Processing of privacy policy, evidence obtaining method, device, equipment and storage medium

By monitoring and recording the processing of application software privacy policies and saving them to a storage server, the problem of inconsistent content in application software privacy policies has been resolved, thereby achieving user rights protection and improved compliance.

CN114462030BActive Publication Date: 2026-07-14BEIJING BAIDU NETCOM SCI & TECH CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
BEIJING BAIDU NETCOM SCI & TECH CO LTD
Filing Date
2022-02-14
Publication Date
2026-07-14

AI Technical Summary

Technical Problem

The privacy policies of application software are updated on the server at any time, which may cause the content seen by users to be inconsistent with the actual content collected, thus infringing on users' rights and making it difficult to prove illegal collection of personal information.

Method used

By monitoring the privacy policy processing of application software, recording the time of occurrence and screenshots of the process, and saving them to a storage server, a query function is provided to determine the privacy policy processing information of the target application software within a specific time period.

Benefits of technology

It effectively curbs the illegal collection of personal information by application software, protects user rights, improves the industry's privacy compliance, and reduces regulatory costs.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN114462030B_ABST
    Figure CN114462030B_ABST
Patent Text Reader

Abstract

The present disclosure provides a privacy policy processing method, a forensics method, a device, an apparatus and a storage medium, relates to the field of Internet application, in particular to the field of application software, data security, information flow and natural language processing. The privacy policy processing method comprises the following steps: monitoring a privacy policy processing process of an application software, determining an occurrence time and a process screenshot of the privacy policy processing process in response to the privacy policy processing process of the application software, obtaining privacy policy content displayed by the application software through a privacy policy details page, and saving the occurrence time and the process screenshot of the privacy policy processing process and the privacy policy content to a storage server. The forensics method comprises the following steps: based on a received forensics query request, querying the storage server, and determining and outputting privacy policy processing information of a target application software in a target time interval. The technical scheme of the present disclosure effectively guarantees the legal rights and interests of a user when using the application software.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This disclosure relates to application software, data security, information flow, and natural language processing in Internet applications, and in particular to a method, apparatus, device, and storage medium for processing and obtaining evidence related to a privacy policy. Background Technology

[0002] With the development of the times, application software has permeated all aspects of people's daily lives, and the amount of data transmitted and recorded through application software is also increasing. Therefore, privacy policies have become a crucial part of application software privacy protection. A privacy policy is a legal document provided by a company or organization to inform users how their personal data is collected and used in relevant application software programs and other platforms.

[0003] In related technologies, application software's privacy policy content is stored on the server side. When the application software determines that the user agrees to the privacy policy that pops up upon initial launch, it can access and retrieve the privacy policy content through a uniform resource locator (URL) and display it to the user on the application software's user interface. Because application software developers can update the privacy policy content on the server side at any time, this may lead to inconsistencies between the privacy policy content seen by the user and the actual privacy policy content collected by the application software, potentially resulting in the infringement of user rights. Summary of the Invention

[0004] This disclosure provides a method, apparatus, device, and storage medium for processing and obtaining evidence related to privacy policies.

[0005] According to a first aspect of this disclosure, a method for processing a privacy policy is provided, including:

[0006] Monitor the privacy policy processing procedures of application software;

[0007] In response to the privacy policy processing procedure of the application software, determine the occurrence time and process screenshots of the privacy policy processing procedure;

[0008] Obtain the privacy policy content displayed by the application software through the privacy policy details page;

[0009] Save the occurrence time and screenshots of the privacy policy processing procedure, along with the privacy policy content, to the storage server.

[0010] According to a second aspect of this disclosure, a method for obtaining evidence regarding a privacy policy is provided, including:

[0011] Receive an evidence collection query request, the evidence collection query request including: the identifier of the target application software and the target time interval;

[0012] Based on the evidence collection query request, the storage server is queried to determine the privacy policy processing information of the target application software within the target time interval. The storage server stores the privacy policy processing information of at least one application software.

[0013] Output the privacy policy processing information of the target application software within the target time interval.

[0014] According to a third aspect of this disclosure, a privacy policy processing apparatus is provided, comprising:

[0015] The monitoring unit is used to monitor the privacy policy processing of application software.

[0016] The processing unit is configured to, in response to the privacy policy processing procedure of the application software, determine the occurrence time and process screenshot of the privacy policy processing procedure;

[0017] The acquisition unit is used to acquire the privacy policy content displayed by the application software through the privacy policy details page;

[0018] The sending unit is used to save the occurrence time of the privacy policy processing procedure, a screenshot of the process, and the content of the privacy policy to the storage server.

[0019] According to a fourth aspect of this disclosure, an evidence-gathering device for a privacy policy is provided, comprising:

[0020] A receiving unit is configured to receive an evidence collection query request, wherein the evidence collection query request includes: the identifier of the target application software and the target time interval;

[0021] The query unit is used to query the storage server based on the evidence query request to determine the privacy policy processing information of the target application software within the target time interval. The storage server stores the privacy policy processing information of at least one application software.

[0022] The output unit is used to output the privacy policy processing information of the target application software within the target time interval.

[0023] According to a fifth aspect of this disclosure, an electronic device is provided, comprising:

[0024] At least one processor; and

[0025] A memory communicatively connected to the at least one processor; wherein,

[0026] The memory stores instructions that can be executed by the at least one processor to enable the at least one processor to perform the method described in the first aspect, or to perform the method described in the second aspect.

[0027] According to a sixth aspect of this disclosure, a non-transitory computer-readable storage medium is provided storing computer instructions, wherein the computer instructions are configured to cause the computer to perform the method described in the first aspect, or to perform the method described in the second aspect.

[0028] According to a seventh aspect of this disclosure, a computer program product is provided, the computer program product comprising: a computer program stored in a readable storage medium, wherein at least one processor of an electronic device can read the computer program from the readable storage medium, and the at least one processor executes the computer program to cause the electronic device to perform the method of the first aspect or to perform the method of the second aspect.

