Home
Demo Introduction/Abstract Methods Discussion/Conclusion Meet the Team

Agentic Privacy Control Center

Privacy settings are buried, confusing, and inconsistent, so we built an AI that finds them for you.

Our Agentic Privacy Control Center automatically crawls major platforms like Reddit, Twitter/X, and Instagram, maps their hidden privacy controls into an interactive dashboard, and lets you change them with a single prompt. It helps end users, researchers, and privacy auditors understand controls faster and apply verified changes without platform-specific scripting.

Report document iconReport PDF Code repository iconCode Repo Artifact repository iconArtifact Repo Visualization dashboard iconDashboard Dataset iconDataset CSV Demo video iconDemo Video

Key Results

Demo

Watch the end-to-end walkthrough of the dashboard and agent workflow.

Demo Video

The code repository is linked above and includes detailed instructions for installing and running the Agentic Privacy Control Center.

Introduction and Abstract

Modern digital platforms offer extensive privacy controls, yet in practice managing these settings is still difficult. Privacy options are often buried in platform-specific menus, described inconsistently, and distributed across multiple pages and confirmation dialogs.

This project reframes privacy configuration as a systems problem: automatically discover settings, normalize them into a common representation, and expose them through a centralized interface that supports both understanding and action.

The Agentic Privacy Control Center combines structured extraction, visualization, and browser-based agentic execution to help users and researchers inspect privacy settings across platforms without writing custom automation for each site.

Problem

Privacy controls exist, but accessibility and clarity remain significant barriers. Existing workflows typically require manual navigation, platform-specific knowledge, and repeated review of unclear option text before users can make informed decisions.

Motivation and Contribution

We propose an agentic privacy control center with two user-facing components: an interactive dashboard for cross-platform privacy setting exploration and an agentic chatbot that takes user requests through UI interaction or command-based inputs and executes setting changes in the browser.

Key Contributions

  • End-to-end pipeline for discovering and extracting privacy settings from heterogeneous interfaces.
  • Normalized cross-platform privacy settings database for comparison and downstream analysis.
  • Interactive dashboard for browsing settings by platform and privacy category.
  • Planner-executor-verifier agent workflow for privacy setting modification without platform-specific hard-coding.
  • Prototype validation showing reliable navigation of confirmation flows and UI variation.

System Overview

The system operates in three stages: collect settings from platform interfaces, structure the outputs into a shared schema, and expose the results through visualization and an agentic control layer.

  • Extraction: deterministic crawling and vision-assisted parsing of settings pages.
  • Normalization: semantic labeling and storage in a unified database.
  • Interaction: dashboard inspection plus agentic execution for user-requested changes.

Abstract

Privacy by Design is increasingly important, but operationalizing privacy reviews and user configuration remains labor-intensive and difficult to scale. We present the Agentic Privacy Control Center, an end-to-end system that automatically discovers, structures, visualizes, and actuates privacy settings across online platforms. Our pipeline combines interface crawling, vision-based setting extraction, semantic classification, and a planner-executor-verifier browser agent powered by large language models. The resulting normalized settings database supports centralized inspection and safe privacy setting modification, demonstrating how agentic systems can serve as scalable intermediaries for privacy analysis and configuration workflows.

Scope

  • Included: cross-platform settings discovery, normalization, dashboard inspection, and verified agentic browser actions.
  • Not included: full production hardening, complete platform coverage, or automated legal/policy determinations.
  • Current stage: prototype validation focused on workflow reliability and interpretability.

Methods

We built the system as a modular pipeline spanning data collection, structured storage, dashboard visualization, and agentic execution. The implementation is designed to support cross-platform privacy settings without tightly coupling logic to a single interface.

Our system is built on top of Google Gemini for three core reasoning tasks: guiding the crawler toward privacy-relevant pages, classifying extracted settings into semantic categories, and interpreting user commands in the chatbot. The crawler logic, normalization pipeline, database schema, dashboard, and planner-executor-verifier architecture were designed and built by our team.

