PapersFlow Research Brief
Digitalization, Law, and Regulation
Research Guide
What is Digitalization, Law, and Regulation?
Digitalization, Law, and Regulation is the field examining legal implications of digital technologies, including data protection, artificial intelligence, cybersecurity, autonomous vehicles, big data, robotics liability, privacy regulations, internet of things, and economic sanctions.
This field encompasses 79,207 works addressing challenges and opportunities from digital transformation across sectors. Key focuses include GDPR provisions and information protection mechanisms in computer systems. Growth data over the past five years is not available.
Topic Hierarchy
Research Sub-Topics
General Data Protection Regulation Impacts
This sub-topic analyzes the GDPR's effects on data processing practices, compliance costs, and cross-border data flows post-2018 implementation. Researchers conduct empirical studies on breach notifications, fines, and multinational firm adaptations.
Right to Explanation in Automated Decision-Making
This sub-topic debates the legal existence and scope of 'right to explanation' under GDPR Article 22 for AI-driven decisions in hiring, lending, and policing. Researchers examine interpretative guidance, national implementations, and technical feasibility.
Liability for Autonomous Vehicles
This sub-topic explores product liability, negligence, and vicarious liability regimes for self-driving car accidents across jurisdictions. Researchers analyze software update obligations, data recorder admissibility, and insurance models.
Cybersecurity Regulation Frameworks
This sub-topic examines NIS Directive, Cybersecurity Act, and sector-specific mandates for critical infrastructure protection in the EU. Researchers compare mandatory breach reporting, certification schemes, and public-private partnership efficacy.
Robotics Liability and Product Responsibility
This sub-topic addresses strict liability for autonomous robots, learning algorithm accountability, and damages apportionment in human-robot interaction injuries. Researchers propose hybrid regulatory models blending tort law with technology-neutral standards.
Why It Matters
Digitalization, Law, and Regulation shapes compliance for global companies handling personal data, with the EU General Data Protection Regulation (GDPR) imposing fines up to 4% of annual global turnover for violations, as outlined in Voigt and von dem Bussche (2017). It addresses automated decision-making in AI systems, where Wachter et al. (2017) clarify no explicit 'right to explanation' exists in the GDPR, influencing deployment in hiring, lending, and policing. Saltzer and Schroeder (1975) provide foundational principles for securing information in computer systems, applied in modern cybersecurity frameworks protecting banking and healthcare data.
Reading Guide
Where to Start
'The EU General Data Protection Regulation (GDPR)' by Voigt and von dem Bussche (2017) serves as the starting point, offering a practical introduction to the regulation's core provisions with 2096 citations.
Key Papers Explained
Voigt and von dem Bussche (2017) in 'The EU General Data Protection Regulation (GDPR)' provide the foundational practical guide, cited 2096 times. Saltzer and Schroeder (1975) in 'The protection of information in computer systems' (1812 citations) establish early principles that underpin GDPR's security requirements. Wachter et al. (2017) in 'Why a Right to Explanation of Automated Decision-Making Does Not Exist in the General Data Protection Regulation' (1033 citations) build on GDPR analysis by debunking myths about automated decisions, while Hoofnagle et al. (2019) contextualize its evolution from prior directives.
Paper Timeline
Most-cited paper highlighted in red. Papers ordered chronologically.
Advanced Directions
Recent preprints show no new developments in the past six months. Analysis of top papers highlights ongoing clarification of GDPR scope for AI inferences, as in Wachter and Mittelstadt (2018). News coverage from the last 12 months is unavailable.