[0029] It should be understood that the description in this section is not intended to identify key or essential features of the embodiments of this disclosure, nor is it intended to limit the scope of this disclosure. Other features of this disclosure will become readily apparent from the following description. Attached Figure Description

[0030] The accompanying drawings are provided to better understand this solution and do not constitute a limitation of this disclosure. Wherein:

[0031] Figure 1 A schematic diagram illustrating an application scenario provided by an embodiment of this disclosure;

[0032] Figure 2 This is a flowchart illustrating the processing method of the privacy policy provided in the first embodiment of this disclosure;

[0033] Figure 3 This is a flowchart illustrating the privacy policy processing method provided in the second embodiment of this disclosure;

[0034] Figure 4 This is a flowchart illustrating the privacy policy processing method provided in the third embodiment of this disclosure;

[0035] Figure 5 This is a flowchart illustrating the evidence collection method for the privacy policy provided in the first embodiment of this disclosure;

[0036] Figure 6 This is a flowchart illustrating the privacy policy processing method provided in the second embodiment of this disclosure;

[0037] Figure 7 This is a schematic diagram of the structure of the privacy policy processing device provided in this embodiment of the disclosure;

[0038] Figure 8 This is a schematic diagram of the evidence collection device for the privacy policy provided in this embodiment of the disclosure;

[0039] Figure 9 A schematic block diagram of an example electronic device used to implement embodiments of the present disclosure is shown. Detailed Implementation

[0040] The exemplary embodiments of this disclosure are described below with reference to the accompanying drawings, including various details of the embodiments to aid understanding, and should be considered merely exemplary. Therefore, those skilled in the art will recognize that various changes and modifications can be made to the embodiments described herein without departing from the scope and spirit of this disclosure. Similarly, for clarity and brevity, descriptions of well-known functions and structures are omitted in the following description.

[0041] A privacy policy is a statement about how an application (APP) or website collects, processes, uses, stores, shares, transfers, or publicly discloses user information. Laws and regulations in major countries and regions require privacy policies to be a mandatory document for APPs. Compliance testing of APP privacy policies, as well as the use of natural language processing (NLP) technology for intelligent processing and accurate understanding of APP privacy policies, are currently popular research areas.

[0042] According to legal regulations, apps must proactively display a privacy policy for users to read upon first launch. Users can only collect the personal information declared in the privacy policy after agreeing to it. In other words, the privacy policy needs to precisely describe the purpose, method, and scope of the app's collection of user information during operation, in order to avoid illegally collecting user information and infringing on users' legitimate rights.

[0043] In related technologies, an app's privacy policy is often stored on a server. When an app determines that a user agrees to the privacy policy that pops up upon first launch, the app retrieves the privacy policy from the server via a URL and displays it to the user on the app's user interface. Subsequently, app developers can update the privacy policy on the server at any time. This may result in discrepancies between the privacy policy content seen by the user and the actual privacy policy content collected by the app, thus harming the user's rights.

[0044] For example, a user uses an app on a certain date and reads its privacy policy. The privacy policy does not state that the app collects user contact information, leading the user to believe the app wouldn't collect it and use the app without worry. However, the app collects the user's contact information in the background and later updates its privacy policy to include a statement about collecting user contact information. This effectively means that these users' contact information was collected without their knowledge, constituting illegal collection of personal information. However, it is difficult for users to provide evidence of this. This behavior also allows apps to evade supervision from regulatory agencies and app stores, enabling large-scale illegal collection of personal information.

[0045] The collection, storage, use, processing, transmission, provision, and disclosure of user personal information involved in the technical solution disclosed herein comply with the provisions of relevant laws and regulations and do not violate public order and good morals.

[0046] To address the aforementioned issues in related technologies, the conceptual process of this disclosed technical solution is as follows: Based on the concept of automated testing, large-scale automated testing and privacy policy evidence collection are conducted on released apps. For example, during the processing of privacy policies, the occurrence time and process screenshots of each process are recorded and uploaded to a storage server so that users can query them later. This solves the problem of apps evading supervision and deceiving users by illegally collecting personal information.

[0047] For example, in the embodiments of this disclosure, the testing platform (or testing device) can automatically install and run multiple apps, automatically record the occurrence time and screenshots of each process, such as the pop-up of the app's privacy policy, the clicking of the privacy policy link in the privacy policy pop-up, and the opening of the privacy policy details page associated with the privacy policy link, and upload them to the storage server on the cloud platform, thereby achieving the purpose of evidence preservation.

[0048] Optionally, the cloud platform can provide a query function. When users, app stores, and regulatory agencies wish to review whether an app legally and compliantly collected users' personal information during a certain period, they can send an evidence query request to the cloud platform. The cloud platform can then determine the app's privacy policy content and evidence storage information during that period based on the app's identifier in the evidence query request. In addition, it can combine this with the specific personal information collection behavior of the app to determine the legality and compliance of the app's personal information collection behavior at that time.

[0049] Based on the above conceptual process, this disclosure provides a method for processing and obtaining evidence of privacy policies. In the process of processing privacy policies, the occurrence time and screenshots of the application software's privacy policy processing process, as well as the privacy policy content displayed by the application software through the privacy policy details page, are obtained and saved to a storage server. Correspondingly, in the process of obtaining evidence of privacy policies, when an evidence query request is received, the privacy policy processing information of the target application software within a target time interval can be determined by querying the storage server and output. This can effectively constrain the application software's behavior of indiscriminately collecting personal information, protect the rights and interests of users, and improve the privacy compliance of the entire industry.

[0050] This disclosure provides a method, apparatus, device, and storage medium for processing and collecting evidence related to privacy policies, applicable to the fields of application software, data security, information flow, and natural language processing in Internet applications, to protect the legitimate rights and interests of users when using application software.

[0051] To facilitate understanding of the technical solutions provided in this disclosure, firstly, in conjunction with... Figure 1 The application scenarios of the embodiments of this disclosure will be described.

[0052] Figure 1 This is a schematic diagram illustrating an application scenario provided by an embodiment of this disclosure. For example... Figure 1 As shown, this application scenario can include two processes; wherein:

[0053] The first process is the processing of the privacy policy.

[0054] For example, the test device monitors the privacy policy processing of the application software, and in response to the privacy policy processing of the application software, determines the occurrence time and process screenshots of the privacy policy processing, and obtains the privacy policy content displayed by the application software through the privacy policy details page. Finally, the occurrence time and process screenshots of the privacy policy processing and the privacy policy content are saved to the storage server in the cloud platform.

[0055] It is understood that the privacy policy in this embodiment specifically refers to the privacy policy content displayed on the privacy policy details page after a privacy policy pop-up window is actively displayed when the application software is first launched, and the user clicks on the privacy policy link within the pop-up window. Optionally, the privacy policy may be actively displayed upon first installation, reinstallation, or first launch after a version update.

[0056] For example, in embodiments of this disclosure, see Figure 1The testing equipment can receive test instructions from the outside world, which may include the identifier of at least one application software. It can also obtain the installation file of the application software by interacting with the cloud platform, automatically install and run the application software, and then monitor the processing of the application software's privacy policy.

[0057] For example, the process of processing a privacy policy includes: a privacy policy pop-up window appearing, the privacy policy link within the privacy policy pop-up window being clicked, and the privacy policy details page associated with the privacy policy link being opened.

[0058] Accordingly, refer to Figure 1 As shown, when the test device detects that the application software pops up a privacy policy pop-up, it records the pop-up time of the privacy policy pop-up and captures an image of the privacy policy pop-up. When it detects that the privacy policy link in the privacy policy pop-up is clicked, it records the click time of the privacy policy link and captures an image of the privacy policy link being clicked. When it detects that the privacy policy details page associated with the privacy policy link is opened, it records the opening time of the privacy policy details page and captures an image of the privacy policy details page being opened.

