GGrantIndex
← Search

Collaborative Research: DASS: Empirically Evaluating Data Fiduciary Privacy Laws

$500,472FY2023SBENSF

Northeastern University, Boston MA

Investigators

Abstract

Over 160 countries have data privacy laws, yet threats to digital privacy remain a major concern. Research on computers, psychology, society, and the law validates this concern, finding that most of these laws take the same approach of offering people transparency and some measure of control over the use of their personal data. Unfortunately, research finds that this approach fails to protect privacy for many reasons, including people's lack of time and expertise to manage privacy across a vast number of online services and the ways that services undermine privacy rules as they implement them. Legal scholars have proposed alternate approaches to privacy law, but none of them have yet been tested or enacted by legislatures. In this project, therefore, the project team is studying these proposed alternative types of privacy laws in order to predict how online services would change and, thus, how they would affect privacy, especially for those most at risk of privacy violations. By doing so, the team hopes to provide the information needed to make laws that can uphold our societal values of privacy. The project team is evaluating the idea of data fiduciaries as a case study of how it is possible to empirically assess new paradigms of privacy law prior to their being enacted in law. The evaluation takes place in two phases: (1) qualitative methods to evoke expert predictions of how companies would implement data fiduciary laws in specific contexts, and (2) user interviews and speculative design workshops to evaluate whether those predicted implementations would meet the in-context best interests of privacy-vulnerable users. These methods will be validated by applying them to both new and existing laws and comparing results to ground-truth observations of the effects of those laws in the wild across jurisdictions and time, thus resulting in project outcomes that include both new methods for evaluating prospective privacy law paradigms and the evaluation data fiduciaries as a case study. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

View original record on NSF Award Search →