The Costs of Data Protection, in particular for SMEs

Project: Research

Project participants

Description

There is a continuous tendency in European data protection law and regulation to increase protection standards and impose more limitations on how firms can use customer data. Data protection imposes costs on economic activity, and these costs should be recognized in data protection law and policy.

The project aimed to assess whether European and German data protection laws increase the costs of doing business for firms. The project focused in particular on costs related to efficient management of the firm (data protection could impose costs by making supervision and control of personnel more costly and therefore management less effective) and to the development and marketing of new products (data protection may make it more costly to obtain data from customers required to develop or market new products).

Should a cost benefit analysis play a more prominent role in determining whether changes to data protection are desirable, like it is used in many other areas where regulation affects business activity?

What do we know about cost awareness in SMEs, are costs od data protection empirically measurable?

Methods: Empirical study, interviews

Results: While there is a vague recognition that data protection does impose costs, it appears impossible to measure costs related to data protection in SMEs because a lack of awareness of data protection law requirements. Awareness of data protection laws and willingness to comply is developing gradually, but is still very uneven. Any meaningful measurement would have been possible only if compliance with data protection laws would have received more attention already before that last major legislative change in 2009, but before that time the topic was virtually non-existent for most SMEs.

The report shows why concerns about the costs of data protection should matter more when reforming data protection laws.

Documentation: Report (to be finalized in April 2013)

Limits: Lack of awareness of, and compliance with, data protection laws made empirical study and even report of anecdotal evidence impossible.

Follow-uo project: There were several contacts with organizations representing SMEs in Germany and the study may generate enough interest on their side to continue with a joint project.
StatusFinished
Period01.04.1230.04.13

Recently viewed

Publications

  1. Explaining General and Specific Factors in Longitudinal, Multimethod, and Bifactor Models
  2. Timing matters: Distinct effects of nitrogen and phosphorus fertilizer application timing on root system architecture responses
  3. Structural Synthesis of Parallel Robots with Unguided Linear Actuators
  4. Neural relational inference for disaster multimedia retrieval
  5. A Two-Stage Sliding-Mode High-Gain Observer to Reduce Uncertainties and Disturbances Effects for Sensorless Control in Automotive Applications
  6. Deeper Insights into Different Consumer Perceptions of CSR Communication
  7. Development and comparison of processing maps of Mg-3Sn-1Ca alloy from data obtained in tension versus compression
  8. The Replication Database: Documenting the Replicability of Psychological Science
  9. Systematic feature evaluation for gene name recognition
  10. Determinants of union membership in 18 EU countries
  11. How Differences in Ratings of Odors and Odor Labels Are Associated with Identification Mechanisms
  12. Determining Lot Sizes in Production Areas
  13. A high-resolution approach for the spatiotemporal analysis of forest canopy space using terrestrial laser scanning data
  14. Towards a Comprehensive Framework for Environmental Management Accounting
  15. The buffering effect of selection, optimization, and compensation strategy use on the relationship between problem solving demands and occupational well-being
  16. Effects of accuracy feedback on fractal characteristics of time estimation
  17. TANGO: A reliable, open-source, browser-based task to assess individual differences in gaze understanding in 3 to 5-year-old children and adults
  18. Efficacy of an internet and app-based gratitude intervention in reducing repetitive negative thinking and mechanisms of change in the intervention's effect on anxiety and depression
  19. Using an adaptive memory strategy to improve a multistart heuristic for sequencing by hybridization