[0059] Understandable, such as Figure 1 As shown, after obtaining the installation file, the test device can also determine the attribute information of the installation file and store it in the storage server of the cloud platform before installing the application software.

[0060] Optionally, the attribute information of the installation file may include a unique file identifier and a file description. The unique file identifier is a hash value obtained by hashing the installation file. The file description information includes, but is not limited to, the version number of the installation file, the download address, the download date, the test date, and the source market.

[0061] The second process is the evidence collection process for the privacy policy.

[0062] See also Figure 1 The cloud platform can store the time of occurrence of the processing of the received privacy policy, screenshots of the process, and the content of the privacy policy. It can also store the attribute information of the installation file.

[0063] Correspondingly, the cloud platform can receive evidence collection query requests and, based on the identifier of the target application software and the target time interval included in the evidence collection query request, query the storage server to determine the privacy policy processing information of the target application software within the target time interval and output it, so that the querying personnel can determine whether the user information collected by the APP is consistent with the user information claimed to be collected in the privacy policy.

[0064] It is understood that, in embodiments of this disclosure, the privacy policy processing information stored in the storage server may include, but is not limited to, the following:

[0065] The occurrence time and screenshots of each step in the privacy policy processing;

[0066] The file description information for the installation files of each application software includes: the version number of the installation file, download address, download date, test date, and source;

[0067] Start and end timestamps for processing by each application software;

[0068] The privacy policy content displayed on the privacy policy details page of each application.

[0069] It should be noted that, Figure 1 This is merely a schematic diagram of an application scenario provided by an embodiment of this disclosure. This embodiment of the disclosure does not limit the specific devices included in the application scenario. For example, the application scenario may also include: terminal devices, processing devices, etc.

[0070] For example, in Figure 1 In the application scenarios shown, the terminal device can issue test commands and / or evidence query requests based on the received instructions.

[0071] Optionally, the storage server in this embodiment can be used to process privacy policy information for various application software, and the cloud platform in this embodiment can be a server for various devices, capable of providing various services.

[0072] Understandable Figure 1 The positional relationships between the devices shown do not constitute any limitation; for example, a storage server can be integrated into a cloud platform or it can be a standalone device.

[0073] It should also be noted that the test equipment in this disclosure embodiment can be a terminal device, a server, a virtual machine, or a distributed computer system composed of one or more servers and / or computers, etc., and this disclosure embodiment does not limit the scope. The server in this disclosure embodiment can be a regular server or a cloud server. A cloud server, also known as a cloud computing server or cloud host, is a host product in the cloud computing service system. The server can also be a server in a distributed system or a server integrated with blockchain. Terminal devices include, but are not limited to: smartphones, laptops, desktop computers, platform computers, in-vehicle devices, smart wearable devices, etc.

[0074] It is worth noting that the product implementation disclosed herein is program code included in cloud platform software and deployed on a server (or it can be computing cloud or mobile terminal and other hardware with computing capabilities). Figure 1 In the system architecture diagram shown, the program code disclosed herein can be stored within the test device and cloud platform. During runtime, the program code runs in the server's host memory and / or GPU memory.

[0075] In this embodiment of the disclosure, "multiple" refers to two or more. "And / or" describes the relationship between associated objects, indicating that three relationships can exist. For example, A and / or B can represent: A alone, A and B simultaneously, or B alone. The character " / " generally indicates that the preceding and following associated objects have an "or" relationship.

[0076] The technical solutions of this disclosure will now be described in detail through specific embodiments. It should be noted that the following specific embodiments can be combined with each other, and the same or similar concepts or processes may not be described again in some embodiments.

[0077] For example, the process of handling privacy policies will be described in detail below with reference to several specific embodiments.

[0078] Figure 2 This is a flowchart illustrating the privacy policy processing method provided in the first embodiment of this disclosure. The method in this embodiment can be... Figure 1 The method can be executed by the test equipment or by the processor within the test equipment. This embodiment illustrates the method using the test equipment. Figure 2 As shown, the privacy policy processing method provided in this embodiment may include:

[0079] S201, Monitoring application software privacy policy processing procedures.

[0080] In practical applications, the testing equipment can execute the technical solutions of the embodiments of this disclosure on a large number of published application software. Optionally, the testing equipment can be a real mobile phone, an emulator, or a cloud phone, etc.

[0081] For example, the testing equipment can automate the testing of privacy policies for installed and running application software. For instance, an automated runtime framework can be used to run the application software automatically and monitor the processing of its privacy policy.

[0082] Optionally, the testing equipment can utilize monitoring tools to monitor the operation of the application software, specifically, to monitor the privacy policy processing within the application software.

[0083] S202. In response to the application software's privacy policy processing procedure, determine the occurrence time of the privacy policy processing procedure and take screenshots of the process.

[0084] For example, when the testing device detects the processing of an application's privacy policy, it can record the occurrence time of the privacy policy processing and record a screenshot of the process. Optionally, the screenshot can be interpreted as a screenshot taken when the privacy policy processing occurs.

[0085] For example, the privacy policy processing procedure includes: a privacy policy pop-up window appearing, the privacy policy link within the privacy policy pop-up window being clicked, and the privacy policy details page associated with the privacy policy link being opened. At this time, the occurrence time and screenshots of the privacy policy processing procedure can include: the pop-up time of the privacy policy pop-up window and a screenshot of the first page when the privacy policy pop-up window appears, the click time of the privacy policy link within the privacy policy pop-up window and a screenshot of the second page when the privacy policy link is clicked, the opening time of the privacy policy details page and a screenshot of the privacy policy details page when it is opened, etc.

[0086] S203. Obtain the privacy policy content displayed on the privacy policy details page of the application software.

[0087] Optionally, after the application software has gone through the above privacy policy processing procedures, the opened privacy policy details page can be displayed through the application software's human-computer interaction interface. The privacy policy details page contains the privacy policy content. Therefore, the test device can obtain the privacy policy content displayed by the application software through the privacy policy details page using a capture tool.

[0088] It is understood that, in the embodiments of this disclosure, the privacy policy content is the specific content of user information that the application software may collect, use, process, and disclose during the operation of the application software. For example, the privacy policy content may include, but is not limited to, user information, information about the device used by the user, and environmental information of the user (e.g., location).

[0089] S204. Save the time of occurrence of the privacy policy processing, screenshots of the process, and the content of the privacy policy to the storage server.

[0090] In the embodiments of this disclosure, in order to facilitate the subsequent use of information by the application software to declare the information used by the user, the testing device can save the occurrence time and process screenshots of the determined privacy policy processing procedure, as well as the privacy policy content, to the cloud, such as the storage server of a cloud platform. In this way, users, regulatory agencies, application markets, etc. can initiate verification of the application software's behavior of collecting user information. Especially when there is doubt about the application software's behavior of collecting user information, it can improve the effective evidence support.

