An empirical study on the impact of GDPR and right to be forgotten - organisations and users perspective

Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI:10.1145/3407023.3407080

Vincenzo Mangini, Irina Tal, Arghir-Nicolae Moldovan

{"title":"An empirical study on the impact of GDPR and right to be forgotten - organisations and users perspective","authors":"Vincenzo Mangini, Irina Tal, Arghir-Nicolae Moldovan","doi":"10.1145/3407023.3407080","DOIUrl":null,"url":null,"abstract":"The General Data Protection Regulation (GDPR) is a prescriptive legislation in the European Union (EU) for privacy and data protection that applies to every organisation within the EU and any organisation outside the EU if they offer goods or services to EU citizens. The enforcement of GDPR created a big challenge for organisations which were required to create new professional figures, system, policies, procedures and standards, budget for new investments, and to set up a project plan or catalogue specific to the GDPR. This paper focuses on the GDPR 'right to be forgotten' and the specific implementation challenges it poses. The research study used two surveys to collect data from both organisations and users. The results show that while organisations are struggling with GDPR and right to be forgotten, there are also positive aspects about its implementation that translate into improved data privacy. The findings related to the users show that they are in general happy with the legislation.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"29 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"19","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 15th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3407023.3407080","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 19

Abstract

The General Data Protection Regulation (GDPR) is a prescriptive legislation in the European Union (EU) for privacy and data protection that applies to every organisation within the EU and any organisation outside the EU if they offer goods or services to EU citizens. The enforcement of GDPR created a big challenge for organisations which were required to create new professional figures, system, policies, procedures and standards, budget for new investments, and to set up a project plan or catalogue specific to the GDPR. This paper focuses on the GDPR 'right to be forgotten' and the specific implementation challenges it poses. The research study used two surveys to collect data from both organisations and users. The results show that while organisations are struggling with GDPR and right to be forgotten, there are also positive aspects about its implementation that translate into improved data privacy. The findings related to the users show that they are in general happy with the legislation.

查看原文本刊更多论文

GDPR与被遗忘权影响的实证研究——组织与用户视角

通用数据保护条例(GDPR)是欧盟(EU)关于隐私和数据保护的规范性立法，适用于欧盟内的每个组织，以及欧盟以外的任何组织，如果他们向欧盟公民提供商品或服务。GDPR的实施给组织带来了巨大的挑战，这些组织需要创建新的专业数字、系统、政策、程序和标准，为新投资制定预算，并制定特定于GDPR的项目计划或目录。本文主要关注GDPR的“被遗忘权”以及它所带来的具体实施挑战。这项研究使用了两次调查来收集来自组织和用户的数据。调查结果显示，虽然企业正在努力应对GDPR和被遗忘权，但它的实施也有积极的方面，可以转化为数据隐私的改善。与用户相关的调查结果显示，他们总体上对这项立法感到满意。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 15th International Conference on Availability, Reliability and Security

自引率

0.00%

发文量