Data Pipeline

The data pipeline focuses on discovering privacy settings pages, extracting candidate controls, and transforming those observations into a normalized dataset that can be compared across platforms.

The current database spans settings collected from Facebook, LinkedIn, Reddit, Spotify, and Twitter/X; source platform links are listed in the References section.

  • Deterministic interface crawling to traverse settings menus and collect page-level evidence.
  • Vision/text extraction to capture labels, control types, and surrounding context from heterogeneous user interfaces (UIs).
  • Semantic categorization into shared privacy themes (e.g., visibility, authentication, data collection).
  • Structured storage in a cross-platform schema to support dashboard queries and agent planning.
Pipeline figure showing screenshot extraction, page-to-URL mapping, Gemini classification, and saved settings data.
Figure: Pipeline that extracts settings information from crawler screenshots, classifies each setting into semantic categories, and outputs per-setting records in a CSV for downstream analysis, visualization, and actuation.

Dashboard and Visualization

We developed an interactive dashboard that provides a centralized view of extracted privacy settings and categories, making it easier to compare platform behavior and identify actionable controls.

Explore the live dashboard here: Visualization Dashboard.

  • We developed an interactive dashboard that visualizes privacy settings across platforms, allowing users to explore categories such as data collection, authentication, and visibility controls. The dashboard transforms complex privacy configurations across platforms into a clear centralized overview to support informed decision making.
  • Designed for fast inspection by both users (configuration support) and researchers (comparative analysis).
  • Backed by the normalized schema so interface differences do not break the high-level view.

Agent Workflow

The agentic layer translates user requests into browser actions using a planner-executor-verifier pattern. This enables the system to adapt to interface variation while preserving safety checks before and after setting updates.

  • Planner: interprets user intent and maps it to candidate platform settings and actions.
  • Executor: navigates the platform UI, interacts with controls, and handles multi-step flows.
  • Verifier: confirms that the intended setting state was reached and flags ambiguities.
  • Supports confirmation dialogs and heterogeneous layouts without platform-specific hard-coded scripts.
Agentic privacy assistant interface for selecting platforms, browsing privacy categories, and issuing privacy-setting commands.
Figure: Agentic privacy assistant interface used to locate and modify privacy settings. The system interprets user commands, generates structured action plans, and executes user-interface interactions through a browser automation framework.
System architecture diagram showing user request, Gemini-assisted data loading, setting selection, web execution, and save-and-return flow.
Figure: Architecture used to safely modify privacy settings. User selection of settings allows the Gemini-enabled bot to leverage the database for settings changes before executing actions on the web and returning the result.

Evaluation / Validation

Validation is documented in the companion project repository. We validated core components through automated tests, visible reporting artifacts, and reproducible repository workflows.

The current report artifacts also provide a compact quantitative snapshot of dataset coverage: 623 total settings across 5 platforms — Facebook (91), LinkedIn (320), Reddit (50), Spotify (49), and Twitter/X (113) — with 623/623 categorized settings (100%). Among them, 4 records are missing URLs and 89 records are missing layer metadata.

  • Automated tests check key schema, mapping, and output assumptions so extraction and downstream data products stay structurally consistent.
  • Repository-level workflows surface validation in a repeatable way, making it easier to inspect whether tests and reports are present and passing.
  • Coverage reports show platform breadth spanning Facebook, LinkedIn, Reddit, Spotify, and TwitterX.

Discussion and Conclusion

Key results, interpretation, limitations, and future work.

Key Results and Insights

The prototype shows that privacy settings can be treated as a cross-platform structured problem rather than a collection of one-off manual workflows. Combining normalization with agentic execution creates a useful bridge between privacy analysis and direct configuration.

  • Agentic browser automation can navigate heterogeneous privacy interfaces with limited platform-specific logic.
  • A normalized settings database improves interpretability and supports comparison across platforms.
  • Verification steps are essential when executing privacy changes to reduce ambiguity and user risk.