[0091] Understandably, in practical applications, once a testing device completes the testing and notarization of an application's privacy policy, it can repeatedly test and notarize the same application at different times to obtain notarized privacy policy content for different time periods.

[0092] Optionally, the testing equipment can execute the technical solutions of the embodiments of this disclosure simultaneously or at different times for different application software, and the embodiments of this disclosure do not limit them.

[0093] In the embodiments of this disclosure, by monitoring the privacy policy processing process of the application software, the occurrence time and process screenshots of the privacy policy processing process are determined, the privacy policy content displayed by the application software through the privacy policy details page is obtained, and the occurrence time and process screenshots of the privacy policy processing process and the privacy policy content are saved to the storage server. This provides a guarantee for subsequent evidence collection, effectively avoids the problem of application software illegally collecting user information, and effectively protects user rights.

[0094] exist Figure 2 Based on the embodiments shown, the following provides a more detailed description of the privacy policy processing methods provided in the embodiments of this disclosure.

[0095] Figure 3 This is a flowchart illustrating the privacy policy processing method provided in the second embodiment of this disclosure. In this embodiment, the privacy policy processing includes: a privacy policy pop-up window appearing, a privacy policy link within the pop-up window being clicked, and the privacy policy details page associated with the link being opened. Correspondingly, as... Figure 3 As shown, the above S202 can be achieved through the following steps:

[0096] S301. In response to the pop-up of the privacy policy dialog box of the application software, record the pop-up time of the privacy policy dialog box and capture a screenshot of the first page when the privacy policy dialog box pops up.

[0097] The privacy policy pop-up contains a link to the privacy policy.

[0098] For example, in accordance with legal requirements, application software should proactively display a privacy policy pop-up upon first launch, guiding users to click the privacy policy link within the pop-up to present the privacy policy content for reading on the privacy policy details page. Therefore, when the test device detects the application software displaying the privacy policy pop-up, in response to the pop-up, the test device records the pop-up time and captures the page at the time the pop-up appears, obtaining a screenshot of the first page.

[0099] S302. In response to the privacy policy link in the privacy policy pop-up being clicked, record the time the privacy policy link was clicked and capture a screenshot of the second page when the privacy policy link was clicked.

[0100] In practical applications, the application software provides a privacy policy link through a privacy policy pop-up. When the test device detects that the privacy policy link in the privacy policy pop-up has been clicked, it can record the time when the privacy policy link is clicked and capture the page at the time the privacy policy link is clicked to obtain a second page screenshot.

[0101] It is understood that in the embodiments of this disclosure, the privacy policy link is the link connecting the privacy policy pop-up and the privacy policy details page. When the privacy policy link is clicked, the application software page will jump from the privacy policy pop-up page to the privacy policy details page. Therefore, in response to the privacy policy link in the privacy policy pop-up being clicked, the privacy policy details page associated with the privacy policy link will be opened.

[0102] For example, after S301, the test device can trigger the privacy policy link to be clicked by calling the automated testing tool and clicking the privacy policy link in the privacy policy pop-up.

[0103] In this embodiment, by using automated testing tools to simulate user click behavior, automated testing of application software can be achieved, reducing testing costs.

[0104] S303. In response to the opening of the privacy policy details page associated with the privacy policy link, record the time when the privacy policy details page is opened and a screenshot of the third page when the privacy policy details page is opened.

[0105] The privacy policy details page displays the privacy policy content.

[0106] Optionally, when the application's privacy policy link is clicked, the associated privacy policy details page can be opened. Correspondingly, when the test device detects that the privacy policy details page associated with the link has been opened, it can automatically record the time the page is opened and capture a screenshot of the page at that moment, resulting in a third-party screenshot.

[0107] Understandably, in practical applications, the privacy policy details page contains specific privacy policy content. This privacy policy content can declare the various operations that the application software may take regarding various information related to users, such as collection, processing, and disclosure. In other words, the application software will display the privacy policy content through the privacy policy details page.

[0108] In the embodiments disclosed herein, the specific implementation of the testing device determining the occurrence time and process screenshots of the privacy policy pop-up, the clicking of the privacy policy link within the privacy policy pop-up, and the opening of the privacy policy details page associated with the privacy policy link is described, providing a prerequisite for subsequent evidence collection.

[0109] exist Figure 2 or Figure 3 Based on the illustrated embodiment, Figure 4 This is a flowchart illustrating the processing method of the privacy policy provided in the third embodiment of this disclosure. Figure 4 As shown in the embodiments of this disclosure, prior to S201 above, the method for processing the privacy policy may further include:

[0110] S401. Obtain test instructions, which include: the identifier of the application software.

[0111] For example, the testing device can execute the privacy policy processing of application software based on external testing instructions. For instance, the testing device can receive testing instructions from multiple objects via terminals. To clearly identify the application software being tested, the testing instructions need to include the application software's identifier so that the testing device can execute the processes of obtaining the installation file, installing the application software, running the application software, and processing the privacy policy during the application software's operation.

[0112] S402. Based on the application software identifier in the test command, obtain the application software's installation file.

[0113] For example, after the testing equipment parses the test instructions and determines the identifier of the application software to be tested, it can obtain the installation file of the application software by interacting with the cloud platform.

[0114] Optionally, after each application software is released, its installation file is typically stored in a cloud platform. This allows users to access the installation file of a specific application software from the cloud platform via an internet connection using their terminal devices and then perform the subsequent installation process. Therefore, in this embodiment, the test device can also download the application software's installation file from the cloud platform after receiving a test command.

[0115] S403. Use the application software's installation file to install the application software and run it automatically.

[0116] Optionally, after the test device obtains the application software's installation file, it can automatically install the application software or install it on the test device based on the installation instructions, and call the automated operation framework to run the application software automatically.

[0117] In one example, an automated execution framework can be an automated framework built by testers based on test tasks. After the application software is installed on test devices such as real mobile phones, simulators, and cloud phones, the automated execution framework can be used to run the application software automatically.

[0118] Optionally, in embodiments of this disclosure, such as Figure 4 As shown, following S402, the processing method for this privacy policy may also include:

[0119] S404. Determine the attribute information of the installation file.

[0120] This attribute information includes: a unique file identifier and a file description. The unique file identifier is a hash value obtained by performing a hash operation on the installation file. The file description information includes: the version number of the installation file, the download address, the download date, the test date, and the source market.

[0121] For example, when a testing device obtains the installation file of an application software, it can record the application software's attribute information. For instance, it can calculate the hash value of the installation file (such as MD5, SHA1, SHA256, etc.) and use it as a unique identifier for the application software file. In addition, it can record the application software's version number, download address, download date, testing date, source market, etc., as supplementary file description information. This allows for accurate association of the timing and screenshots of the privacy policy processing process, thereby improving the accuracy of evidence collection.

