Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Automated Boilerplate: Prevalence and Quality of Contract Generators in the Context of Swiss Privacy Policies

Luka Nenadic, David Rodriguez

TL;DR

The paper addresses rising regulatory burdens on firms, especially small ones, by studying the prevalence and quality of contract generators in the Swiss privacy-law context. It introduces a multilingual benchmark and a GPT-5–based method to assess large-scale compliance of privacy policies, enabling measurement of the 2023 Swiss FADP revision’s impact. The study finds generators used on about 18% of Swiss-facing websites and associated with up to $15$ percentage-point improvements in compliance, offering evidence for cross-lingual legal analysis and regulatory diffusion (the Brussels Effect) while highlighting the role of automation in improving policy quality. These results inform policy debates on public generator provision, cross-jurisdictional legal diffusion, and the potential for LLM-based, multilingual compliance assessment in contract drafting. The authors also release their benchmark and methodology for reproducibility and further research.

Abstract

It has become increasingly challenging for firms to comply with a plethora of novel digital regulations. This is especially true for smaller businesses that often lack both the resources and know-how to draft complex legal documents. Instead of seeking costly legal advice from attorneys, firms may turn to cheaper alternative legal service providers such as automated contract generators. While these services have a long-standing presence, there is little empirical evidence on their prevalence and output quality. We address this gap in the context of a 2023 Swiss privacy law revision. To enable a systematic evaluation, we create and annotate a multilingual benchmark dataset that captures key compliance obligations under Swiss and EU privacy law. Using this dataset, we validate a novel GPT-5-based method for large-scale compliance assessment of privacy policies, allowing us to measure the impact of the revision. We observe compliance increases indicating an effect of the revision. Generators, explicitly referenced by 18% of local websites, are associated with substantially higher levels of compliance, with increases of up to 15 percentage points compared to privacy policies without generator use. These findings contribute to three debates: the potential of LLMs for cross-lingual legal analysis, the Brussels Effect of EU regulations, and, crucially, the role of automated tools in improving compliance and contractual quality.

Automated Boilerplate: Prevalence and Quality of Contract Generators in the Context of Swiss Privacy Policies

TL;DR

The paper addresses rising regulatory burdens on firms, especially small ones, by studying the prevalence and quality of contract generators in the Swiss privacy-law context. It introduces a multilingual benchmark and a GPT-5–based method to assess large-scale compliance of privacy policies, enabling measurement of the 2023 Swiss FADP revision’s impact. The study finds generators used on about 18% of Swiss-facing websites and associated with up to percentage-point improvements in compliance, offering evidence for cross-lingual legal analysis and regulatory diffusion (the Brussels Effect) while highlighting the role of automation in improving policy quality. These results inform policy debates on public generator provision, cross-jurisdictional legal diffusion, and the potential for LLM-based, multilingual compliance assessment in contract drafting. The authors also release their benchmark and methodology for reproducibility and further research.

Abstract

It has become increasingly challenging for firms to comply with a plethora of novel digital regulations. This is especially true for smaller businesses that often lack both the resources and know-how to draft complex legal documents. Instead of seeking costly legal advice from attorneys, firms may turn to cheaper alternative legal service providers such as automated contract generators. While these services have a long-standing presence, there is little empirical evidence on their prevalence and output quality. We address this gap in the context of a 2023 Swiss privacy law revision. To enable a systematic evaluation, we create and annotate a multilingual benchmark dataset that captures key compliance obligations under Swiss and EU privacy law. Using this dataset, we validate a novel GPT-5-based method for large-scale compliance assessment of privacy policies, allowing us to measure the impact of the revision. We observe compliance increases indicating an effect of the revision. Generators, explicitly referenced by 18% of local websites, are associated with substantially higher levels of compliance, with increases of up to 15 percentage points compared to privacy policies without generator use. These findings contribute to three debates: the potential of LLMs for cross-lingual legal analysis, the Brussels Effect of EU regulations, and, crucially, the role of automated tools in improving compliance and contractual quality.

Paper Structure

This paper contains 30 sections, 4 figures, 11 tables.

Table of Contents

  1. Introduction
  2. Related Work
  3. Automated Contract Drafting
  4. The Brussels Effect
  5. Computational Analyses of Policies
  6. Datasets for Policy Analysis
  7. Legal Background
  8. Dataset
  9. Method
  10. Motivation
  11. Codebook and Annotations
  12. Method Design
  13. Method Validation
  14. Effects of the Revision
  15. Groups and Summary Statistics
  16. ...and 15 more sections

Figures (4)

  • Figure 1: F$_1$ score of GPT-5 by practice and language (with annotated dataset as ground truth).
  • Figure 2: Cluster analysis of policies by generator (Top 10) for October policies in German (N = 11 855).
  • Figure 3: Performance difference ($\Delta$F$_1$) between GPT-5 and GPT-4o across languages and obligations.
  • Figure 4: Translated excerpt from the latest available version of the SwissAnwalt policy generator (March 2023)