skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: The Impact of the General Data Protection Regulation on Internet Interconnection
The Internet comprises thousands of independently operated networks, interconnected using bi-laterally negotiated data exchange agreements. The European Union (EU)'s General Data Protection Regulation (GDPR) imposes strict restrictions on handling of personal data of European Economic Area (EEA) residents. A close examination of the text of the law suggests significant cost to application firms. Available empirical evidence confirms reduction in data usage in the EEA relative to other markets. We investigate whether this decline in derived demand for data exchange impacts EEA networks' decisions to interconnect relative to those of non-EEA OECD networks. Our data consists of a large sample of interconnection agreements between networks globally in 2015–2019. All evidence estimates zero effects: the number of observed agreements, the inferred agreement types, and the number of observed IP-address-level inter-connection points per agreement. We also find economically small effects of the GDPR on the entry and the observed number of customers of networks. We conclude there is no visible short run effects of the GDPR on these measures at the internet layer.  more » « less
Award ID(s):
1724853
PAR ID:
10351125
Author(s) / Creator(s):
; ; ;
Date Published:
Journal Name:
SSRN Electronic Journal
ISSN:
1556-5068
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; (, ACM SIGCOMM Computer Communication Review)
    On 16-17 December 2020, CAIDA hosted the 11th interdisciplinary Workshop on Internet Economics (WIE) in a virtual Zoom conference. This year our goal was to gather feedback from researchers on their experiences using CAIDA’s data for economics or policy research. We invited all researchers who reported use of CAIDA data in these disciplines. We discussed their successes and challenges of using the data, and how CAIDA could help these fields via Internet measurement and data curation. To avoid Zoom fatigue, we had a conversation-focused rather than presentation-focused workshop. Research topics we discussed included: Internet data for macroeconomics; connectivity and its effect on economic interdependence; effects of the EU’s new GDPR on internet interconnection; measuring corporate cyber risk; measuring work-from-home trends; measuring the economic value of open source software; and more generally how to best support evidence-based policymaking. 
    more » « less
  2. (, Frontiers in artificial intelligence and applications)
    Villata, S. (Ed.)
    The European Union’s General Data Protection Regulation (GDPR) has compelled businesses and other organizations to update their privacy policies to state specific information about their data practices. Simultaneously, researchers in natural language processing (NLP) have developed corpora and annotation schemes for extracting salient information from privacy policies, often independently of specific laws. To connect existing NLP research on privacy policies with the GDPR, we introduce a mapping from GDPR provisions to the OPP-115 annotation scheme, which serves as the basis for a growing number of projects to automatically classify privacy policy text. We show that assumptions made in the annotation scheme about the essential topics for a privacy policy reflect many of the same topics that the GDPR requires in these documents. This suggests that OPP-115 continues to be representative of the anatomy of a legally compliant privacy policy, and that the legal assumptions behind it represent the elements of data processing that ought to be disclosed within a policy for transparency. The correspondences we show between OPP-115 and the GDPR suggest the feasibility of bridging existing computational and legal research on privacy policies, benefiting both areas. 
    more » « less
  3. ; ; ; (, Frontiers in artificial intelligence and applications)
    null (Ed.)
    The European Union’s General Data Protection Regulation (GDPR) has compelled businesses and other organizations to update their privacy policies to state specific information about their data practices. Simultaneously, researchers in natural language processing (NLP) have developed corpora and annotation schemes for extracting salient information from privacy policies, often independently of specific laws. To connect existing NLP research on privacy policies with the GDPR, we introduce a mapping from GDPR provisions to the OPP-115 annotation scheme, which serves as the basis for a growing number of projects to automatically classify privacy policy text. We show that assumptions made in the annotation scheme about the essential topics for a privacy policy reflect many of the same topics that the GDPR requires in these documents. This suggests that OPP-115 continues to be representative of the anatomy of a legally compliant privacy policy, and that the legal assumptions behind it represent the elements of data processing that ought to be disclosed within a policy for transparency. The correspondences we show between OPP-115 and the GDPR suggest the feasibility of bridging existing computational and legal research on privacy policies, benefiting both areas. 
    more » « less
  4. ; ; (, Provenance and Annotation of Data and Processes)
    The European Union (EU) General Data Protection Regulation (GDPR) has expanded data privacy regulations regarding personal data for over half a billion EU citizens. Given the regulation’s effectively global scope and its significant penalties for non-compliance, systems that store or process personal data in increasingly complex workflows will need to demonstrate how data were generated and used. In this paper, we analyze the GDPR text to explicitly identify a set of central challenges for GDPR compliance for which data provenance is applicable; we introduce a data provenance model for representing GDPR workflows; and we present design patterns that demonstrate how data provenance can be used realistically to help in verifying GDPR compliance. We also discuss open questions about what will be practically necessary for a provenance-driven system to be suitable under the GDPR. 
    more » « less
  5. ; (, IEEE Internet of Things Journal)
    null (Ed.)
    Cities have circumvented privacy norms and deployed sensors to track vehicles via toll transponders (like E-Zpass tags). The ethical problems regarding these practices have been highlighted by various privacy advocacy groups. The industry however, has yet to implement a standard privacy protection regime to protect users’ data. Further, existing risk management models do not adequately address user-controlled data sharing requirements. In this paper, we consider the challenges of protecting private data in the Internet of Vehicles (IoV) and mobile edge networks. Specifically, we present a privacy risk reduction model for electronic toll transponder data. We seek to preserve driver privacy while contributing to intelligent transportation infrastructure congestion automation schemes. We thus propose TollsOnly, a fully homomorphic encryption protocol. TollsOnly is expected to be a post-quantum privacy preservation scheme. It enables users to share specific data with smart cities via blockchain technology. TollsOnly protects driver privacy in compliance with the European General Data Protection Regulation (GDPR) and the California Consumer Privacy Act. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email