[0122] S405. Store the attribute information of the installation file to the storage server.

[0123] In the embodiments disclosed herein, in order to facilitate subsequent evidence collection for privacy policies, the testing device can save the attribute information of the determined installation file to the cloud, such as the storage server of a cloud platform. In this way, users, regulatory agencies, app stores, etc. can initiate verification of the application software's collection of user information behavior, especially when there is doubt about the application software's collection of user information behavior, it can provide effective evidence support.

[0124] The above embodiments describe the processing procedure for privacy policies. The following sections, using several specific embodiments, introduce the evidence collection process for privacy policies.

[0125] Figure 5 This is a flowchart illustrating the evidence collection method for the privacy policy provided in the first embodiment of this disclosure. The method in this embodiment can be... Figure 1 The method can be executed on a cloud platform, or by a processor within that cloud platform, which can be called a cloud server. This embodiment illustrates the method using execution on a cloud platform. Figure 5 As shown, the evidence collection method for the privacy policy provided in this embodiment may include:

[0126] S501. Receive an evidence collection query request, which includes: the identifier of the target application software and the target time range.

[0127] Optionally, when users, regulatory agencies, app stores, etc. have doubts about the collection of personal information by an application, they can check the application's privacy policy information for a specific time period at any time, so that the application's illegal and irregular collection of personal information has nowhere to hide.

[0128] For example, the cloud platform's storage server can store a large amount of privacy policy processing information of application software over many time periods. When the cloud platform receives an evidence collection query request, in order for the cloud platform to accurately determine the application software to be evidenced and the time period for evidence collection, the evidence collection query request needs to include the identifier of the target application software and the target time range.

[0129] S502. Based on the evidence collection query request, query the storage server to determine the privacy policy processing information of the target application software within the target time period.

[0130] The storage server stores privacy policy processing information for at least one application.

[0131] For example, in this embodiment, the storage server stores the test equipment described above. Figures 2 to 4 The illustrated embodiment includes information such as the occurrence time, screenshots, and content of the privacy policy processing of at least one application software within at least one time period. This at least one application software includes the target application software in the forensic query request, and the at least one time period includes the aforementioned target time interval. Therefore, the cloud platform can query the storage server based on the identifier of the target application software and the target time interval to obtain the privacy policy processing information of the target application software within that target time interval.

[0132] S503. Output the privacy policy processing information of the target application software within the target time interval.

[0133] Optionally, the cloud platform may output the privacy policy processing information of the target application software within the target time period after determining it.

[0134] In one example, when the cloud platform has a human-computer interaction interface, the privacy policy processing information of the target application software within the target time period can be displayed through the human-computer interaction interface. When the cloud platform has a voice function, the privacy policy processing information of the target application software within the target time period can also be played.

[0135] In one example, the cloud platform can provide the terminal device that issues the evidence request with information about the privacy policy of the target application software within the target time period, so that the terminal device can display or play it.

[0136] In the embodiments of this disclosure, an evidence collection query request is received, which includes the identifier of the target application software and a target time interval. Based on the evidence collection query request, a storage server is queried to determine and output the privacy policy processing information of the target application software within the target time interval. This technical solution, by providing an evidence collection query function, can constrain the unauthorized collection of personal information by application software, solve the problem of application software deceiving users and illegally collecting personal information, greatly reduce regulatory costs, protect the rights and interests of users, and thus improve the privacy compliance level of the entire industry.

[0137] exist Figure 5 Based on the embodiments shown, the following provides a more detailed description of the privacy policy processing methods provided in the embodiments of this disclosure.

[0138] For example, Figure 6 This is a flowchart illustrating the processing method of the privacy policy provided in the second embodiment of this disclosure. Figure 6 As shown, in the embodiments of this disclosure, the above-mentioned S502 can be implemented through the following steps:

[0139] S601. Based on the identifier of the target application software, query the storage server to locate the location where the privacy policy of the target application software is stored.

[0140] S602. Based on the start and end times of the target time interval, obtain the privacy policy processing information of the target application software within the target time interval from the location where the privacy policy is stored.

[0141] For example, when the cloud platform determines the identifier of the target application software and the target time range by parsing the evidence query request, one possible design is to first query the information stored on the storage server to locate the evidence storage location of the privacy policy of the target application software, and then obtain the privacy policy processing information within the target time range from that privacy policy evidence storage location.

[0142] It is understood that in another possible design disclosed herein, the cloud platform may also determine the privacy policy processing information of all application software within the target time interval based on the start and end times of the target time interval, and then select the privacy policy processing information of the target application software based on the identifier of the target application software.

[0143] Optionally, this disclosure does not limit the specific implementation method of how the cloud platform determines the privacy policy processing information of the target application software within the target time interval.

[0144] In the embodiments of this disclosure, by first locating the location where the privacy policy of the target application software is stored, and then obtaining the privacy policy processing information of the target application software within the target time interval from the location where the privacy policy is stored based on the start and end times of the target time interval, the privacy policy processing information of the target application software within the target time interval can be accurately and quickly determined, thereby improving the efficiency and accuracy of evidence collection.

[0145] Optionally, in embodiments of this disclosure, the storage server stores the privacy policy processing information of each application software in key-value pairs. The key name of the key-value pair is a file unique identifier of each application software. This file unique identifier is a hash value obtained by hashing the installation file of each application software. The key value of the key-value pair is the privacy policy processing information of the application software identified by the corresponding key name.

[0146] For example, in the storage server of the cloud platform, the privacy policy processing information of each application software can be stored in the form of key-value pairs. Therefore, when an evidence query request is received, the identifier of the target application software, i.e., the file unique identifier (target key), can be used as an index to locate the location where the privacy policy of the target application software is stored. Then, the privacy policy information corresponding to the file unique identifier can be obtained from the located privacy policy storage location. Subsequently, the privacy policy processing information within the target time interval can be obtained based on the start and end times of the target time interval.

[0147] For example, the information in the storage server uses the hash value of the application software as the unique identifier of the corresponding installation file of the application software. Accordingly, the information processed in the privacy policy may include at least one of the following:

[0148] The timing and screenshots of the privacy policy processing procedure;

[0149] The file description information for each application software's corresponding installation file includes: the installation file's version number, download address, download date, test date, and source;

[0150] Start and end timestamps for processing by each application software;

[0151] The privacy policy content displayed on the privacy policy details page of each application.

[0152] The privacy policy content can be in HTML format or plain text file format; this embodiment does not limit it.

[0153] Optionally, in this embodiment, the privacy policy processing information of each application software in the storage server is stored in the form of a blockchain.

[0154] The storage server can store the privacy policy processing information of each application software in the form of a blockchain based on the time of receipt, which can prevent subsequent tampering and thus ensure the reliability of evidence collection.

