Creation and Analysis of an International Corpus of Privacy Laws
This addresses the challenge for companies and researchers in navigating and studying international privacy regulations, though it is incremental as it primarily provides a new dataset rather than novel analytical methods.
The researchers tackled the problem of analyzing the complex global landscape of privacy laws by creating the Government Privacy Instructions Corpus (GPI Corpus) of 1,043 privacy laws from 182 jurisdictions, enabling large-scale quantitative and qualitative examination that revealed a dramatic increase in privacy legislation over 50 years, though comprehensive laws remain rare.
The landscape of privacy laws and regulations around the world is complex and ever-changing. National and super-national laws, agreements, decrees, and other government-issued rules form a patchwork that companies must follow to operate internationally. To examine the status and evolution of this patchwork, we introduce the Government Privacy Instructions Corpus, or GPI Corpus, of 1,043 privacy laws, regulations, and guidelines, covering 182 jurisdictions. This corpus enables a large-scale quantitative and qualitative examination of legal foci on privacy. We examine the temporal distribution of when GPIs were created and illustrate the dramatic increase in privacy legislation over the past 50 years, although a finer-grained examination reveals that the rate of increase varies depending on the personal data types that GPIs address. Our exploration also demonstrates that most privacy laws respectively address relatively few personal data types, showing that comprehensive privacy legislation remains rare. Additionally, topic modeling results show the prevalence of common themes in GPIs, such as finance, healthcare, and telecommunications. Finally, we release the corpus to the research community to promote further study.