IDEAS home Printed from https://ideas.repec.org/a/gam/jsusta/v13y2021i20p11459-d658166.html
   My bibliography  Save this article

Examining Compliance with Personal Data Protection Regulations in Interorganizational Data Analysis

Author

Listed:
  • Szu-Chuang Li

    (Department of Information and Communication, Tamkang University, New Taipei City 237, Taiwan)

  • Yi-Wen Chen

    (Department of Information and Communication, Tamkang University, New Taipei City 237, Taiwan)

  • Yennun Huang

    (CITI, Academia Sinica, Taipei 115, Taiwan)

Abstract

The development of big data analysis technologies has changed how organizations work. Tech giants, such as Google and Facebook, are well positioned because they possess not only big data sets but also the in-house capability to analyze them. For small and medium-sized enterprises (SMEs), which have limited resources, capacity, and a relatively small collection of data, the ability to conduct data analysis collaboratively is key. Personal data protection regulations have become stricter due to incidents of private data being leaked, making it more difficult for SMEs to perform interorganizational data analysis. This problem can be resolved by anonymizing the data such that reidentifying an individual is no longer a concern or by deploying technical procedures that enable interorganizational data analysis without the exchange of actual data, such as data deidentification, data synthesis, and federated learning. Herein, we compared the technical options and their compliance with personal data protection regulations from several countries and regions. Using the EU’s GDPR (General Data Protection Regulation) as the main point of reference, technical studies, legislative studies, related regulations, and government-sponsored reports from various countries and regions were also reviewed. Alignment of the technical description with the government regulations and guidelines revealed that the solutions are compliant with the personal data protection regulations. Current regulations require “reasonable” privacy preservation efforts from data controllers; potential attackers are not assumed to be experts with knowledge of the target data set. This means that relevant requirements can be fulfilled without considerably sacrificing data utility. However, the potential existence of an extremely knowledgeable adversary when the stakes of data leakage are high still needs to be considered carefully.

Suggested Citation

  • Szu-Chuang Li & Yi-Wen Chen & Yennun Huang, 2021. "Examining Compliance with Personal Data Protection Regulations in Interorganizational Data Analysis," Sustainability, MDPI, vol. 13(20), pages 1-16, October.
  • Handle: RePEc:gam:jsusta:v:13:y:2021:i:20:p:11459-:d:658166
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/2071-1050/13/20/11459/pdf
    Download Restriction: no

    File URL: https://www.mdpi.com/2071-1050/13/20/11459/
    Download Restriction: no
    ---><---

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Juna Alhumaidi Alharbi & Abdulmohsen Saud Albesher & Heider Ahmad Wahsheh, 2023. "An Empirical Analysis of E-Governments’ Cookie Interfaces in 50 Countries," Sustainability, MDPI, vol. 15(2), pages 1-23, January.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jsusta:v:13:y:2021:i:20:p:11459-:d:658166. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.