[0155] Figure 7 This is a schematic diagram of the structure of a privacy policy processing device provided in this embodiment. The privacy policy processing device provided in this embodiment can be... Figure 1 The test equipment or the device within the test equipment. For example... Figure 7 As shown, the privacy policy processing device 700 provided in this embodiment includes:

[0156] Monitoring unit 701 is used to monitor the privacy policy processing of application software;

[0157] Processing unit 702 is configured to, in response to the privacy policy processing procedure of the application software, determine the occurrence time and process screenshot of the privacy policy processing procedure;

[0158] The acquisition unit 703 is used to acquire the privacy policy content displayed by the application software through the privacy policy details page;

[0159] The sending unit 704 is used to save the occurrence time of the privacy policy processing process, a screenshot of the process, and the content of the privacy policy to the storage server.

[0160] In one possible implementation, the privacy policy processing procedure includes: a privacy policy pop-up window appears, the privacy policy link within the privacy policy pop-up window is clicked, and the privacy policy details page associated with the privacy policy link is opened;

[0161] Accordingly, the processing unit 702 includes:

[0162] The first processing module is used to respond to the privacy policy pop-up of the application software, record the pop-up time of the privacy policy pop-up and capture a screenshot of the first page when the privacy policy pop-up pops up, wherein the privacy policy pop-up contains a privacy policy link;

[0163] The second processing module is used to respond to the clicking of the privacy policy link in the privacy policy pop-up, record the time when the privacy policy link is clicked, and capture a screenshot of the second page when the privacy policy link is clicked;

[0164] The third processing module is used to respond to the opening of the privacy policy details page associated with the privacy policy link, record the opening time of the privacy policy details page and a screenshot of the third page when the privacy policy details page is opened, and the privacy policy details page displays the privacy policy content.

[0165] Optionally, the first processing module is also used to invoke the automated testing tool to click the privacy policy link in the privacy policy pop-up.

[0166] In one possible implementation, the acquisition unit 703 is further configured to:

[0167] Obtain test instructions, the test instructions including: the identifier of the application software;

[0168] Based on the identifier of the application software in the test instruction, obtain the installation file of the application software;

[0169] The processing unit 702 is also used to install the application software using the application software's installation file and to automatically run the application software.

[0170] Optionally, the processing unit 702 is further configured to determine the attribute information of the installation file, the attribute information including: a unique file identifier and file description information, the unique file identifier being a hash value obtained by performing a hash operation on the installation file, and the file description information including: the version number of the installation file, download address, download date, test date, and source market;

[0171] The sending unit is also used to store the attribute information of the installation file to the storage server.

[0172] The privacy policy processing device provided in this embodiment can be used to execute the above. Figures 2 to 4 The privacy policy processing method shown in the embodiment is similar in principle and technical effect, and will not be described in detail here.

[0173] Figure 8 This is a schematic diagram of the structure of the evidence collection device for the privacy policy provided in this embodiment. The evidence collection device for the privacy policy provided in this embodiment can be... Figure 1 The cloud platform in the context, or the device within the cloud platform. For example... Figure 8 As shown, the evidence collection device 800 for the privacy policy provided in this embodiment includes:

[0174] The receiving unit 801 is used to receive an evidence collection query request, the evidence collection query request including: the identifier of the target application software and the target time interval;

[0175] The query unit 802 is used to query the storage server based on the evidence query request to determine the privacy policy processing information of the target application software within the target time interval. The storage server stores the privacy policy processing information of at least one application software.

[0176] The output unit 803 is used to output the privacy policy processing information of the target application software within the target time interval.

[0177] In one possible implementation, the query unit 802 includes:

[0178] The positioning module is used to query the storage server based on the identifier of the target application software and locate the location where the privacy policy of the target application software is stored.

[0179] The acquisition module is used to acquire the privacy policy processing information of the target application software within the target time interval from the privacy policy storage location based on the start and end times of the target time interval.

[0180] Optionally, the storage server stores the privacy policy processing information of each application software in key-value pairs. The key name of the key-value pair is a unique file identifier for each application software. The unique file identifier is a hash value obtained by hashing the installation file of each application software. The key value of the key-value pair is the privacy policy processing information of the application software identified by the corresponding key name.

[0181] Optionally, the privacy policy processing information may also include at least one of the following:

[0182] The timing and screenshots of the privacy policy processing procedure;

[0183] The file description information for the installation files of each application software includes: the version number of the installation file, download address, download date, test date, and source;

[0184] Start and end timestamps for processing by each application software;

[0185] The privacy policy content displayed on the privacy policy details page of each application.

[0186] Optionally, the privacy policy processing information of each application software in the storage server is stored in the form of a blockchain.

[0187] The evidence collection device for the privacy policy provided in this embodiment can be used to perform the above-mentioned... Figure 5 or Figure 6 The evidence collection method for the privacy policy in the illustrated embodiment is similar in principle and technical effect, and will not be described in detail here.

[0188] According to embodiments of this disclosure, this disclosure also provides an electronic device, a readable storage medium, and a computer program product.

[0189] According to embodiments of this disclosure, this disclosure also provides a computer program product comprising: a computer program stored in a readable storage medium, at least one processor of an electronic device being able to read the computer program from the readable storage medium, and the at least one processor executing the computer program causing the electronic device to perform the scheme provided in any of the above embodiments.

[0190] Figure 9 A schematic block diagram of an example electronic device for implementing embodiments of the present disclosure is shown. The electronic device is intended to represent various forms of digital computers, such as laptop computers, desktop computers, workstations, personal digital assistants, servers, blade servers, mainframe computers, and other suitable computers. The electronic device may also represent various forms of mobile devices, such as personal digital processors, cellular phones, smartphones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions are merely illustrative and are not intended to limit the implementation of the present disclosure described and / or claimed herein.

[0191] like Figure 9 As shown, device 900 includes a computing unit 901, which can perform various appropriate actions and processes based on a computer program stored in read-only memory (ROM) 902 or a computer program loaded from storage unit 908 into random access memory (RAM) 903. RAM 903 may also store various programs and data required for the operation of device 900. The computing unit 901, ROM 902, and RAM 903 are interconnected via bus 904. Input / output (I / O) interface 905 is also connected to bus 904.

[0192] Multiple components in device 900 are connected to I / O interface 905, including: input unit 906, such as keyboard, mouse, etc.; output unit 907, such as various types of monitors, speakers, etc.; storage unit 908, such as disk, optical disk, etc.; and communication unit 909, such as network card, modem, wireless transceiver, etc. Communication unit 909 allows device 900 to exchange information / data with other devices through computer networks such as the Internet and / or various telecommunications networks.

