dissertation

In my dissertation, I examined how mobile app stores and mobile operating system providers influence the GDPR compliance of mobile applications, and to what extent this role is recognised and addressed within EU data protection law frameworks. Mobile tracking has far-reaching implications for user privacy. In the EU, although the General Data Protection Regulation (GDPR) is intended to establish a baseline level of data protection, unlawful data processing through mobile applications remains widespread. App stores, given their intermediary position and market power, appear well suited to support GDPR compliance.

By adopting an interdisciplinary approach that combines doctrinal legal analysis with empirical insights drawn from disclosures of approximately 2.8 million mobile apps, however, this dissertation identifies substantial limitations in the approaches adopted by both Apple and Google to address mobile tracking. In particular, I critically examined the tools and governance mechanisms implemented by these platforms to limit tracking practices and identifies significant discrepancies between their design and implementation, on the one hand, and the requirements and underlying principles of the GDPR, on the other. You can access the dissertation by clicking on the book cover 📕➡️