Skip to main content

Research Repository

Advanced Search

Exploring the relationships between privacy by design schemes and privacy laws: a comparative analysis

Aljeraisy, Atheer; Barati, Masoud; Rana, Omer; Perera, Charith


Atheer Aljeraisy

Masoud Barati

Omer Rana

Charith Perera


Internet of Things (IoT) applications have the potential to derive sensitive information about individuals. Therefore, developers must exercise due diligence to make sure that data are managed according to the privacy regulations and data protection laws. However, doing so can be a difficult and challenging task. Recent research has revealed that developers typically face difficulties when complying with regulations. One key reason is that, at times, regulations are vague, and could be challenging to extract and enact such legal requirements. In our research paper, we have conducted a systematic analysis of the data protection laws that are used across different continents, namely: (i) General Data Protection Regulations (GDPR), (ii) the Personal Information Protection and Electronic Documents Act (PIPEDA), (iii) the California Consumer Privacy Act (CCPA), (iv) Australian Privacy Principles (APPs), and (v) New Zealand’s Privacy Act 1993. In this technical report, we presented the detailed results of the conducted framework analysis method to attain a comprehensive view of different data protection laws and highlighted the disparities, in order to assist developers in adhering to the regulations across different regions, along with creating a Combined Privacy Law Framework (CPLF). After that, we gave an overview of various Privacy by Design (PbD) schemes developed previously by different researchers. Then, the key principles and individuals’ rights of the CPLF were mapped with the privacy principles, strategies, guidelines, and patterns of the Privacy by Design (PbD) schemes in order to investigate the gaps in existing schemes.


Aljeraisy, A., Barati, M., Rana, O., & Perera, C. (2020). Exploring the relationships between privacy by design schemes and privacy laws: a comparative analysis. Cardiff: Cardiff University

Report Type Technical Report
Publication Date Jun 18, 2020
Deposit Date May 4, 2021
Keywords Internet of Things, Privacy Laws, Software Design, Security and privacy, Human and societal aspects of security and privacy
Public URL
Related Public URLs