Towards the Adoption of EU General Data Protection Regulation

An Empirical Study of Businesses’ Perception on Privacy and Data Protection

Master thesis (2017)

Authors

Dity Andita Rahmi Faradina Technology, Policy and Management

Contributors

M.J.G. van Eeten (supervisor 1)
H. Asghari (supervisor 1)
B. Enserink (supervisor 1)
Faculty
Technology, Policy and Management
Copyright: © 2017 Dity Andita Rahmi Faradina
More Info
expand_more

Published Date

19-12-2017

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Technology, Policy and Management

Abstract

The EU General Data Protection Regulation (EU GDPR) is about to come in force in May 2018. It poses new queries for both policymakers and businesses. Policymakers want o know how effective the new EU GDPR will be while the businesses would like to know how the EU GDPR should be implemented. To answer that question, empirical studies on how businesses/organizations implement privacy and data protection as well as their perception towards the EU GDPR are needed. This thesis aims to answer the fill this gap by mixed methods. Literature review and interview are exercised to get the current practices, while survey and statistic analyses are done to investigate the organizations' plans to change related to the EU GDPR. The findings are interesting, which include but not limited to the existence of DPO and organizations' high dependency would not limit the organizations' plan to change. Based on the findings, a number of recommendations are formulated for both policymakers and the practitioners, such as the encouragement to designate a DPO, to specify different approach of enforcement by policymaker for different industrial sectors and to be open to having menu of contracts by organizations for a balanced flexibility.