Privacy policies, cross-border health data and the GDPR

Trix Mulder, Melania Tudorica

Research output: Contribution to journalArticleAcademicpeer-review

25 Downloads (Pure)


Research going back to 2008 has shown that a vast majority of the people never read privacy policies (AM McDonald and LF Cranor, The Cost of Reading Privacy Policies?(2008) 4A JLPI 543). Since then, not a lot has changed (F Schaub and others, Designing Effective Privacy Notices and Controls (2017) 99 IEEE 70). Most people formally consent to privacy policies without knowing what happens to their personal data. This odd situation is called the privacy paradox: while people highly value their fundamental right to privacy, they do not act accordingly, especially when it concerns new technologies (M Taddicken, The Privacy Paradox? in the Social Web? (2013) 19 JCMC 248). Since more and more people use apps on their mobile phones and wearables to measure their health, it is important to do research in this area. Nowadays, privacy is a popular news item; this might be why more and more companies use privacy both in their business models and as a marketing tool. This raises the question whether people really give informed consent to privacy policies, as they seem to rely on marketing statements rather than reading the actual privacy policies themselves.
Original languageEnglish
Pages (from-to)261-274
Number of pages14
JournalInformation & Communications Technology Law Journal
Issue number3
Publication statusPublished - 2 Sept 2019
Externally publishedYes


  • data protection
  • health data
  • cross border
  • modern technologies
  • gdpr


Dive into the research topics of 'Privacy policies, cross-border health data and the GDPR'. Together they form a unique fingerprint.

Cite this