How regulation and technology are shaping the future of privacy and security