Consumer perspectives on information privacy following the implementation of the GDPR
Peer reviewed, Journal article
MetadataShow full item record
Original versionInternational Journal of Information Systems and Project Management. 2019, 7 (3), 19-34. 10.12821/ijispm070302
The General Data Protection Regulation (GDPR) was implemented in the European Union and European Economic Area in May 2018. The GDPR aims to strengthen consumers’ rights to data privacy in the wake of technological developments like big data and artificial intelligence. This was a hot topic for stakeholders, such as lawyers, companies and consumers, prior to the GDPR’s implementation. This paper investigates to what extent consumers are concerned about information privacy issues following the implementation of the GDPR. We present findings from an online survey conducted during spring 2019 among 327 Norwegian consumers, as well as findings from a survey conducted immediately prior to the implementation of the GDPR in spring 2018. We draw the following conclusions: (1) consumers gained significant knowledge about their information privacy from the GDPR, but felt relatively little need to execute their enhanced rights; (2) about 50% of respondents believed themselves to have control over their data, while almost 40% stated that they had no control about their personal data; and (3) consumers largely trusted companies to manage their personal data. These insights are of interest to both academia and to industries that deal with personal data.
General permission to republish in print or electronic forms, but not for profit, all or part of this material is granted, provided that the International Journal of Information Systems and Project Management copy right notice is given and that reference made to the publication, to its date of issue, and to the fact that reprinting privileges were granted by permission of SciKA - Association for Pro motion and Dissemination of Scientific Knowledge.