Limitations

  • Prototype coverage is limited by platform variation, UI changes, and access/authentication constraints.
  • Vision/large language model (LLM)-based interpretation may misread labels or intent in ambiguous interfaces.
  • Validation is currently high-level and should be expanded with broader platform and task benchmarks.
  • Safety and rollback mechanisms need stronger guarantees before production deployment.

Account Deletion vs. Privacy Friction

In U.S. Federal Trade Commission (FTC) v. Amazon.com, Inc., the FTC alleged that Amazon intentionally designed the Prime cancellation flow to be multi-step and confusing in order to deter users from canceling. This raises a broader ethical question: at what point does user friction become manipulation? Our comparison of deletion click depth versus privacy access depth highlights asymmetries in user effort that may indicate intentional design bias.

Chart comparing clicks required to delete an account versus mean clicks needed to access privacy settings across multiple platforms.
Figure: Comparison of user effort required to delete an account versus access privacy settings across Meta, LinkedIn, and TwitterX, highlighting how deletion often requires substantially more steps.

Notification Volume vs. Privacy Strength

While platforms such as LinkedIn provide extensive communication and notification settings (e.g., in-app notifications, push notifications, email preferences, frequency controls), the majority of these controls govern delivery rather than data exposure. An abundance of configuration options does not necessarily translate to meaningful privacy protections.

Radar chart showing LinkedIn privacy settings categories and the relative emphasis of notification controls versus direct privacy controls.
Figure: LinkedIn privacy radar map showing that notification and communication controls are more prominent than settings that directly govern data exposure and privacy strength.

Default-Enabled vs. Default-Disabled Settings

We also compared how often privacy-relevant settings appear as default-enabled versus default-disabled across platforms. A consistent pattern in our collected settings is that default-enabled states are more common. One possible explanation is that default-on configurations reduce setup friction for the platform, preserve engagement and data-sharing pathways unless a user actively opts out.

Chart comparing the number of default-enabled and default-disabled privacy settings across platforms.
Figure: Comparison of default-enabled versus default-disabled privacy settings across platforms, showing that default-enabled states are more common in the collected data.

Future Work

Future work includes expanding platform coverage, improving semantic labeling quality, strengthening verifier and rollback behavior, and running more systematic evaluations of success rate, robustness, and user trust. A longer-term direction is integrating policy-aware guidance so the system can explain tradeoffs between convenience, visibility, and data sharing before applying changes.

Tools & Data Credits

  • Playwright: browser automation for deterministic and agentic interaction flows.
  • Chainlit: chat interface used to run and inspect interactive agent workflows.
  • Gemini (Google): model support for extraction and agent reasoning tasks.
  • Case-study evidence: public platform settings interfaces and FTC Prime-cancellation case materials.

References

  1. FTC press release on FTC v. Amazon Prime cancellation case
  2. Playwright documentation
  3. Chainlit documentation
  4. Google AI / Gemini developer documentation
  5. Facebook
  6. LinkedIn
  7. Reddit
  8. Spotify
  9. Twitter/X

Meet the Team

Sebastian Ferragut

Led the initial crawler prototype, designed and implemented the agentic chatbot (planner-executor-verifier), and supported end-to-end system integration and project coordination.

ferragut.sebastian@gmail.com GitHub

Nian-Nian Wang

Built the Gemini-powered database pipeline to extract UI text/state from screenshots, reconstruct URLs, annotate click depth, and semantically categorize settings for chatbot and dashboard use.

niw002@ucsd.edu GitHub

Jesse Huang

Improved crawler success rate to reach toggle pages, increased Gemini steering robustness, added click-count depth proxies, and cleaned/verified screenshot and URL captures for database ingestion.

jeh027@ucsd.edu GitHub

Jimmy Huang

Led treemap and supporting visualization development, implemented cross-platform interaction views, and collaborated on fitting the visualization into the website experience.

jih103@ucsd.edu GitHub

Arya Verma

Co-implemented the visualization dashboard with a focus on website design and data compartmentalization, refining the interface to better communicate privacy design insights to technical and non-technical audiences.

a5verma@ucsd.edu GitHub

Site Repository