Papers at a Glance
| # | Paper | Year | Venue | Citations | Open Access |
|---|---|---|---|---|---|
| 1 | The EU General Data Protection Regulation (GDPR) | 2017 | — | 2.1K | ✕ |
| 2 | The protection of information in computer systems | 1975 | Proceedings of the IEEE | 1.8K | ✕ |
| 3 | ? | Surrey Open Research r... | 1.5K | ✕ | |
| 4 | Protection of information in computer systems | 1975 | IEEE CSIT Newsletter | 1.4K | ✕ |
| 5 | Why a Right to Explanation of Automated Decision-Making Does N... | 2017 | International Data Pri... | 1.0K | ✓ |
| 6 | The European Union general data protection regulation: what it... | 2019 | Information & Communic... | 658 | ✓ |
| 7 | DIRECTIVE (EU) 2017/1371 OF THE EUROPEAN PARLIAMENT AND OF THE... | 2020 | Nomos Verlagsgesellsch... | 657 | ✕ |
| 8 | ATZ : Automobiltechnische Zeitschrift | 1934 | Medical Entomology and... | 525 | ✕ |
| 9 | The Eu General Data Protection Regulation (Gdpr): A Practical ... | 2017 | — | 467 | ✕ |
| 10 | A Right to Reasonable Inferences: Re-Thinking Data Protection ... | 2018 | — | 421 | ✓ |
Frequently Asked Questions
What is the EU General Data Protection Regulation (GDPR)?
The GDPR is the EU's key law on data protection and privacy for individuals within the European Union and European Economic Area. Voigt and von dem Bussche (2017) detail its requirements in 'The EU General Data Protection Regulation (GDPR)'. It harmonizes data privacy laws across Europe and impacts organizations worldwide processing EU residents' data.
Does the GDPR mandate a right to explanation for automated decisions?
No right to explanation of automated decision-making exists in the GDPR. Wachter et al. (2017) argue in 'Why a Right to Explanation of Automated Decision-Making Does Not Exist in the General Data Protection Regulation' that claims of such a right misinterpret the regulation. Articles 13-15 and 22 provide related transparency and contestation rights but not full explanations of algorithmic processes.
What are core principles for protecting information in computer systems?
Protection mechanisms include access control, authentication, and least privilege to safeguard data integrity and confidentiality. Saltzer and Schroeder (1975) outline these in 'The protection of information in computer systems', emphasizing mechanisms like capabilities and access matrices. These principles underpin modern cybersecurity in networked environments.
How does GDPR extend prior EU data protection rules?
The GDPR refines and extends the 1995 Data Protection Directive with stricter consent rules, mandatory data protection officers, and rights like data portability. Hoofnagle et al. (2019) explain in 'The European Union general data protection regulation: what it is and what it means' its normative foundations and strategic approach. It applies extraterritorially to non-EU firms targeting EU data subjects.
What legal challenges arise from big data and AI inferences?
Big data and AI produce non-intuitive inferences about individuals from diverse datasets, challenging traditional data protection law. Wachter and Mittelstadt (2018) propose in 'A Right to Reasonable Inferences: Re-Thinking Data Protection Law in the Age of Big Data and AI' a right to reasonable inferences. This addresses unverifiable predictions in behavioral profiling and risk assessment.
Open Research Questions
- ? How can data protection laws effectively regulate non-intuitive inferences from big data analytics?
- ? What technical mechanisms best implement GDPR transparency requirements without compromising algorithmic security?
- ? To what extent do foundational information protection principles from 1975 apply to internet of things and autonomous systems?
- ? How should liability frameworks evolve for robotics and AI decision-making under current privacy regulations?
Recent Trends
The field includes 79,207 works with five-year growth data unavailable.
High citation counts persist for GDPR-focused papers, such as Voigt and von dem Bussche at 2096 citations and Saltzer and Schroeder (1975) at 1812 citations.
2017No recent preprints or news coverage appear in the last six and 12 months, respectively.
Research Digitalization, Law, and Regulation with AI
PapersFlow provides specialized AI tools for Social Sciences researchers. Here are the most relevant for this topic:
Systematic Review
AI-powered evidence synthesis with documented search strategies
AI Literature Review
Automate paper discovery and synthesis across 474M+ papers
Deep Research Reports
Multi-source evidence synthesis with counter-evidence
Find Disagreement
Discover conflicting findings and counter-evidence
See how researchers in Social Sciences use PapersFlow
Field-specific workflows, example queries, and use cases.
Start Researching Digitalization, Law, and Regulation with AI
Search 474M+ papers, run AI-powered literature reviews, and write with integrated citations — all in one workspace.
See how PapersFlow works for Social Sciences researchers