Societal and political implications of emerging digital technologies and big data

Lead Research Organisation: University of Oxford
Department Name: Computer Science


Data-processing companies face unprecedented scrutiny these days, from both authorities and users. Following the Cambridge Analytica revelations, investigations by the UK data authority ICO identified "a disturbing disregard for voters' privacy" spread across the data industry. The House of Commons concluded that the current "situation is unlikely to change". Even risk-averse investors agree, with technology shares being continuously on the rise. The reason lies in the pervasive, ongoing, and apparently irreversible amalgamation of digital devices in our daily lives. Mobile applications secretly share personal information with third parties, whilst other "smart devices" are spreading. This necessitates rigorous scrutiny of current data practices and impartial checks and balances, which academia can provide.

The PhD research will be conducted as part of the "Human-Centred Computing" group at the University of Oxford. This group seeks to understand the current challenges of the Digital Economy, so as to support human flourishing in the 21st century. More specifically, the group aims to inform and empower individuals with regards to their day-to-day use of technology. A prominent example of such is X-Ray, a software framework developed as part of the EPSRC-funded SOCIAM project. This software aims to uncover hidden data flows to companies all over the world. X-Ray analysed almost 1m Android apps, finding that roughly 90% of apps could send data to Google and 40% to Facebook. The X-Ray project will be the starting point of the PhD research, with potentially significant relevance for current society due to the ubiquity of apps.

With the introduction of the EU Data Protection Regulation (GDPR), the field of data protection has recently gained increased prominence and importance. The GDPR strengthens the rights of individuals as well as the powers of the regulating bodies. The data protection authorities (DPAs) of the EU member states can now impose penalties of up to 20m Euros or 4% of worldwide annual turnover (whichever is higher) for data protection infringements. Due to these new capabilities, data protection research can profoundly improve the lives of individuals.

The PhD research will expand on the X-Ray project, to add automated legal compliance analysis, as well as create new tools in the realm of law and technology. The novelty of the research methodology lies in the combination of computer science, law, and policy-making, particularly through automated program analysis and machine learning analysis of GDPR violations.

In alignment with the objectives of the research group and the EPSRC research theme Digital Economy, the PhD project seeks to raise awareness amongst individuals of the implications of large-scale data collection, and empower individuals to make more meaningful choices with regards to data collection. A further objective is informing policy-making regarding current and emerging digital technologies.

This project falls within the EPSRC Digital Economy research area.


10 25 50

Studentship Projects

Project Reference Relationship Related To Start End Student Name
EP/R513295/1 01/10/2018 30/09/2023
2219016 Studentship EP/R513295/1 01/10/2019 30/09/2022 Konrad Kollnig