Exploring Mechanisms of Website Compliance with Privacy Regulations
Current Members
- Prof. Dr. David Basin
- Dr. Amit Zac
- Karel Kubíček
- Ahmed Bouhoula
- Laura-Vanessa Soldner
Overview
We are currently conducting a scientific study to better understand how websites comply with privacy laws according to the European General Data Protection Regulation (GDPR) and the EU ePrivacy Directive. Specifically, we look at compliance in the area of cookie consent notices and cookie labelling.
The privacy regulations, including the General Data Protection Regulation and ePrivacy Directive, require websites to inform EU-based users about the collection of their data and request consent for the use of tracking technologies, such as non-essential cookies. We recognize the growing concern regarding the challenges faced by websites in maintaining compliance with privacy laws, especially concerning cookies and tracking technologies. In external pageprior publicationcall_made, we have shown that the majority of websites struggle to comply with privacy laws.
With our study, we would like to help website owners identify and fix security and data protection issues on their websites. To achieve this, we will be conducting a randomised control experiment where websites are contacted directly about this issue.
If you have any questions or would like to contact us regarding this research, please feel free to email us at .
Publications
- Dino Bollinger, Karel Kubicek, Carlos Cotrini, David Basin.
Automating Cookie Consent and GDPR Violation Detection. USENIX Security 2022.
[external pageBIBcall_made|external pagePDFcall_made|DOI |external pageWEBcall_made]