Recommended Citation
Eleanor Birrell, Jay Rodolitz, Angel Ding, Jenna Lee, Emily McReynolds, Jevan Hutson & Ada Lerner, SoK: Technical Implementation and Human Impact of Internet Privacy Regulations, 2024 IEEE Symposium on Security and Privacy, IEEE, DOI 10.1109/SP54263.2024.00182 (2024)
SoK: Technical Implementation and Human Impact of Internet Privacy Regulations
Keywords
SoK, Privacy Regulations, Data Protection, Usable Privacy, Measurements
Document Type
Article
Abstract
Growing recognition of the potential for exploitation of personal data and of the shortcomings of prior privacy regimes has led to the passage of a multitude of new privacy regulations. Some of these laws—notably the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA)—have been the focus of large bodies of research by the computer science community, while others have received less attention. In this work, we analyze a set of 24 privacy laws and data protection regulations drawn from around the world—both those that have frequently been studied by computer scientists and those that have not—and develop a taxonomy of rights granted and obligations imposed by these laws. We then leverage this taxonomy to systematize 270 technical research papers published in computer science venues that investigate the impact of these laws and explore how technical solutions can complement legal protections. Finally, we analyze the results in this space through an interdisciplinary lens and make recommendations for future work at the intersection of computer science and legal privacy.