Informing the future of data protection in smart homes by Kraemer, MJ, Seymour, W, Binns, R, Van Kleek, M, Flechais, I

Algorithms that remember: model inversion attacks and data protection law by Veale, M, Binns, R, Edwards, L

“…The EU's recent General Data Protection Regulation (GDPR) has been seen as a core tool for achieving better governance of this area. …”

When data protection by design and data subject rights clash by Veale, M, Binns, R, Ausloos, J

“…<p>• Data Protection by Design (DPbD), a holistic approach to embedding principles in technical and organisational measures undertaken by data controllers, building on the notion of Privacy by Design, is now a qualified duty in the GDPR.…”

Before and after GDPR: tracking in mobile apps by Kollnig, K, Binns, R, Van Kleek, M, Lyngs, U, Zhao, J, Tinsman, C, Shadbolt, N

“…Third-party tracking, the collection and sharing of behavioural data about individuals, is a significant and ubiquitous privacy threat in mobile apps. The EU General Data Protection Regulation (GDPR) was introduced in 2018 to protect personal data better, but there exists, thus far, limited empirical evidence about its efficacy. …”

Are iPhones really better for privacy? A comparative study of iOS and Android apps by Kollnig, K, Shuba, A, Binns, R, Van Kleek, M, Shadbolt, N

“…Across all studied apps, our study highlights widespread potential violations of US, EU and UK privacy law, including 1) the use of third-party tracking without user consent, 2) the lack of parental consent before sharing personally identifiable information (PII) with third-parties in children’s apps, 3) the non-data-minimising configuration of tracking libraries, 4) the sending of personal data to countries without an adequate level of data protection, and 5) the continued absence of transparency around tracking, partly due to design decisions by Apple and Google. …”

Goodbye tracking? Impact of iOS app tracking transparency and privacy labels by Kollnig, K, Shuba, A, Van Kleek, M, Binns, R, Shadbolt, N

“…This is especially concerning because we explicitly refused opt-in to tracking in our study, and consent is a legal requirement for tracking under EU and UK data protection law. We find that Apple itself engages in some forms of tracking and exempts invasive data practices like first-party tracking and credit scoring from its new rules, and that the new Privacy Nutrition Labels were often inaccurate. …”