{"id":468,"date":"2025-04-27T21:11:03","date_gmt":"2025-04-27T21:11:03","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/jb23435\/?page_id=468"},"modified":"2025-04-27T21:15:33","modified_gmt":"2025-04-27T21:15:33","slug":"review-of-implementation-of-the-general-data-protection-regulation-gdpr","status":"publish","type":"page","link":"https:\/\/sites.wp.odu.edu\/jb23435\/review-of-implementation-of-the-general-data-protection-regulation-gdpr\/","title":{"rendered":"Review of Implementation of the General Data Protection Regulation (GDPR)"},"content":{"rendered":"\n

Introduction<\/strong>
Data privacy and protection are the new global standards with the General Data Protection
Regulation (GDPR) implemented by the European Union in 2018. The effectiveness of such a
policy must be judged by its means of success, by the policy judgments of the experts, and by the
policy\u2019s wider moral, political and social dimensions. In this article, we take a look at what
expert assessment would look like, how it can be done, and whether the results would show that
the GDPR was successful in achieving its objectives.<\/p>\n\n\n\n


Expert Evaluations of GDPR<\/strong>
Intellectuals have analysed the GDPR from a variety of angles, with successes and failures. Tikk
and Kaska (2019) found that the regulation had effectively \u2018brought data privacy to the public\u2019s
awareness and brought in-house requirements for data protection by companies all over the
world. \u2018Compliance with GDPR is seen as a precondition for the companies that want to
continue access to European markets, and thus extends the regulation\u2019s reach beyond the EU\u2019 (p
120), they conclude.
But Veale, Binns and Ausloos (2018) point to enforcer-lack gaps as one problem. Even though
the GDPR provides people with very important rights, those rights can\u2019t always be exercised due
to the failure of DPAs to enforce. Countless DPAs are underfunded, and the law is applied
differently in different member states of the EU (p 110). These gaps reduce the efficiency of the
regulation.
In a more general sense, GDPR\u2019s prioritisation of individual rights can in fact harm
technological innovation, Mantelero (2018) writes. That makes one wonder how the regulation
will adapt to allow both privacy and innovation in new technologies such as artificial intelligence
(AI) and big data analytics (p. 756).<\/p>\n\n\n\n


Proposed Assessment Framework<\/strong>
If you want to measure the effectiveness of GDPR, there are some things you need to consider in
a model:
1. Compliance Rates: Depending on the percentage of companies that have made GDPR
compliance such as having DPOs and following consent requirements it\u2019s possible to look at
organizational compliance. 2. Enforcement Metrics: Quantifying the number and consequences of enforcement actions
taken by DPAs \u2014 fines, penalties, etc. \u2014 would reveal GDPR\u2019s practical use case.
3. Public Awareness and Trust: Depending on how many people respond to surveys asking
whether they are aware of their rights, and whether they trust companies to secure their data, the
GDPR could uncover if the law has empowered people as intended.
4. Innovation Impact: Analyzing the regulation\u2019s impact on industries whose business relies on
data analytics can show whether GDPR supports or suppresses innovation.
5. Across Borders Cooperation: Understanding how GDPR has changed the world\u2019s data
privacy laws and helped create transnational data privacy agreements will show that it\u2019s global.<\/p>\n\n\n\n


Relationship of Moral, Political and Social Dimensions<\/strong>
The moral, political and social concerns discussed in earlier chapters form part of this judgement.
In moral terms, the GDPR aims to marry privacy with economic and technological innovation.
On a political level, its extraterritorial use has encouraged collaboration and defiance, creating
global data governance. On the social side, GDPR expresses cultural norms of personal rights but
presents problems for small enterprises and cross-border trade.
These consequences contextualise the analysis by setting priorities to weigh trade-offs among
competing priorities \u2013 personal freedom, enforcement of laws, innovation. For instance, the
regulation\u2019s strong focus on consent responds to moral issues of good reason in making
decisions, but its cost of implementation can eat up smaller companies. Similarly, given GDPR\u2019s
priority for individuals over public goods (like medical research), flexible solutions based on
society are in order.<\/p>\n\n\n\n


Anticipated Findings and Recommendations<\/strong>
The existing literature and methods would indicate a mixed bag. While GDPR has been a
successful awakening and set a common international standard for data privacy, implementation
and unintended consequences such as SMEs costs and innovation choke points remain a
problem. Such problems will need more resources to enforce, more directives to adhere to, and
leeway to balance privacy with other public goods.
Finally, GDPR will only be successful if it is able to respond quickly to new challenges. As
Floridi (2016) points out: “The moral regime such as GDPR will have to change if it is to
continue to cope with the realities of a digital world” (p. 10). We might suggest working closer together between regulators, businesses and civil society to make sure that GDPR is being
achieved and that new challenges are taken up.<\/p>\n\n\n\n


Conclusion<\/strong>
We can measure GDPR effectiveness in many ways including compliance, enforcement, public
understanding, innovation impact and global influence. A cross-fertilisation of moral, political
and social ideas reveals the regulation\u2019s merits and limitations. The GDPR has done much to
protect personal rights and impact global data governance, but the future success will depend on
addressing enforcement inequalities, SMEs, and innovation. Combined with these steps, GDPR
can be an excellent set of guidelines to navigate data privacy in the digital world.<\/p>\n\n\n\n


References<\/strong>
Floridi, L. (2016). The ethics of information transparency. Ethics and Information Technology,
18(1), 9-11. https:\/\/doi.org\/10.1007\/s10676-016-9404-5.
Mantelero, A. (2018). AI and Big Data: The roadmap for a human rights, social and ethical
impact analysis. Computer Law & Security Review, 34(2), 754-772.
https:\/\/doi.org\/10.1016\/j.clsr.2018.05.017
Tikk, E., & Kaska, K. (2019). What the GDPR means for cybersecurity in Europe and beyond.
Journal of Cyber Policy, 4(2), 117-128. https:\/\/doi.org\/10.1080\/23738871.2019.1658095
: Veale, M., Binns, R., & Ausloos, J. (2018). When data protection by design and data subject
rights get in the way. International Data Privacy Law, 8(2), 105-123.
https:\/\/doi.org\/10.1093\/idpl\/ipy002<\/p>\n","protected":false},"excerpt":{"rendered":"

IntroductionData privacy and protection are the new global standards with the General Data ProtectionRegulation (GDPR) implemented by the European Union in 2018. The effectiveness of such apolicy must be judged by its means of success, by the policy judgments of the experts, and by thepolicy\u2019s wider moral, political and social dimensions. In this article, we… <\/p>\n

Read More<\/a><\/div>\n","protected":false},"author":24719,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/jb23435\/wp-json\/wp\/v2\/pages\/468"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/jb23435\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/jb23435\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/jb23435\/wp-json\/wp\/v2\/users\/24719"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/jb23435\/wp-json\/wp\/v2\/comments?post=468"}],"version-history":[{"count":3,"href":"https:\/\/sites.wp.odu.edu\/jb23435\/wp-json\/wp\/v2\/pages\/468\/revisions"}],"predecessor-version":[{"id":473,"href":"https:\/\/sites.wp.odu.edu\/jb23435\/wp-json\/wp\/v2\/pages\/468\/revisions\/473"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/jb23435\/wp-json\/wp\/v2\/media?parent=468"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}