Skip to main content

From Legal Codes to Coding: Computer Scientists Tackle Data Privacy Law (UC Davis News)

Hand mouse cursor hovering over the word Security.
New regulations on internet privacy are aiming to protect people and their data. Computer scientists are working on how to comply. (Courtesy of Pexels/Pixabay)

In 2016, the European Union passed the General Data Protection Regulation, or GDPR, to set privacy and security standards on how data can be collected and used by internet-based organizations. In 2018, California passed the California Consumer Privacy Act, or CCPA, which gives consumers more control over their personal information.

While these regulations are paramount to ensure consumer safety on the internet, they pose serious issues for developers who must update websites to meet the legal stipulations.

With required compliance now in effect, Mohammad Sadoghi, associate professor of computer science at the University of California, Davis, is collaborating with Faisal Nawab, assistant professor of computer science at the University of California, Irvine, to help systems developers make sense of these new laws, translate them into a language that they can understand, code compliance into new systems and find a way to adjust older systems without dismantling them entirely.

Sadoghi and Nawab have started tackling this issue with a $1.2 million grant from the National Science Foundation. They are partnering with the New Jersey Institute of Technology, or NJIT.

Mohammad Sadoghi, associate professor of computer science at the University of California, Davis (UC Davis)
Mohammad Sadoghi, associate professor of computer science at the University of California, Davis (UC Davis)
Faisal Nawab, assistant professor of computer science at the University of California, Irvine (Courtesy of Nawab)
Faisal Nawab, assistant professor of computer science at the University of California, Irvine (Courtesy of Nawab)

The Privacy Problem

Getting current systems compliant with regulations set by legislations like the GDPR and CCPA is incredibly important because it has to do with personal data — who’s collecting it, who’s using it and what’s being done with it.

Sadoghi puts it into a sobering perspective:

“If you were to ask people, ‘Would you get your journal that is full of your intimate thoughts and photocopy it and give it to everybody in your classroom?’ Everyone would say, ‘No,'” he said. “But without even knowing it, every single thing we do is out there, and it’s being collected and used in any imaginable and unimaginable ways.”

Everything from behavior prediction from social media posts to the watch monitoring your breathing. From the smart thermostat logging the temperature in your house to the algorithms on your streaming service absorbing what you are watching. It’s being tracked. And prior to these regulations, data collection was similar to the Wild West: lawless.

“Imagine that this amount of information is being tracked without any clear guidelines or without proper awareness,” said Sadoghi. “Who has the right to collect that information? Who has the right to analyze that information? And who has the right to derive things from that information? That’s the challenge we are living with right now.”

— Jessica Heath

Read the full story in UC Davis News.

Related Posts

Skip to content