[0193] The computing unit 901 can be various general-purpose and / or special-purpose processing components with processing and computing capabilities. Some examples of the computing unit 901 include, but are not limited to, a central processing unit (CPU), a graphics processing unit (GPU), various special-purpose artificial intelligence (AI) computing chips, various computing units running machine learning model algorithms, a digital signal processor (DSP), and any suitable processor, controller, microcontroller, etc. The computing unit 901 performs the various methods and processes described above, such as privacy policy processing methods and / or privacy policy forensics methods. For example, in some embodiments, privacy policy processing methods and / or privacy policy forensics methods may be implemented as computer software programs tangibly contained in a machine-readable medium, such as storage unit 908. In some embodiments, part or all of the computer program may be loaded and / or installed on device 900 via ROM 902 and / or communication unit 909. When the computer program is loaded into RAM 903 and executed by the computing unit 901, one or more steps of the privacy policy processing methods and / or privacy policy forensics methods described above may be performed. Alternatively, in other embodiments, the computing unit 901 may be configured by any other suitable means (e.g., by means of firmware) to perform privacy policy processing methods and / or privacy policy forensics methods.

[0194] Various embodiments of the systems and techniques described above herein can be implemented in digital electronic circuit systems, integrated circuit systems, field-programmable gate arrays (FPGAs), application-specific integrated circuits (ASICs), application-specific standard products (ASSPs), systems-on-a-chip (SoCs), complex programmable logic devices (CPLDs), computer hardware, firmware, software, and / or combinations thereof. These various embodiments may include implementations in one or more computer programs that can be executed and / or interpreted on a programmable system including at least one programmable processor, which may be a dedicated or general-purpose programmable processor, capable of receiving data and instructions from a storage system, at least one input device, and at least one output device, and transmitting data and instructions to the storage system, the at least one input device, and the at least one output device.

[0195] The program code used to implement the methods of this disclosure may be written in any combination of one or more programming languages. This program code may be provided to a processor or controller of a general-purpose computer, special-purpose computer, or other programmable data processing apparatus, such that when executed by the processor or controller, the program code causes the functions / operations specified in the flowcharts and / or block diagrams to be implemented. The program code may be executed entirely on a machine, partially on a machine, as a standalone software package partially on a machine and partially on a remote machine, or entirely on a remote machine or server.

[0196] In the context of this disclosure, a machine-readable medium can be a tangible medium that may contain or store a program for use by or in conjunction with an instruction execution system, apparatus, or device. A machine-readable medium can be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium can be, but is not limited to, electronic, magnetic, optical, electromagnetic, infrared, or semiconductor systems, apparatus, or devices, or any suitable combination of the foregoing. More specific examples of machine-readable storage media include electrical connections based on one or more wires, portable computer disks, hard disks, random access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), optical storage devices, magnetic storage devices, or any suitable combination of the foregoing.

[0197] To provide interaction with a user, the systems and techniques described herein can be implemented on a computer having: a display device for displaying information to the user (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor); and a keyboard and pointing device (e.g., a mouse or trackball) through which the user provides input to the computer. Other types of devices can also be used to provide interaction with the user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user can be received in any form (including sound input, voice input, or tactile input).

[0198] The systems and technologies described herein can be implemented in computing systems that include backend components (e.g., as a data server), or computing systems that include middleware components (e.g., an application server), or computing systems that include frontend components (e.g., a user computer with a graphical user interface or web browser through which a user can interact with embodiments of the systems and technologies described herein), or any combination of such backend, middleware, or frontend components. The components of the system can be interconnected via digital data communication of any form or medium (e.g., a communication network). Examples of communication networks include local area networks (LANs), wide area networks (WANs), and the Internet.

[0199] Computer systems can include clients and servers. Clients and servers are generally geographically separated and typically interact via communication networks. The client-server relationship is created by computer programs running on the respective computers and having a client-server relationship with each other. A server can be a cloud server, also known as a cloud computing server or cloud host, a hosting product within the cloud computing service ecosystem, addressing the shortcomings of traditional physical hosts and VPS (Virtual Private Server, or simply "VPS") services, such as high management difficulty and weak business scalability. Servers can also be servers for distributed systems or servers incorporating blockchain technology.

[0200] It should be understood that the various forms of processes shown above can be used to rearrange, add, or delete steps. For example, the steps described in this disclosure can be executed in parallel, sequentially, or in different orders, as long as the desired result of the technical solution disclosed in this disclosure can be achieved, and this is not limited herein.

[0201] The specific embodiments described above do not constitute a limitation on the scope of protection of this disclosure. Those skilled in the art should understand that various modifications, combinations, sub-combinations, and substitutions can be made according to design requirements and other factors. Any modifications, equivalent substitutions, and improvements made within the spirit and principles of this disclosure should be included within the scope of protection of this disclosure.

Claims

1. A method for processing a privacy policy, comprising: Monitor the privacy policy processing procedures of application software; The privacy policy processing procedure includes: a privacy policy pop-up window appears, the privacy policy link within the privacy policy pop-up window is clicked, and the privacy policy details page associated with the privacy policy link is opened; In response to the privacy policy processing procedure of the application software, determine the occurrence time and process screenshots of the privacy policy processing procedure; Obtain the privacy policy content displayed by the application software through the privacy policy details page; Save the occurrence time and screenshots of the privacy policy processing procedure, along with the privacy policy content, to the storage server.

2. The method according to claim 1, wherein determining the occurrence time and screenshot of the privacy policy processing procedure in response to the application software's privacy policy processing procedure includes: In response to the pop-up privacy policy of the application software, the pop-up time of the privacy policy pop-up is recorded and a screenshot of the first page when the privacy policy pop-up pops up is captured. The privacy policy pop-up contains a privacy policy link. In response to the privacy policy link in the privacy policy pop-up being clicked, the time when the privacy policy link was clicked is recorded, and a screenshot of the second page when the privacy policy link was clicked is captured; In response to the opening of the privacy policy details page associated with the privacy policy link, the time when the privacy policy details page is opened and a screenshot of the third page when the privacy policy details page is opened are recorded. The privacy policy details page displays the privacy policy content.

3. The method according to claim 2, after recording the pop-up time of the privacy policy pop-up in response to the application software and capturing a first page screenshot when the privacy policy pop-up pops up, further includes: To use the automated testing tool, click the privacy policy link in the privacy policy pop-up window.

4. The method according to any one of claims 1 to 3, further comprising, prior to the processing of the privacy policy of the monitoring application software: Obtain test instructions, the test instructions including: the identifier of the application software; Based on the identifier of the application software in the test instruction, obtain the installation file of the application software; The application software is installed using its installation file, and then automatically run.

5. The method according to claim 4, after obtaining the installation file of the application software based on the identifier of the application software in the test instruction, further comprising: The attribute information of the installation file is determined. The attribute information includes: a unique file identifier and a file description. The unique file identifier is a hash value obtained by performing a hash operation on the installation file. The file description information includes: the version number of the installation file, the download address, the download date, the test date, and the source market. The attribute information of the installation file is stored in the storage server.

