Has the GDPR hype affected users’ reaction to cookie disclaimers?

For many years, cookies have been widely used by websites, storing information about users’ behaviour. While enabling additional functionality and potentially improving user experience, cookies can be a threat to users’ privacy, especially cookies used by third parties for data analysis. Websites providers are legally required to inform users about cookie use by displaying a so-called cookie disclaimer. We conducted a survey study in 2017 to investigate how users perceive this disclaimer and whether it affects their actual behaviour. We found that while most participants had negative feelings towards the disclaimer, the disclaimer text had no significant effect on their decision to leave the website. Since the extensive media coverage of data protection issues that accompanied the EU General Data Protection Regulation (GDPR) entry into force in May 2018 may have sensitized users to privacy protection, we conducted a follow-up study in December 2018. Our results suggest that users did not change their attitude towards cookie use in favour of privacy protection, but got even more accustomed to the use of cookies, also by third parties. Moreover, many users seem to have misconceptions regarding cookie use. We discuss the implications of our results for the users’ right to make an informed decision about their privacy.

Download Full-text

Between Privacy Protection and Data Progression - The GDPR in the Context of People Analytics

MaRBLe ◽

10.26481/marble.2018.v4.648 ◽

2018 ◽

Vol 4 ◽

Author(s):

Nella Junge

Keyword(s):

Human Resources ◽

Data Protection ◽

Privacy Protection ◽

Data Sources ◽

Privacy Concerns ◽

General Data Protection Regulation ◽

General Data

New analytical capabilities have revolutionized the field of Human Resources (HR). With the incessant creation of data and data sources, a new field of practice has developed: people analytics.However, people analytics raises crucial privacy concerns for employees. The new General Data Protection Regulation (GDPR) is supposed to provide more transparency and stronger protection for individuals. By conducting interviews with experts in people analytics and carrying out a survey with people analytics practitioners, this paper examines how the GDPR can be expected to affect organisations using people analytics and their employees. The results of this research indicate that the GDPR will provide stronger privacy and data protection for employees and still allow organisations to conduct people analytics.

Download Full-text

Distortion in Real-World Analytic Processes

10.31219/osf.io/psz9y ◽

2019 ◽

Author(s):

Peter Kieseberg ◽

Lukas Daniel Klausner ◽

Andreas Holzinger

Keyword(s):

Machine Learning ◽

Big Data ◽

Learning Environments ◽

Real World ◽

Data Protection ◽

Privacy Protection ◽

Data Analytics ◽

Big Data Analytics ◽

General Data Protection Regulation ◽

General Data

In discussions on the General Data Protection Regulation (GDPR), anonymisation and deletion are frequently mentioned as suitable technical and organisational methods (TOMs) for privacy protection. The major problem of distortion in machine learning environments, as well as related issues with respect to privacy, are rarely mentioned. The Big Data Analytics project addresses these issues.

Download Full-text

Your Data Is My Data: A Framework for Addressing Interdependent Privacy Infringements

Journal of Public Policy & Marketing ◽

10.1177/0743915619858924 ◽

2019 ◽

Vol 38 (4) ◽

pp. 433-450 ◽

Cited By ~ 7

Author(s):

Bernadette Kamleitner ◽

Vince Mitchell

Keyword(s):

Data Protection ◽

Privacy Protection ◽

Personal Information ◽

The European Union ◽

Current Policy ◽

General Data Protection Regulation ◽

Major Threat ◽

Fourth Class ◽

General Data ◽

Multiple Actors

Everyone holds personal information about others. Each person’s privacy thus critically depends on the interplay of multiple actors. In an age of technology integration, this interdependence of data protection is becoming a major threat to privacy. Yet current regulation focuses on the sharing of information between two parties rather than multiactor situations. This study highlights how current policy inadequacies, illustrated by the European Union General Data Protection Regulation, can be overcome by means of a deeper understanding of the phenomenon. Specifically, the authors introduce a new phenomenological framework to explain interdependent infringements. This framework builds on parallels between property and privacy and suggests that interdependent peer protection necessitates three hierarchical steps, “the 3Rs”: realize, recognize, and respect. In response to observed failures at these steps, the authors identify four classes of intervention that constitute a toolbox addressing what can be done by marketers, regulators, and privacy organizations. While the first three classes of interventions address issues arising from the corresponding 3Rs, the authors specifically advocate for a fourth class of interventions that proposes radical alternatives that shift the responsibilities for privacy protection away from consumers.

Download Full-text

After the Max Schrems case(CJEU), the contents of the EU General Data Protection Regulation (GDPR) and Its Implications for the Personal Information Protection Acts in Korea - focusing on A Comparative Study of Transferring Personal Data to Third Parties Abroad -

The Institute for Legal Studies ◽

10.18018/hylr.2019.36.1.211 ◽

2019 ◽

Vol 36 (1) ◽

pp. 211-249

Author(s):

Sang Yook Cha

Keyword(s):

Comparative Study ◽

Data Protection ◽

Personal Information ◽

Personal Data ◽

Third Parties ◽

Information Protection ◽

General Data Protection Regulation ◽

General Data ◽

The Eu ◽

Personal Information Protection

Download Full-text

Blockchain and Privacy Protection in the Case of the European General Data Protection Regulation (GDPR): A Delphi Study

The Journal of British Blockchain Association ◽

10.31585/jbba-1-1-(4)2018 ◽

2018 ◽

Vol 1 (1) ◽

pp. 1-77 ◽

Cited By ~ 8

Author(s):

Simon Schwerin

Keyword(s):

Data Protection ◽

Delphi Study ◽

Privacy Protection ◽

General Data Protection Regulation ◽

General Data

Download Full-text

The Kaleidoscope of Privacy: Differences across French, German, UK, and US GDPR Media Discourse

10.31235/osf.io/4anzs ◽

2021 ◽

Author(s):

Mary Sanford ◽

Taha Yasseri

Keyword(s):

Data Protection ◽

Media Coverage ◽

Regional Differences ◽

Digital Tools ◽

Media Discourse ◽

The European Union ◽

General Data Protection Regulation ◽

Internet Age ◽

General Data ◽

Trends Over Time

Conceptions of privacy differ by culture. In the Internet age, digital tools continuously challenge the way users, technologists, and governments define, value, and protect privacy. National and supranational entities attempt to regulate privacy and protect data managed online. The European Union passed the General Data Protection Regulation (GDPR), which took effect on 25 May 2018. The research presented here draws on two years of media reporting on GDPR from French, German, UK, and US sources. We use the unsupervised machine learning method of topic modelling to compare the thematic structure of the news articles across time and geographic regions. Our work emphasises the relevance of regional differences regarding valuations of privacy and potential obstacles to the implementation of unilateral data protection regulation such as GDPR. We find that the topics and trends over time in GDPR media coverage of the four countries reflect the differences found across their traditional privacy cultures.

Download Full-text