The digital age has revolutionized our lives, offering convenient access to information and services. However, this convenience comes at the cost of data privacy. With a vast majority of the EU population using the internet in 2021, personal data exchange is rampant. Surprisingly, despite privacy being a human right, only 39% of internet users read data protection policies before sharing their personal information. To safeguard personal identities, the General Data Protection Regulation (GDPR) was introduced. While it empowers consumers, it also impacts businesses, especially in terms of competition.
This literature analysis delves into the GDPR's effects on companies. The GDPR sets essential principles, making it applicable to all firms processing EU citizens' data. Compliance involves various measures, contingent on data processing volume and method. The GDPR grants consumers rights, including being informed, access, being forgotten, objection, and data portability. These rights offer benefits to companies, fostering trust and enhancing their competitive edge. Companies complying with GDPR have gained more customers and partners, bolstering their market position. Nevertheless, many companies view GDPR negatively, fearing legal uncertainties and curtailment of business activities, particularly affecting innovative, digital firms. GDPR may weaken the competitive position compared to non-GDPR competitors, as it increases costs and causes the loss of some collaboration partners.
In conclusion, this analysis demonstrates that the GDPR has had an adverse effect on companies, particularly concerning their competitive position. It suggests implementing the GDPR as a uniform standard framework to ensure fair competition among companies, addressing the law's uneven impact. This work contributes to the understanding of the GDPR's impact on businesses, highlighting the need for more research in this area, which currently tends to be consumer-centric.
Table of Contents
1. Introduction
2. General Information and Objectives of the Implementation of GDPR
3. Analysis of the impact of the GDPR
3.1. Positive effects
3.2. Negative effects
4. Conclusion
Research Objectives and Themes
This paper aims to investigate the impact of the General Data Protection Regulation (GDPR) on companies, with a specific focus on its implications for competition. It explores whether the regulation has positively or negatively altered the competitive position of businesses by analyzing their compliance efforts, perceived advantages, and experienced disadvantages such as increased costs and legal uncertainties.
- Legal framework and objectives of the GDPR
- Corporate perception of competitive impacts
- Benefits of consumer trust and standardized data rules
- Challenges related to compliance costs and administrative burdens
- The role of firm characteristics in evaluating GDPR impacts
Excerpt from the Book
3.2. Negative effects
Although only 5% of the companies surveyed agreed with the statement that the GDPR has contributed to competitive advantages (see Chapter 3.1), only one-third of the companies surveyed (293) reported that they have been negatively affected by the GDPR in terms of their competitive position (Engels and Scheufen, 2020, p. 8). In this case, too, only those companies that agreed with the statement that the Regulations had a negative impact on their competitive position were asked about explicit disadvantages in order to obtain target-oriented results.
Of the surveyed companies, the disadvantage that the implementation of the GDPR has resulted in a particularly high level of effort was most prominent at 96%, followed by the other notable disadvantage that the latest data privacy regulations have led to legal uncertainties, for example, in terms of fears of high penalties (ibid., p. 12). This fear does not seem unreasonable, since within a year and a half of the GDPR's implementation, 785 fines have been imposed by the competent authorities in the EU for violations of the data protection directives (Eurostat). In 2019, for example, Google, with data processing as its core business, was fined one of 2019's largest amounts from the French Data Protection Agency - 50 million Euros - for failing to comply with the GDPR (Byrne & Tranberg, 2019). The fine was issued particularly due to violations of the right to information, as explained in Chapter 2.
Summary of Chapters
1. Introduction: This chapter contextualizes the rise of the digital age and the subsequent need for the GDPR to protect consumer data, outlining the research focus on corporate impacts.
2. General Information and Objectives of the Implementation of GDPR: Provides an overview of the legal foundations of the regulation, explaining consumer rights and the "marketplace principle" that extends the law's reach.
3. Analysis of the impact of the GDPR: Examines both the benefits and drawbacks for businesses, utilizing survey data to categorize impacts based on company traits like size and digitalization levels.
4. Conclusion: Synthesizes the findings, suggesting that while the GDPR provides necessary consumer protection, it imposes significant competitive burdens that may be particularly impactful during its initial implementation phases.
Keywords
GDPR, Data Protection, Competition, Corporate Impact, Consumer Rights, Compliance, Digitalization, Market Regulation, Privacy, Business Strategy, Administrative Burden, European Union, Accountability Principle, Data Processing, Competitive Position
Frequently Asked Questions
What is the primary focus of this research paper?
The paper examines the impact of the General Data Protection Regulation (GDPR) on the competitive position of companies within the European Union.
What are the central themes discussed in the work?
Key themes include the legal objectives of the GDPR, compliance requirements, corporate perceptions of competitive advantages or disadvantages, and the specific challenges faced by businesses of varying sizes.
What is the primary research goal?
The aim is to determine whether the GDPR has positively or negatively impacted companies' competitive positions since its implementation in 2018.
Which scientific methods are employed?
The paper utilizes a literature analysis, comparing official Eurostat statistics, policy documents, and scientific survey data from independent research institutes.
What core topics are covered in the main section?
The main part analyzes the "positive effects" (e.g., increased consumer trust) versus the "negative effects" (e.g., high implementation costs, legal uncertainties, and bureaucratic burdens).
Which keywords characterize this paper best?
The work is defined by terms such as GDPR, competitive position, compliance costs, data privacy, and corporate business strategy.
How does the risk-based principle impact small and medium-sized enterprises (SMEs)?
While the regulation is intended to be risk-based, findings suggest that SMEs often struggle with the same complex obligations as large corporations, leading to a disproportionately high bureaucratic burden.
Why do digitized and innovative companies perceive the GDPR differently?
Digitized companies often process more complex data-related information, which frequently correlates with higher compliance efforts and perceived negative impacts compared to less digitized firms.
- Quote paper
- Uarda Milla (Author), 2023, The Latest EU Data Privacy Regulations, Munich, GRIN Verlag, https://www.grin.com/document/1405193
