{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T20:03:39Z","timestamp":1776110619364,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":50,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,12,7]],"date-time":"2020-12-07T00:00:00Z","timestamp":1607299200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100004801","name":"National Science Foundation","doi-asserted-by":"publisher","award":["2031002, 1846291, 1642143"],"award-info":[{"award-number":["2031002, 1846291, 1642143"]}],"id":[{"id":"10.13039\/501100004801","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,12,7]]},"DOI":"10.1145\/3427228.3427250","type":"proceedings-article","created":{"date-parts":[[2020,12,9]],"date-time":"2020-12-09T22:20:18Z","timestamp":1607552418000},"page":"856-869","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":61,"title":["Measuring the Effectiveness of Privacy Policies for Voice Assistant Applications"],"prefix":"10.1145","author":[{"given":"Song","family":"Liao","sequence":"first","affiliation":[{"name":"Clemson University"}]},{"given":"Christin","family":"Wilson","sequence":"additional","affiliation":[{"name":"Clemson University"}]},{"given":"Long","family":"Cheng","sequence":"additional","affiliation":[{"name":"Clemson University"}]},{"given":"Hongxin","family":"Hu","sequence":"additional","affiliation":[{"name":"Clemson University, United States of America"}]},{"given":"Huixing","family":"Deng","sequence":"additional","affiliation":[{"name":"Clemson University"}]}],"member":"320","published-online":{"date-parts":[[2020,12,8]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2020. Alexa Skills Policy Testing. https:\/\/developer.amazon.com\/fr\/docs\/custom-skills\/policy-testing-for-an-alexa-skill.html. (2020).  2020. Alexa Skills Policy Testing. https:\/\/developer.amazon.com\/fr\/docs\/custom-skills\/policy-testing-for-an-alexa-skill.html. (2020)."},{"key":"e_1_3_2_1_2_1","unstructured":"2020. Alexa Skills Security Requirements. https:\/\/developer.amazon.com\/fr\/docs\/custom-skills\/security-testing-for-an-alexa-skill.html. (2020).  2020. Alexa Skills Security Requirements. https:\/\/developer.amazon.com\/fr\/docs\/custom-skills\/security-testing-for-an-alexa-skill.html. (2020)."},{"key":"e_1_3_2_1_3_1","unstructured":"2020. Amazon Developer Services Agreement. https:\/\/developer.amazon.com\/support\/ legal\/da. (2020).  2020. Amazon Developer Services Agreement. https:\/\/developer.amazon.com\/support\/ legal\/da. (2020)."},{"key":"e_1_3_2_1_4_1","unstructured":"2020. Amazon Mechanical Turk. https:\/\/www.mturk.com\/. (2020).  2020. Amazon Mechanical Turk. https:\/\/www.mturk.com\/. (2020)."},{"key":"e_1_3_2_1_5_1","unstructured":"2020. Configure Permissions for Customer Information in Your Skill. https:\/\/developer.amazon.com\/en-US\/docs\/alexa\/custom-skills\/configure-permissions-for-customer-information-in-your-skill.html. (2020).  2020. Configure Permissions for Customer Information in Your Skill. https:\/\/developer.amazon.com\/en-US\/docs\/alexa\/custom-skills\/configure-permissions-for-customer-information-in-your-skill.html. (2020)."},{"key":"e_1_3_2_1_6_1","unstructured":"2020. Google fined \u20ac50 million for GDPR violation in France. https:\/\/www.theverge.com\/2019\/1\/21\/18191591\/google-gdpr-fine-50-million-euros-data-consent-cnil\/. (2020).  2020. Google fined \u20ac50 million for GDPR violation in France. https:\/\/www.theverge.com\/2019\/1\/21\/18191591\/google-gdpr-fine-50-million-euros-data-consent-cnil\/. (2020)."},{"key":"e_1_3_2_1_7_1","unstructured":"2020. Google Privacy Policy Guidance. https:\/\/developers.google.com\/assistant\/console\/ policies\/privacy-policy-guide. (2020).  2020. Google Privacy Policy Guidance. https:\/\/developers.google.com\/assistant\/console\/ policies\/privacy-policy-guide. (2020)."},{"key":"e_1_3_2_1_8_1","unstructured":"2020. Industrial-Strength Natural Language Processing. https:\/\/spacy.io. (2020).  2020. Industrial-Strength Natural Language Processing. https:\/\/spacy.io. (2020)."