GDPR and the cloud: examining readability deficiencies in cloud computing providers’ privacy policies

IF 2.2 4区 管理学 Q2 PUBLIC ADMINISTRATION
Lei Gao, C. Eller, Austin F. Eggers
{"title":"GDPR and the cloud: examining readability deficiencies in cloud computing providers’ privacy policies","authors":"Lei Gao, C. Eller, Austin F. Eggers","doi":"10.1080/01442872.2022.2129046","DOIUrl":null,"url":null,"abstract":"ABSTRACT There have been concerns about data privacy and protection internationally. This has led to the development of policy tools, such as the General Data Protection Regulations (GDPR), but there remains limited evaluation of the effectiveness of the policies. The purpose of this study is to examine cloud computing privacy policies in order to determine how they changed in response to GDPR. Specifically, we focus on the EU’s mandate for “clear and plain language” by scrutinizing various content characteristics. In order to examine the response to the changes enacted by GDPR, we conduct a content analysis of cloud computing firm privacy policies from three periods. Results indicate that despite a mandate for “clear and plain language,” the readability of the privacy policies post-GDPR did not improve. Surprisingly, many privacy policies examined showed a significant decrease in readability. Additionally, the use of uncertainty language and litigious language also increased in certain areas. The findings outlined in this study are informative for policy makers, businesses interested in minimizing risks associated with GDPR noncompliance, and individuals whose data is subject to GDPR. These findings also point to the challenges faced by organizations in developing effective policies in the realm of digital governance.","PeriodicalId":47179,"journal":{"name":"Policy Studies","volume":"3 1","pages":"832 - 854"},"PeriodicalIF":2.2000,"publicationDate":"2022-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Policy Studies","FirstCategoryId":"91","ListUrlMain":"https://doi.org/10.1080/01442872.2022.2129046","RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"PUBLIC ADMINISTRATION","Score":null,"Total":0}
引用次数: 1

Abstract

ABSTRACT There have been concerns about data privacy and protection internationally. This has led to the development of policy tools, such as the General Data Protection Regulations (GDPR), but there remains limited evaluation of the effectiveness of the policies. The purpose of this study is to examine cloud computing privacy policies in order to determine how they changed in response to GDPR. Specifically, we focus on the EU’s mandate for “clear and plain language” by scrutinizing various content characteristics. In order to examine the response to the changes enacted by GDPR, we conduct a content analysis of cloud computing firm privacy policies from three periods. Results indicate that despite a mandate for “clear and plain language,” the readability of the privacy policies post-GDPR did not improve. Surprisingly, many privacy policies examined showed a significant decrease in readability. Additionally, the use of uncertainty language and litigious language also increased in certain areas. The findings outlined in this study are informative for policy makers, businesses interested in minimizing risks associated with GDPR noncompliance, and individuals whose data is subject to GDPR. These findings also point to the challenges faced by organizations in developing effective policies in the realm of digital governance.
GDPR和云:检查云计算提供商隐私政策的可读性缺陷
国际上一直存在对数据隐私和保护的关注。这导致了政策工具的发展,例如通用数据保护条例(GDPR),但对政策有效性的评估仍然有限。本研究的目的是研究云计算隐私政策,以确定它们如何响应GDPR而发生变化。具体来说,我们通过审查各种内容特征来关注欧盟对“清晰易懂的语言”的要求。为了检验对GDPR颁布的变化的反应,我们对三个时期的云计算公司隐私政策进行了内容分析。结果表明,尽管有“清晰易懂的语言”的要求,但gdpr后隐私政策的可读性并没有提高。令人惊讶的是,许多被检查的隐私策略显示可读性明显下降。此外,在某些领域,不确定性语言和诉讼语言的使用也有所增加。本研究概述的研究结果对政策制定者、有意将与GDPR违规相关的风险降至最低的企业以及数据受GDPR约束的个人具有参考价值。这些发现还指出了组织在数字治理领域制定有效政策时所面临的挑战。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Policy Studies
Policy Studies PUBLIC ADMINISTRATION-
CiteScore
5.40
自引率
4.50%
发文量
34
期刊介绍: These changes at the structural level of the global system have impacted upon the work of public organizations either directly or indirectly and have broadened the field of action in policy studies. It has five main areas of intellectual interest: 1.To broaden the lens of policy analysis through the publication of research which locates policy-making within a theoretical, historical or comparative perspective. 2.To widen the field of enquiry in policy analysis through the publication of research that examines policy issues in a British, comparative, international or global context. 3.To promote constructive debate on theoretical, methodological and empirical issues in policy analysis.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信