6. A method for obtaining evidence regarding a privacy policy, comprising: Receive an evidence collection query request, the evidence collection query request including: the identifier of the target application software and the target time interval; Based on the evidence collection query request, the storage server is queried to determine the privacy policy processing information of the target application software within the target time interval. The storage server stores privacy policy processing information for at least one application software. The privacy policy processing information includes the occurrence time and screenshots of the privacy policy processing process, as well as the privacy policy content displayed on the privacy policy details page of each application software. The occurrence time and screenshots of the privacy policy processing process are determined based on monitoring and responding to the privacy policy processing process of the application software. The privacy policy content is obtained based on the privacy policy details page of the application software. The privacy policy processing process includes: a privacy policy pop-up window appears, the privacy policy link in the privacy policy pop-up window is clicked, and the privacy policy details page associated with the privacy policy link is opened. Output the privacy policy processing information of the target application software within the target time interval.

7. The method of claim 6, wherein, The step of querying the storage server based on the evidence collection request to determine the privacy policy processing information of the target application software within the target time interval includes: Based on the identifier of the target application software, the storage server is queried to locate the location where the privacy policy of the target application software is stored. Based on the start and end times of the target time interval, the privacy policy processing information of the target application software within the target time interval is obtained from the privacy policy storage location.

8. The method of claim 6 or 7, wherein, The storage server stores the privacy policy processing information of each application software in key-value pairs. The key name of the key-value pair is a unique file identifier for each application software. The unique file identifier is a hash value obtained by hashing the installation file of each application software. The key value of the key-value pair is the privacy policy processing information of the application software identified by the corresponding key name.

9. The method of claim 8, wherein, The privacy policy processing information also includes at least one of the following: The file description information for the installation files of each application software includes: the version number of the installation file, download address, download date, test date, and source; The start and end timestamps for processing by each application software.

10. The method of claim 6 or 7 or 9, wherein, The privacy policy processing information of each application software in the storage server is stored in the form of blockchain.

11. A privacy policy processing device, comprising: The monitoring unit is used to monitor the privacy policy processing of application software. The privacy policy processing procedure includes: a privacy policy pop-up window appears, the privacy policy link within the privacy policy pop-up window is clicked, and the privacy policy details page associated with the privacy policy link is opened; The processing unit is configured to, in response to the privacy policy processing procedure of the application software, determine the occurrence time and process screenshot of the privacy policy processing procedure; The acquisition unit is used to acquire the privacy policy content displayed by the application software through the privacy policy details page; The sending unit is used to save the occurrence time of the privacy policy processing procedure, a screenshot of the process, and the content of the privacy policy to the storage server.

12. The apparatus according to claim 11, wherein the processing unit comprises: The first processing module is used to respond to the privacy policy pop-up of the application software, record the pop-up time of the privacy policy pop-up and capture a screenshot of the first page when the privacy policy pop-up pops up, wherein the privacy policy pop-up contains a privacy policy link; The second processing module is used to respond to the clicking of the privacy policy link in the privacy policy pop-up, record the time when the privacy policy link is clicked, and capture a screenshot of the second page when the privacy policy link is clicked; The third processing module is used to respond to the opening of the privacy policy details page associated with the privacy policy link, record the opening time of the privacy policy details page and a screenshot of the third page when the privacy policy details page is opened, and the privacy policy details page displays the privacy policy content.

13. The apparatus according to claim 12, wherein the first processing module is further configured to invoke an automated testing tool to click the privacy policy link in the privacy policy pop-up.

14. The apparatus according to any one of claims 11 to 13, wherein the acquiring unit is further configured to: acquire test instructions, the test instructions comprising: The identifier of the application software; Based on the identifier of the application software in the test instruction, obtain the installation file of the application software; The processing unit is also configured to install the application software using the application software's installation file and to automatically run the application software.

15. The apparatus according to claim 14, wherein the processing unit is further configured to determine attribute information of the installation file, the attribute information including: The file unique identifier and file description information, wherein the file unique identifier is a hash value obtained by hashing the installation file, and the file description information includes: the version number of the installation file, download address, download date, test date, and source market; The sending unit is also used to store the attribute information of the installation file to the storage server.

16. An evidence-gathering device for a privacy policy, comprising: A receiving unit is configured to receive an evidence collection query request, wherein the evidence collection query request includes: the identifier of the target application software and the target time interval; The query unit is used to query the storage server based on the evidence query request to determine the privacy policy processing information of the target application software within the target time interval. The storage server stores the privacy policy processing information of at least one application software. The privacy policy processing information includes the occurrence time and screenshots of the privacy policy processing process, as well as the privacy policy content displayed by each application software on the privacy policy details page. The occurrence time and screenshots of the privacy policy processing process are determined based on monitoring and responding to the privacy policy processing process of the application software. The privacy policy content is obtained based on the privacy policy details page of the application software. The privacy policy processing process includes: a privacy policy pop-up window appearing, the privacy policy link in the privacy policy pop-up window being clicked, and the privacy policy details page associated with the privacy policy link being opened. The output unit is used to output the privacy policy processing information of the target application software within the target time interval.

17. The apparatus according to claim 16, wherein, The query unit includes: The positioning module is used to query the storage server based on the identifier of the target application software and locate the location where the privacy policy of the target application software is stored. The acquisition module is used to acquire the privacy policy processing information of the target application software within the target time interval from the privacy policy storage location based on the start and end times of the target time interval.

18. The apparatus according to claim 16 or 17, wherein, The storage server stores the privacy policy processing information of each application software in key-value pairs. The key name of the key-value pair is a unique file identifier for each application software. The unique file identifier is a hash value obtained by hashing the installation file of each application software. The key value of the key-value pair is the privacy policy processing information of the application software identified by the corresponding key name.

19. The apparatus according to claim 18, wherein, The privacy policy processing information also includes at least one of the following: The file description information for the installation files of each application software includes: the version number of the installation file, download address, download date, test date, and source; The start and end timestamps for processing by each application software.

20. The apparatus according to claim 16, 17, or 19, wherein, The privacy policy processing information of each application software in the storage server is stored in the form of blockchain.

21. An electronic device, comprising: At least one processor; as well as A memory communicatively connected to the at least one processor; wherein, The memory stores instructions executable by the at least one processor, which, when executed by the at least one processor, enables the at least one processor to perform the method of any one of claims 1 to 5, or to perform the method of any one of claims 6 to 10.

22. A non-transitory computer-readable storage medium storing computer instructions, wherein, The computer instructions are used to cause the computer to perform the method of any one of claims 1 to 5, or to perform the method of any one of claims 6 to 10.

23. A computer program product comprising a computer program that, when executed by a processor, implements the steps of the method according to any one of claims 1 to 5, or implements the steps of the method according to any one of claims 6 to 10.