},{"key":"e_1_3_2_1_9_1","volume-title":"Number of digital voice assistants in use worldwide from 2019 to","year":"2023"},{"key":"e_1_3_2_1_10_1","unstructured":"2020. Policies for Actions on Google. https:\/\/developers.google.com\/actions\/policies\/ general-policies. (2020).  2020. Policies for Actions on Google. https:\/\/developers.google.com\/actions\/policies\/ general-policies. (2020)."},{"key":"e_1_3_2_1_11_1","unstructured":"2020. PrivacyCheck for Google Chrome. https:\/\/identity.utexas.edu\/privacycheck-for-google-chrome. (2020).  2020. PrivacyCheck for Google Chrome. https:\/\/identity.utexas.edu\/privacycheck-for-google-chrome. (2020)."},{"key":"e_1_3_2_1_12_1","unstructured":"2020. Selenium automates browsers. https:\/\/www.selenium.dev. (2020).  2020. Selenium automates browsers. https:\/\/www.selenium.dev. (2020)."},{"key":"e_1_3_2_1_13_1","volume-title":"Snapchat Transmitted Users","year":"2013"},{"key":"e_1_3_2_1_14_1","volume-title":"Snapchat Transmitted Users","year":"2014"},{"key":"e_1_3_2_1_15_1","volume-title":"Symposium on Usable Privacy and Security (SOUPS).","author":"Abdi Noura","year":"2019"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3311956"},{"key":"e_1_3_2_1_17_1","volume-title":"Policylint: Investigating Internal Privacy Policy Contradictions on Google Play. In USENIX Security Symposium (USENIX Security). 585\u2013602","author":"Andow Benjamin","year":"2019"},{"key":"e_1_3_2_1_18_1","volume-title":"Evaluating the Contextual Integrity of Privacy Regulation: Parents\u2019 IoT Toy Privacy Norms Versus COPPA. In USENIX Security Symposium (USENIX Security).","author":"Apthorpe Noah","year":"2019"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"crossref","unstructured":"Alexander Benlian Johannes Klumpe and Oliver Hinz. 2019. Mitigating the intrusive effects of smart home assistants by using anthropomorphic design features: A multimethod investigation. Information Systems Journal(2019) 1\u201333. https:\/\/doi.org\/10.1111\/isj.12243  Alexander Benlian Johannes Klumpe and Oliver Hinz. 2019. Mitigating the intrusive effects of smart home assistants by using anthropomorphic design features: A multimethod investigation. Information Systems Journal(2019) 1\u201333. https:\/\/doi.org\/10.1111\/isj.12243","DOI":"10.1111\/isj.12243"},{"key":"e_1_3_2_1_20_1","unstructured":"TravisD. Breaux Hanan Hibshi and Ashwini Rao. 2014. Eddy a formal language for specifying and analyzing data flow specifications for conflicting privacy requirements. Requirements Engineering(2014) 1\u201327.  TravisD. Breaux Hanan Hibshi and Ashwini Rao. 2014. Eddy a formal language for specifying and analyzing data flow specifications for conflicting privacy requirements. Requirements Engineering(2014) 1\u201327."},{"key":"e_1_3_2_1_21_1","volume-title":"Hidden Voice Commands. In 25th USENIX Security Symposium (USENIX Security 16)","author":"Carlini Nicholas","year":"2016"},{"key":"e_1_3_2_1_22_1","volume-title":"You Can Hear But You Cannot Steal: Defending Against Voice Impersonation Attacks on Smartphones. In 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS). 183\u2013195","author":"Chen S."},{"key":"e_1_3_2_1_23_1","volume-title":"Dangerous Skills Got Certified: Measuring the Trustworthiness of Skill Certification in Voice Personal Assistant Platforms. In ACM SIGSAC Conference on Computer and Communications Security (CCS).","author":"Cheng Long","year":"2020"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2017.3571053"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/3117811.3117823"},{"key":"e_1_3_2_1_26_1","volume-title":"Consumer Attitudes Towards Privacy and Security in Home Assistants. In Extended Abstracts of the 2018 CHI Conference on Human Factors in Computing Systems.","author":"Fruchter Nathaniel","year":"2018"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3290605.3300498"},{"key":"e_1_3_2_1_28_1","volume-title":"SkillExplorer: Understanding the Behavior of Skills in Large Scale. In 29th USENIX Security Symposium (USENIX Security 20)","author":"Guo Zhixiu","year":"2020"},{"key":"e_1_3_2_1_29_1","volume-title":"Polisis: Automated Analysis and Presentation of Privacy Policies Using Deep Learning. CoRR abs\/1802.02561(2018)","author":"Harkous Hamza","year":"2018"},{"key":"e_1_3_2_1_30_1","volume-title":"Skill Squatting Attacks on Amazon Alexa. In USENIX Security Symposium (USENIX Security). 