This work addresses a critical limitation in existing privacy policy analysis methods, which neglect the hierarchical structure of policy documents, often leading to incorrect associations between data items and their specific purposes. To overcome this, the authors propose PrivSTRUCT, a novel framework that systematically leverages the section-level structure of privacy policies as a key signal. PrivSTRUCT introduces a structure-aware encoder-decoder architecture capable of precisely extracting fine-grained purposes for data collection and sharing while preserving the original document hierarchy. Evaluated on 3,756 Android applications, PrivSTRUCT extracts more than twice as many accurate data-purpose pairs as the current state-of-the-art tool and uncovers a pervasive issue of under-disclosure: sensitive third-party data flows are frequently obscured through vague categorization.

Existing research typically treats privacy policies as flat, uniform text, extracting information without regard for the document's logical hierarchy. Disregard for structural cues of section headings designed to guide the reader, often leads automated methods to entangle distinct data practices, particularly when linking sensitive data items to their specific purposes. To address this, we introduce PrivSTRUCT, a novel and systematic encoder and decoder combined framework that to untangle complex privacy disclosures. Benchmarking against the state-of-the-art tool PoliGrapher reveals that PrivSTRUCT robustly extracts more than x2 the number of data item and purpose excerpts while retaining developer-defined structural cues. By applying PrivSTRUCT to a large-scale dataset of 3,756 Android apps, we uncover a critical transparency gap: the probability of developers overstating a data purpose is 20.4% higher for first-party collection and 9.7% higher for third-party sharing when they rely on globally defined purposes rather than specific, locally scoped disclosures. Alarmingly, we find that sensitive third-party data flows such as sharing financial data for analytics are frequently diluted and entangled into generic or unrelated categories, highlighting a persistent failure in the current purpose disclosure landscape.