Skip to main content

Measuring and Modeling Security and Privacy Laws

Researchers: Alessandro Acquisti, Sasha Romanosky, Richard Sharp

Research Area: Privacy Protection

Cross Cutting Thrusts: Business Risk Analysis and Economic Implications

Abstract

Scope: The goal of this proposal is to combine analytical and empirical research to understand and measure the effects of security and privacy laws.

Outcomes: We hope to provide insight into the ways in which data security and consumer privacy laws (public policies) are affecting individuals and companies. Some of the questions we hope to address are the following: Are these laws having the intended effects? What is the current legal and regulatory standard for security practices? What are the incentives that drive those practices? If the laws are socially inefficient (implying unnecessary costs), how can they be improved? Because these questions relate to the economic and legal issues of data security, consumer privacy and regulatory actions, we anticipate publication in peer-reviewed IT policy and law & economics journals and conferences.