server receives second information from the first server, including:
    所述第二服务器从所述第一服务器接收所述第二信息中包括的所述权利行为的标识以及所述权利行为所使用的所述第二个人数据的内容和标识,所述权利行为的标识以及所述权利行为所使用的所述第二个人数据的内容和标识是所述第一服务器在基于所述数据留存情况确定所述权利行为使用了所述第二个人数据后发送的;The second server receives from the first server the identification of the right action included in the second information and the content and identification of the second personal data used by the right action, and the right action The identification and the content and identification of the second personal data used by the right action are sent by the first server after determining that the right action uses the second personal data based on the data retention situation;
    和/或,所述第二服务器从所述第一服务器接收所述第二信息中包括的所述留存行为的标识以及所述留存行为所使用的所述第二个人数据的内容和标识,所述留存行为的标识以及所述留存行为所使用的所述第二个人数据的内容和标识是所述第一服务器在基于所述数据留存情况确定所述留存行为使用了所述第二个人数据后发送的;And/or, the second server receives from the first server the identification of the retention behavior included in the second information and the content and identification of the second personal data used by the retention behavior, The identification of the retention behavior and the content and identification of the second personal data used in the retention behavior are after the first server determines that the retention behavior uses the second personal data based on the data retention situation sent;
    其中,所述目标应用在所述第一服务器中的数据留存情况是所述第一服务器基于所述 第二个人数据的内容和标识确定的。Wherein, the data retention status of the target application in the first server is determined by the first server based on the content and identification of the second personal data.
  22. 根据权利要求15-21任一项所述的方法,其特征在于,在所述第二隐私行为包括:披露行为时,所述第二服务器从第一服务器接收第二信息,包括:The method according to any one of claims 15-21, wherein when the second privacy behavior includes: a disclosure behavior, the second server receives second information from the first server, including:
    所述第二服务器从所述第一服务器接收所述第二信息中包括的所述披露行为的标识以及所述披露行为所使用的所述第二个人数据的内容和标识;The second server receives from the first server the identifier of the disclosure act included in the second information and the content and identifier of the second personal data used by the disclosure act;
    或者,所述第二服务器通过所述客户端设备,从所述第一服务器接收所述第二信息中包括的所述披露行为的标识以及所述披露行为所使用的所述第二个人数据的内容和标识;Alternatively, the second server receives from the first server, through the client device, the identifier of the disclosure act included in the second information and the identity of the second personal data used in the disclosure act content and logos;
    其中,所述披露行为的标识以及所述披露行为所使用的所述第二个人数据的内容和标识是所述第一服务器在基于所述目标应用在所述第一服务器中的数据披露情况确定所述披露行为使用了所述第二个人数据后发送的,所述目标应用在所述第一服务器中的数据披露情况是所述第一服务器基于所述第二个人数据的内容和标识确定的。Wherein, the identification of the disclosure behavior and the content and identification of the second personal data used in the disclosure behavior are determined by the first server based on the data disclosure situation of the target application in the first server The disclosure behavior is sent after using the second personal data, and the data disclosure situation of the target application in the first server is determined by the first server based on the content and identification of the second personal data .
  23. 根据权利要求15-22任一项所述的方法,其特征在于,在所述第二隐私行为包括:跨境行为时,所述第二服务器从第一服务器接收第二信息,包括:The method according to any one of claims 15-22, wherein when the second privacy behavior includes: cross-border behavior, the second server receives second information from the first server, including:
    所述第二服务器从所述第一服务器接收所述第二信息中包括的所述跨境行为的标识以及所述跨境行为所使用的所述第二个人数据的内容和标识;The second server receives from the first server the identification of the cross-border behavior included in the second information and the content and identification of the second personal data used by the cross-border behavior;
    或者,所述第二服务器通过所述客户端设备,从所述第一服务器接收所述第二信息中包括的所述跨境行为的标识以及所述跨境行为所使用的所述第二个人数据的内容和标识;Alternatively, the second server receives from the first server the identifier of the cross-border behavior included in the second information and the second person used in the cross-border behavior from the first server through the client device. the content and identification of the data;
    其中,所述跨境行为的标识以及所述跨境行为所使用的所述第二个人数据的内容和标识是所述第一服务器在基于所述目标应用在所述第一服务器中的数据跨境情况确定所述跨境行为使用了所述第二个人数据后发送的,所述目标应用在所述第一服务器中的数据跨境情况是所述第一服务器基于所述第二个人数据的内容和标识确定的。Wherein, the identification of the cross-border behavior and the content and identification of the second personal data used by the cross-border behavior are the data cross-border data of the first server based on the target application in the first server. It is determined that the cross-border behavior uses the second personal data, and the cross-border data of the target application in the first server is based on the second personal data by the first server Content and logo are determined.
  24. 一种客户端设备,其特征在于,包括:存储器和处理器;A client device, characterized by comprising: a memory and a processor;
    所述存储器用于存储程序指令;The memory is used to store program instructions;
    所述处理器用于调用所述存储器中的程序指令使得所述客户端设备执行权利要求1-10任一项所述的应用的隐私协议族生成方法。The processor is configured to invoke program instructions in the memory to enable the client device to execute the method for generating a privacy protocol suite for an application according to any one of claims 1-10.
  25. 一种服务器,其特征在于,包括:存储器和处理器;A server, characterized in that it includes: a memory and a processor;
    所述存储器用于存储程序指令;The memory is used to store program instructions;
    所述处理器用于调用所述存储器中的程序指令使得所述服务器执行权利要求11-14任一项和/或15-23任一项所述的应用的隐私协议族生成方法。The processor is configured to call the program instructions in the memory so that the server executes the method for generating a privacy protocol suite for an application according to any one of claims 11-14 and/or any one of claims 15-23.
  26. 一种计算机可读存储介质,其特征在于,包括计算机指令,当所述计算机指令在客户端设备上运行时,使得所述客户端设备执行如权利要求1-10任一项所述的应用的隐私协议族生成方法,或者,当所述计算机指令在服务器上运行时,使得所述服务器执行如权利要求11-14任一项和/或15-23任一项所述的应用的隐私协议族生成方法。A computer-readable storage medium, characterized in that it includes computer instructions, and when the computer instructions are run on the client device, the client device is executed as described in any one of claims 1-10. A method for generating a privacy protocol suite, or, when the computer instructions run on the server, the server executes the privacy protocol suite for the application according to any one of claims 11-14 and/or any one of 15-23 generate method.
  27. 一种计算机程序产品,其特征在于,当所述计算机程序产品在计算机上运行时,使得所述计算机执行如权利要求1-10任一项所述的应用的隐私协议族生成方法,或者,使得所述计算机执行如权利要求11-14和/或15-23任一项所述的应用的隐私协议族生成方法。A computer program product, characterized in that, when the computer program product is run on a computer, the computer is made to execute the method for generating a privacy protocol suite according to any one of claims 1-10, or, to make The computer executes the method for generating a privacy protocol suite for an application according to any one of claims 11-14 and/or 15-23.
PCT/CN2022/114005 2021-10-20 2022-08-22 Method for generating privacy protocol family of application, and client device and server WO2023065806A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202111223312.5 2021-10-20
CN202111223312.5A CN115994379A (en) 2021-10-20 2021-10-20 Privacy protocol family generation method of application, client device and server