33\u201347","author":"Kumar Deepak","year":"2018"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/3274371"},{"key":"e_1_3_2_1_32_1","volume-title":"Attacks and Countermeasures. In 2018 IEEE Conference on Communications and Network Security (CNS). 1\u20139.","author":"Lei X."},{"key":"e_1_3_2_1_33_1","volume-title":"Privacy Attitudes of Smart Speaker Users. In 19th Privacy Enhancing Technologies Symposium (PETS).","author":"Malkin Nathan","year":"2019"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.chb.2019.05.009"},{"key":"e_1_3_2_1_35_1","volume-title":"Inaudible Voice Commands: The Long-Range Attack and Defense. In USENIX Symposium on Networked Systems Design and Implementation (NSDI). 547\u2013560","author":"Roy Nirupam","year":"2018"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23288"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/3366423.3380179"},{"key":"e_1_3_2_1_38_1","volume-title":"2016 IEEE\/ACM 38th International Conference on Software Engineering (ICSE). 25\u201336","author":"Slavin R."},{"key":"e_1_3_2_1_39_1","first-page":"1240","article-title":"How Digital Assistants Can Harm our Economy, Privacy, and Democracy","volume":"32","author":"Stucke E.","year":"2017","journal-title":"Berkeley Technology Law Journal"},{"key":"e_1_3_2_1_40_1","volume-title":"9th USENIX Workshop on Offensive Technologies (WOOT 15)","author":"Vaidya Tavish","year":"2015"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"crossref","volume-title":"GUILeak: Tracing Privacy Policy Claims on User Input Data for Android Applications. In 2018 IEEE\/ACM 40th International Conference on Software Engineering (ICSE). 37\u201347","author":"Wang X.","DOI":"10.1145\/3180155.3180196"},{"key":"e_1_3_2_1_42_1","volume-title":"SurfingAttack: Interactive Hidden Attack on Voice Assistants Using Ultrasonic Guided Wave. In Network and Distributed Systems Security (NDSS) Symposium.","author":"Yan Qiben","year":"2020"},{"key":"e_1_3_2_1_43_1","volume-title":"2016 46th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). 538\u2013549","author":"Yu L."},{"key":"e_1_3_2_1_44_1","volume-title":"Commandersong: A Systematic Approach for Practical Adversarial Voice Recognition. In USENIX Security Symposium (USENIX Security). 49\u201364","author":"Yuan Xuejing","year":"2018"},{"key":"e_1_3_2_1_45_1","volume-title":"End User Security and Privacy Concerns with Smart Homes. In USENIX Conference on Usable Privacy and Security (SOUPS). 65\u201380","author":"Zeng Eric","year":"2017"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134052"},{"key":"e_1_3_2_1_47_1","volume-title":"Understanding and Mitigating the Security Risks of Voice-Controlled Third-Party Skills on Amazon Alexa and Google Home. In IEEE Symposium on Security and Privacy (SP).","author":"Zhang Nan","year":"2019"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/3274469"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2019-0037"},{"key":"e_1_3_2_1_50_1","volume-title":"Automated Analysis of Privacy Requirements for Mobile Apps. In 24th Network & Distributed System Security Symposium (NDSS","author":"Zimmeck Sebastian","year":"2017"}],"event":{"name":"ACSAC '20: Annual Computer Security Applications Conference","location":"Austin USA","acronym":"ACSAC '20"},"container-title":["Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3427228.3427250","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3427228.3427250","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:02:24Z","timestamp":1750197744000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3427228.3427250"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,12,7]]},"references-count":50,"alternative-id":["10.1145\/3427228.3427250","10.1145\/3427228"],"URL":"https:\/\/doi.org\/10.1145\/3427228.3427250","relation":{},"subject":[],"published":{"date-parts":[[2020,12,7]]},"assertion":[{"value":"2020-12-08","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}