Journal Home
Login
Register
Open Access Journal
Submit a Paper
Propose a Special lssue
Open Access
ARTICLE
Governing Privacy in a Datafied World: Comparative Legal Frameworks, Compliance Architectures, and the Evolution of Data Governance Paradigms
Issue Vol. 2 No. 02 (2025): Volume 02 Issue 02 --- Section Articles
PDF
Abstract
The exponential expansion of digital technologies has redefined the contours of privacy, transforming personal data into a central asset of economic value, political power, and social governance. This transformation has simultaneously intensified regulatory scrutiny and exposed structural inadequacies in traditional legal approaches to data protection. Across jurisdictions, lawmakers and institutions have responded by developing increasingly complex data privacy laws and governance mechanisms designed to balance innovation with the protection of individual rights. This research article undertakes an extensive, theory-driven examination of the evolving global landscape of data privacy laws and data governance frameworks, with particular emphasis on comparative legal regimes, compliance strategies, and institutional governance models. Drawing on interdisciplinary scholarship from law, information systems, public administration, and data ethics, the study situates contemporary privacy regulation within broader historical, technological, and socio-political contexts.
The article critically engages with global trends in data privacy regulation, highlighting the convergence and divergence between major legal instruments such as the General Data Protection Regulation and the California Consumer Privacy Act, while also examining emerging governance approaches articulated by international institutions and policy forums (World Lawyers Forum, 2022). Rather than treating privacy law as a static compliance exercise, this study conceptualizes data governance as a dynamic socio-technical system shaped by organizational practices, power relations, and normative values (Khatri and Brown, 2010; Micheli et al., 2020). Through a qualitative, interpretive methodology grounded in systematic literature analysis and doctrinal legal review, the article explores how role-based access control, encryption practices, and institutional accountability mechanisms operate as operational extensions of privacy law within organizational environments (Frontegg, 2022; Permify, 2024).
The findings reveal that contemporary privacy governance is characterized by a shift from rule-centric compliance toward principle-based, risk-sensitive, and context-aware regulatory models. However, this shift also introduces new challenges related to enforcement fragmentation, organizational capacity, and equity in data rights protection, particularly in transnational data flows and sector-specific domains such as health and artificial intelligence (Janssen et al., 2020; Holly et al., 2023). By synthesizing legal theory, governance scholarship, and practical compliance literature, this article contributes a comprehensive analytical framework for understanding the future trajectory of data privacy governance. It concludes by arguing that sustainable privacy protection requires not only legal harmonization but also the institutionalization of ethical governance principles, data literacy, and adaptive regulatory learning.
Keywords
References
1. Brous, P., Janssen, M., and Vilminko-Heikkinen, R. Coordinating decision-making in data management activities: A systematic review of data governance principles. Proceedings of Electronic Government, LNCS 9820, Springer Verlag, 2016.
2. World Lawyers Forum. The evolving landscape of data privacy laws: Global trends and compliance strategies. 8 June 2022.
3. Frontegg. What is role-based access control (RBAC)? A complete guide. 15 March 2022.
4. Holly, L., Thom, S., Elzemety, M., Murage, B., Mathieson, K., and Iñigo Petralanda, M. I. Strengthening health data governance: New equity and rights-based principles. International Journal of Health Governance, 28(3), 2023.
5. Mohan, V. CCPA vs GDPR compliance: Similarities and differences. Sprinto, 6 December 2024.
6. Koltay, T. Data governance, data literacy and the management of data quality. IFLA Journal, 42(4), 2016.
7. Permify. Role-based access control (RBAC): Ultimate enterprise guide. 16 June 2024.
8. Janssen, M., Brous, P., Estevez, E., Barbosa, L. S., and Janowski, T. Data governance: Organizing data for trustworthy artificial intelligence. Government Information Quarterly, 37(3), 2020.
9. Singla, A. The evolving landscape of privacy law: Balancing digital innovation and individual rights. ResearchGate, March 2024.
10. N-able. Types of database encryption methods. 10 May 2019.
11. Weber, K., Otto, B., and Österle, H. One size does not fit all: A contingency approach to data governance. Journal of Data and Information Quality, 1(1), 2009.
12. European Commission. Data governance and data policies at the European Commission: Executive summary. 2020.
13. Rowley, J., and Slack, F. Conducting a literature review. Management Research News, 27(6), 2004.
14. Micheli, M., Ponti, M., Craglia, M., and Berti Suman, A. Emerging models of data governance in the age of datafication. Big Data & Society, 7(2), 2020.
15. Sharma, D. O. Mastering GDPR and CCPA compliance: A guide for marketers. Clevertap, 7 January 2025.
16. Eke, D. O., et al. International data governance for neuroscience. Neuron, 110(4), 2022.
17. Joshi, D., Pratik, S., and Rao, M. P. Data governance in data mesh infrastructures: The Saxo Bank case study. International Conference on Electronic Business, 2021.
18. Khatri, V., and Brown, C. V. Designing data governance. Communications of the ACM, 53(1), 2010.
