AI-driven Personalized Privacy Assistants: a Systematic Literature Review
Victor Morel, Leonardo Iwaya, Simone Fischer-Hübner
TL;DR
The paper addresses the lack of a systematic study on AI-driven Personalized Privacy Assistants (PPAs) by conducting an SLR that identifies 41 relevant works from 2013–2025 and classifies them across decisions, AI technology, data sources, system contexts, architecture, and evaluation. It introduces a comprehensive classification framework, charts empirical evidence, and highlights gaps in evaluation, privacy-by-design, and explainability while outlining actionable recommendations for designers and researchers. The findings show a predominance of non-inherently transparent AI, reliance on diverse data sources, and a broad but uneven coverage of system contexts, with notable gaps in legal considerations and real-world usability assessments. The work provides a foundation for standardized evaluation, privacy-preserving design, and responsible use of emerging AI capabilities (including LLMs) in privacy decision support, with implications for researchers, practitioners, and policy makers.
Abstract
In recent years, several personalized assistants based on AI have been researched and developed to help users make privacy-related decisions. These AI-driven Personalized Privacy Assistants (AI-driven PPAs) can provide significant benefits for users, who might otherwise struggle with making decisions about their personal data in online environments that often overload them with different privacy decision requests. So far, no studies have systematically investigated the emerging topic of AI-driven PPAs, classifying their underlying technologies, architecture and features, including decision types or the accuracy of their decisions. To fill this gap, we present a Systematic Literature Review (SLR) to map the existing solutions found in the scientific literature, which allows reasoning about existing approaches and open challenges for this research field. We screened several hundred unique research papers over the recent years (2013-2025), constructing a classification from 41 included papers. As a result, this SLR reviews several aspects of existing research on AI-driven PPAs in terms of types of publications, contributions, methodological quality, and other quantitative insights. Furthermore, we provide a comprehensive classification for AI-driven PPAs, delving into their architectural choices, system contexts, types of AI used, data sources, types of decisions, and control over decisions, among other facets. Based on our SLR, we further underline the research gaps and challenges and formulate recommendations for the design and development of AI-driven PPAs as well as avenues for future research.