Privacy is one of the biggest concerns for netizens, and the General Data Protection Regulation (GDPR) provides the stepping stone for privacy protection. Yet, many global organizations fail to demonstrate compliance, and numerous websites lack a GDPR-validated cookie consent mechanism, leading to potential data privacy breaches. Such loopholes diminish user trust and transparency, harming an organization’s credibility. The ultimate consequence is incurring penalties and damaging the organization’s reputation. This research primarily focuses on assessing education sector websites for compliance with GDPR. In this study, an automated solution, an open-source tool, has been developed to evaluate the cookie consent mechanism, and compliance assessment has been systematically carried out in this study across thousands of educational websites. Our study focused on websites with a .edu domain that have been evaluated for compliance with GDPR. Our proposed method is a three-step approach: a Python-based approach for interacting with the cookies’ consent mechanism, extracting the data from the website, and evaluating the cookies’ consent mechanism for GDPR compliance. Our findings highlight significant gaps in adhering to GDPR within the educational sector. The experiment was performed on a refined dataset of 8,483 educational websites. Results show that only 7.87% of 8,483 .edu websites fully adhered to GDPR. This underscores the need for improved regulatory implementation and awareness.
Al-Dala’ien et al. (Thu,) studied this question.