Eleanor Birrell, Pomona College; Jay Rodolitz, Northeastern University; Angel Ding, Wellesley College; Jenna Lee, University of Washington; Emily McReynolds, Future of Privacy Forum; Jevan Hutson, Hintze Law, PLLC; Ada Lerner, Northeastern University
Growing recognition of the potential for exploitation of personal data and of the shortcomings of prior privacy regimes has led to the passage of a multitude of new privacy regulations. Some of these laws - notably the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) - have been the focus of large bodies of research by the computer science community, while others have received less attention. In this work, we analyze a set of 24 privacy laws and data protection regulations drawn from around the world - both those that have frequently been studied by computer scientists and those that have not - and develop a taxonomy of rights granted and obligations imposed by these laws. We then leverage this taxonomy to systematize 270 technical research papers published in computer science venues that investigate the impact of these laws and explore how technical solutions can complement legal protections. Finally, we analyze the results in this space through an interdisciplinary lens and make recommendations for future work at the intersection of computer science and legal privacy.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.