The data privacy matrix project: towards a global alignment of data privacy laws

Abstract

Data privacy is an expected right of most citizens around the world but there are many legislative challenges within a boundary-less cloud computing and World Wide Web environment. Despite its importance, there is limited research around data privacy law gaps and alignment, and the legal side of the security ecosystem which seems to be in a constant effort to catch-up. There are already issues within recent history which show a lack of alignment causing a great deal of confusion, an example of this is the 'right to be forgotten' case which came up in 2014. This case involved a Spanish man against Google Spain. He requested the removal of a link to an article about an auction for his foreclosed home, for a debt that he had subsequently paid. However, misalignment of data privacy laws caused further complications to the case. This paper introduces the Waikato Data Privacy Matrix, our global project for alignment of data privacy laws by focusing on Asia Pacific data privacy laws and their relationships with the European Union and the USA. This will also suggest potential solutions to address some of the issues which may occur when a breach of data privacy occurs, in order to ensure an individual has their data privacy protected across the boundaries in the Web. With the increase in data processing and storage across different jurisdictions and regions (e.g. public cloud computing), the Waikato Data Privacy Matrix empowers businesses using or providing cloud services to understand the different data privacy requirements across the globe, paving the way for increased cloud adoption and usage.