Publications (1)

Publication Number Publication Date
WO2023065806A1 true WO2023065806A1 (en) 2023-04-27

Family

ID=85993032

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/114005 WO2023065806A1 (en) 2021-10-20 2022-08-22 Method for generating privacy protocol family of application, and client device and server

Country Status (2)

Country Link
CN (1) CN115994379A (en)
WO (1) WO2023065806A1 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160142445A1 (en) * 2013-01-23 2016-05-19 The Privacy Factor, LLC Methods and devices for analyzing user privacy based on a user's online presence
CN111898154A (en) * 2020-06-16 2020-11-06 北京大学 Negotiation type mobile application private data sharing protocol signing method
CN112153035A (en) * 2020-09-18 2020-12-29 支付宝(杭州)信息技术有限公司 Privacy-protecting user protocol processing method and device
CN113254923A (en) * 2021-06-25 2021-08-13 南京网眼信息技术有限公司 Method and system for generating privacy policy text according to APK (android package)
CN113282955A (en) * 2021-06-01 2021-08-20 上海交通大学 Method, system, terminal and medium for extracting privacy information in privacy policy
CN113435173A (en) * 2021-05-28 2021-09-24 荣耀终端有限公司 Text generation method, related device and system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160142445A1 (en) * 2013-01-23 2016-05-19 The Privacy Factor, LLC Methods and devices for analyzing user privacy based on a user's online presence
CN111898154A (en) * 2020-06-16 2020-11-06 北京大学 Negotiation type mobile application private data sharing protocol signing method
CN112153035A (en) * 2020-09-18 2020-12-29 支付宝(杭州)信息技术有限公司 Privacy-protecting user protocol processing method and device
CN113435173A (en) * 2021-05-28 2021-09-24 荣耀终端有限公司 Text generation method, related device and system
CN113282955A (en) * 2021-06-01 2021-08-20 上海交通大学 Method, system, terminal and medium for extracting privacy information in privacy policy
CN113254923A (en) * 2021-06-25 2021-08-13 南京网眼信息技术有限公司 Method and system for generating privacy policy text according to APK (android package)

Also Published As

Publication number Publication date
CN115994379A (en) 2023-04-21

Similar Documents

Publication Publication Date Title
US8977294B2 (en) Securely locating a device
US10146560B2 (en) Method and apparatus for automatic processing of service requests on an electronic device
CN109918055B (en) Application program generation method and device
WO2015043512A1 (en) Picture management method and device
CA3096104C (en) Roaming of note-taking application features
CN111124567B (en) Operation recording method and device for target application
US10372512B2 (en) Method and apparatus for automatic processing of service requests on an electronic device
WO2022134160A1 (en) Tamperproof evidence obtaining method, system and apparatus, storage medium, and electronic device
US7917654B2 (en) Exchanging data via a virtual field device
CN103685515A (en) Method and system for downloading application
US10511955B2 (en) Information processing apparatus, communication system and control method of information processing apparatus
CN107945552A (en) Become method, apparatus and the storage medium that the lamp time is prompted to signal lamp
WO2023065806A1 (en) Method for generating privacy protocol family of application, and client device and server
CN108965991B (en) Program ordering state verification method and system, terminal device and storage medium
US7237197B2 (en) Method and system for presenting a video stream of a video streaming device
CN111142752A (en) Method, system and medium for displaying life style based on picture and vehicle-mounted terminal
US10169216B2 (en) Simulating sensors
EP4117271A1 (en) Image capturing program
CN104053132A (en) Method and apparatus for information number identification
CN114428737A (en) Communication method, device, equipment and storage medium based on micro service system
US10244196B2 (en) Display control apparatus and display control method
CN109522187B (en) Method and device for quickly extracting state information
EP3159801A1 (en) Shared experience information construction system
US20200110899A1 (en) Screen capturing and masking system and method
CN110675519A (en) Attendance checking method, device, equipment, system and computer storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22882425

Country of ref document: EP

Kind code of ref document: A1