A Systematic Review and Taxonomy for Privacy Breach Classification: Trends, Gaps, and Future Directions

TL;DR

This paper systematically reviews academic literature from 2010-2024 on privacy breach classification, introduces a new taxonomy categorizing research efforts, and identifies emerging trends and gaps for future exploration.

Contribution

It presents a comprehensive taxonomy for privacy breach research, highlighting dominant areas and underexplored topics like location privacy and healthcare data breaches.

Findings

Breach classification and detection dominate current research.

Breach prediction and risk analysis are emerging areas.

Underexplored topics include location privacy and healthcare data breaches.

Abstract

In response to the rising frequency and complexity of data breaches and evolving global privacy regulations, this study presents a comprehensive examination of academic literature on the classification of privacy breaches and violations between 2010-2024. Through a systematic literature review, a corpus of screened studies was assembled and analyzed to identify primary research themes, emerging trends, and gaps in the field. A novel taxonomy is introduced to guide efforts by categorizing research efforts into seven domains: breach classification, report classification, breach detection, threat detection, breach prediction, risk analysis, and threat classification. An analysis reveals that breach classification and detection dominate the literature, while breach prediction and risk analysis have only recently emerged in the literature, suggesting opportunities for potential research impacts. Keyword and phrase frequency analysis reveal potentially underexplored areas, including location privacy, prediction models, and healthcare data breaches.