[2511.07441] AudAgent: Automated Auditing of Privacy Policy Compliance in AI Agents

Computer Science > Cryptography and Security arXiv:2511.07441 (cs) [Submitted on 3 Nov 2025 (v1), last revised 28 Feb 2026 (this version, v4)] Title:AudAgent: Automated Auditing of Privacy Policy Compliance in AI Agents Authors:Ye Zheng, Yidan Hu View a PDF of the paper titled AudAgent: Automated Auditing of Privacy Policy Compliance in AI Agents, by Ye Zheng and 1 other authors View PDF HTML (experimental) Abstract:AI agents can autonomously perform tasks and, often without explicit user consent, collect or disclose users' sensitive local data, which raises serious privacy concerns. Although AI agents' privacy policies describe their intended data practices, there remains limited transparency and accountability about whether runtime behavior matches those policies. To bridge this gap, we present AudAgent, a tool that continuously monitors AI agents' data practices in real time and guards compliance with their stated privacy policies. AudAgent comprises four components for automated privacy auditing of AI agents. (i) Policy formalization: a novel cross-LLM voting mechanism that ensures high-confidence parsing of privacy policies into formal models. (ii) Runtime annotation: a lightweight Presidio-based analyzer that detects sensitive data and annotates data practices based on the AI agent's context and the formalized privacy policy model. (iii) Compliance auditing: ontology graphs and automata-based checking that link the privacy policy model with runtime annotations, enabl...