The GDPR as <i>Global</i> Data Protection Regulation?

Ryngaert, Cedric; Taylor, Mistale

doi:10.1017/aju.2019.80

Cited by 27 publications

(18 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The DPD set out the circumstances and principles under which personal data can be lawfully processed and transferred; recognized the rights of individuals in accessing, controlling, and obtaining information about their data; and called on member states to monitor the application of the Directive within their territories through independent, public data protection authorities. The paradigm for regulating personal data spread to over 30 countries and influenced data protection globally (Ryngaert & Taylor 2020). However, balancing the dual objectives of protecting the right to privacy and establishing an internal digital market proved challenging, especially with constant social and technological change (Robinson et al 2009;Lynskey 2013).…”

Section: Placing the Regulation On The Legislative Agendamentioning

confidence: 99%

“…As a case of technology regulation despite significant lobbying and opposition, the GDPR presents an opportunity to examine the interaction among forces that affect the regulatory process. Further, the regulation has high policy significance as it is likely to have a long‐term effect on the regulation of personal data not only in the EU but around the world (Ryngaert & Taylor 2020).…”

Section: Introduction: the Regulation Of Emerging Technologiesmentioning

confidence: 99%

See 1 more Smart Citation

Why and how does the regulation of emerging technologies occur? Explaining the adoption of the EU General Data Protection Regulation using the multiple streams framework

Goyal

Howlett

Taeihagh

2021

Regulation & Governance

View full text Add to dashboard Cite

Why and how the regulation of emerging technologies occurs is not clear in the literature. In this study, we adapt the multiple streams frameworkoften used for explaining agenda-setting and policy adoptionto examine the phenomenon. We hypothesize how technological change affects policy-making and identify conditions under which the streams can be (de-) coupled. We trace the formulation of the General Data Protection Regulation to show that the regulation occupied the legislative agenda when a policy window was exploited through policy entrepreneurship to frame technological change as a problem for data privacy and legislative harmonization within the European Union. Although constituencies interested in promoting internet technologies made every effort to stall the regulation, various actors, activities, and events helped the streams remain coupled, eventually leading to its adoption. We conclude that the alignment of problem, policy, politics, and technologythrough policy entrepreneurshipinfluences the timing and design of technology regulation.

show abstract

Section: Placing the Regulation On The Legislative Agendamentioning

confidence: 99%

Section: Introduction: the Regulation Of Emerging Technologiesmentioning

confidence: 99%

Why and how does the regulation of emerging technologies occur? Explaining the adoption of the EU General Data Protection Regulation using the multiple streams framework

Goyal

Howlett

Taeihagh

2021

Regulation & Governance

View full text Add to dashboard Cite

show abstract

“…First, defining and measuring privacy is not straightforward. There are many contrasting definitions, and each lend themselves to competing measurement proxies (Belanger and Crossler, 2011; Finn et al, 2013; Moore, 2008; Pavlou, 2011; Ryngaert and Taylor, 2020; Smith et al, 2011; Van Den Hoven, 2008). Second, many individuals are willing to concede privacy as part of an economic exchange for products and services (Acquisti et al, 2016; Awad and Krishnan, 2006; Posner, 1981; Sutanto et al, 2013).…”

Section: Privacy and The Regulation Of Emerging Technologiesmentioning

confidence: 99%

Those who control the code control the rules: How different perspectives of privacy are being written into the code of blockchain systems

Renwick

Gleasure

2020

Journal of Information Technology

View full text Add to dashboard Cite

Blockchain systems afford new privacy capabilities. This threatens to create conflict, as different social groups involved in blockchain development often disagree on which capabilities specific systems should enact. This article adopts a boundary object perspective to make sense of disagreements between collaborating social worlds. We perform a case study of privacy attitudes among collaborating actors in Monero, a cryptocurrency community that emphasises privacy and decentralisation alongside a set of values sometimes described as anti-establishment, crypto-anarchist, and/or cypherpunk. The case study performs a series of interviews with users, developers, cryptographic researchers, corporate architects, and government regulators. Three novel and important findings emerge. The first is that none of the social worlds express a desire to monitor routine transactions, despite the obvious business and tax-collection value of such data. The second is that regulators are happy to postpone active involvement, based on the flawed assumption they can impose privacy-related regulation later, once risks have become clear. Such regulation may not be possible as protocols and rulesets currently being coded into the system may be impossible to amend in the future (unless they can obtain either developer or network consensus). The third is that regulators assume methods for overseeing extraordinary transaction are necessary to avoid widespread, near-effortless money laundering. Yet, each of the other social worlds is operating under the assumption that this trade-off has already been accepted. These findings demonstrate subtle power transitions and changes in privacy attitudes that have implications for research on blockchain, management, and boundary objects in general.

show abstract

“…Norway). The far-reaching scope of the regulation may be attributed to the principle of territoriality, which effectively protects every EU citizen with the GDPR even if the data processing party is non-EU related [34]. Thus, researchers from other countries must comply with GDPR if European participants are included in the study.…”

Section: Research Ethics and Data Protection -Authorities And Guidelinesmentioning

confidence: 99%

Two Years After: A Scoping Review of GDPR Effects on Serious Games Research Ethics Reporting

Jost

Lampert

2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

On May 25th, 2018, the EU General Data Protection Regulation (GDPR) came into force. Recognised as a comprehensive regulation for improving privacy and data protection, a substantial impact on data processing disciplines such as Serious Games (SG) research was expected.By conducting a scoping review, this paper explores the effects of GDPR on reporting of ethics approval, informed consent, ethics guidelines and data protection in SG studies. Five scientific databases were searched for research between 2016 and 2020 addressing Serious Games, Exergames and Applied Games. A total of 2146 full-text studies split into equal collections before and after GDPR were included. Lexicometric and keyword-in-context analysis were conducted and comparatively evaluated regarding ethics reporting and trends.Results unexpectedly show that GDPR so far hardly left a mark. While a slight increase of 12% in general ethics reporting can be observed, less than 6% of the studies after GDPR coming-into-force report on data protection. Ethics procedures remained consistent with most researchers reporting the approval from their home university committee and stating the Declaration of Helsinki as followed guidelines. Overall, the verifiable impact of GDPR was found negligibly small, with only 0.5% of studies referring to the regulation in the two years after introduction. Conclusively, further research is suggested to focus on integrating ethics and data protection guided on GDPR from an early conceptual stage to the reporting of the findings.

show abstract

The GDPR as Global Data Protection Regulation?

Cited by 27 publications

References 0 publications

Why and how does the regulation of emerging technologies occur? Explaining the adoption of the EU General Data Protection Regulation using the multiple streams framework

Why and how does the regulation of emerging technologies occur? Explaining the adoption of the EU General Data Protection Regulation using the multiple streams framework

Those who control the code control the rules: How different perspectives of privacy are being written into the code of blockchain systems

Two Years After: A Scoping Review of GDPR Effects on Serious Games Research Ethics Reporting

Contact Info

Product

Resources

About