Table of Links Abstract and 1. Introduction Abstract and 1. Introduction Background to the GDPR


Literature Review
3.1 Consumer awareness and knowledge of the regulation
3.2 Consumer awareness and knowledge of the regulator
3.3 Consumer perceptions of privacy
3.4 Business response to Data Protection regulation
3.5 Employee awareness of their employer’s Data Protection regulator
3.6 Employee perception of benefit of the GDPR to their employer
3.7 The research goal is the consumer/employee perception of the GDPR
3.8 Summary


Methods
4.1 Design
4.2 Data Analysis and 4.3 Ethical considerations


Analysis and Results
5.1 Background demographics and 5.2 Hypothesis 1: Consumers are aware and knowledgeable about the GDPR
5.3 Hypothesis 2: Consumers lack awareness and knowledge about the regulator
5.4 Hypothesis 3: Consumers feel their privacy is better since GDPR was introduced
5.5 Hypothesis 4: Companies have responded to GDPR and made changes
5.6 Hypothesis 5: Employees lack awareness of the GDPR regulator at work
5.7 Hypothesis 6: Employees have seen little benefits to their company from GDPR
5.8 Research question: GDPR: Is it worth it? and 5.9 A regression model based on the dual professional-consumer perspective


Discussion and 6.1 High consumer awareness and knowledge of the GDPR
6.2 Respondents lacked a formed opinion and 6.3 GDPR has driven changes
6.4 Perceptions of privacy have improved and 6.5 The profile of the regulator may not matter
6.6 Regulator Enforcer and 6.7 GDPR is worth it if...
6.8 Implications
6.9 Limitations and future work


Conclusion, Funding and Disclosure Statement, and References Background to the GDPR Background to the GDPR Background to the GDPR Literature Review
3.1 Consumer awareness and knowledge of the regulation
3.2 Consumer awareness and knowledge of the regulator
3.3 Consumer perceptions of privacy
3.4 Business response to Data Protection regulation
3.5 Employee awareness of their employer’s Data Protection regulator
3.6 Employee perception of benefit of the GDPR to their employer
3.7 The research goal is the consumer/employee perception of the GDPR
3.8 Summary Literature Review 3.1 Consumer awareness and knowledge of the regulation 3.1 Consumer awareness and knowledge of the regulation 3.2 Consumer awareness and knowledge of the regulator 3.2 Consumer awareness and knowledge of the regulator 3.3 Consumer perceptions of privacy 3.3 Consumer perceptions of privacy 3.4 Business response to Data Protection regulation 3.4 Business response to Data Protection regulation 3.5 Employee awareness of their employer’s Data Protection regulator 3.5 Employee awareness of their employer’s Data Protection regulator 3.6 Employee perception of benefit of the GDPR to their employer 3.6 Employee perception of benefit of the GDPR to their employer 3.7 The research goal is the consumer/employee perception of the GDPR 3.7 The research goal is the consumer/employee perception of the GDPR 3.8 Summary 3.8 Summary Methods
4.1 Design
4.2 Data Analysis and 4.3 Ethical considerations Methods 4.1 Design 4.1 Design 4.2 Data Analysis and 4.3 Ethical considerations 4.2 Data Analysis and 4.3 Ethical considerations Analysis and Results
5.1 Background demographics and 5.2 Hypothesis 1: Consumers are aware and knowledgeable about the GDPR
5.3 Hypothesis 2: Consumers lack awareness and knowledge about the regulator
5.4 Hypothesis 3: Consumers feel their privacy is better since GDPR was introduced
5.5 Hypothesis 4: Companies have responded to GDPR and made changes
5.6 Hypothesis 5: Employees lack awareness of the GDPR regulator at work
5.7 Hypothesis 6: Employees have seen little benefits to their company from GDPR
5.8 Research question: GDPR: Is it worth it? and 5.9 A regression model based on the dual professional-consumer perspective Analysis and Results 5.1 Background demographics and 5.2 Hypothesis 1: Consumers are aware and knowledgeable about the GDPR 5.1 Background demographics and 5.2 Hypothesis 1: Consumers are aware and knowledgeable about the GDPR 5.3 Hypothesis 2: Consumers lack awareness and knowledge about the regulator 5.3 Hypothesis 2: Consumers lack awareness and knowledge about the regulator 5.4 Hypothesis 3: Consumers feel their privacy is better since GDPR was introduced 5.4 Hypothesis 3: Consumers feel their privacy is better since GDPR was introduced 5.5 Hypothesis 4: Companies have responded to GDPR and made changes 5.5 Hypothesis 4: Companies have responded to GDPR and made changes 5.6 Hypothesis 5: Employees lack awareness of the GDPR regulator at work 5.6 Hypothesis 5: Employees lack awareness of the GDPR regulator at work 5.7 Hypothesis 6: Employees have seen little benefits to their company from GDPR 5.7 Hypothesis 6: Employees have seen little benefits to their company from GDPR 5.8 Research question: GDPR: Is it worth it? and 5.9 A regression model based on the dual professional-consumer perspective 5.8 Research question: GDPR: Is it worth it? and 5.9 A regression model based on the dual professional-consumer perspective Discussion and 6.1 High consumer awareness and knowledge of the GDPR
6.2 Respondents lacked a formed opinion and 6.3 GDPR has driven changes
6.4 Perceptions of privacy have improved and 6.5 The profile of the regulator may not matter
6.6 Regulator Enforcer and 6.7 GDPR is worth it if...
6.8 Implications
6.9 Limitations and future work Discussion and 6.1 High consumer awareness and knowledge of the GDPR Discussion and 6.1 High consumer awareness and knowledge of the GDPR 6.2 Respondents lacked a formed opinion and 6.3 GDPR has driven changes 6.2 Respondents lacked a formed opinion and 6.3 GDPR has driven changes 6.4 Perceptions of privacy have improved and 6.5 The profile of the regulator may not matter 6.4 Perceptions of privacy have improved and 6.5 The profile of the regulator may not matter 6.6 Regulator Enforcer and 6.7 GDPR is worth it if... 6.6 Regulator Enforcer and 6.7 GDPR is worth it if... 6.8 Implications 6.8 Implications 6.9 Limitations and future work 6.9 Limitations and future work Conclusion, Funding and Disclosure Statement, and References Conclusion, Funding and Disclosure Statement, and References Conclusion, Funding and Disclosure Statement, and References A. Table of Survey Responses A. Table of Survey Responses B. Regression Analysis B. Regression Analysis C. Survey C. Survey 5 ANALYSIS AND RESULTS 5.1 Background demographics In the final phase #3 of the study, most participants were from large (250 to 2,499 employees) and very large companies (2,500+). The Operations/Manufacturing and Customer Service departments accounted for just over 50% of the sample (see Appendix A for details). 5.2 Hypothesis 1: Consumers are aware and knowledgeable about the GDPR In the larger phase #2 survey, 93% of respondents confirmed awareness of GDPR or the General Data Protection Regulation. Only those who acknowledged familiarity were invited to the subsequent main study. Regarding the question ‘How well do you know what rights GDPR gives you as a consumer?’, we employed a slider scale from 0 (nothing) to 100 (expert) for more precise quantification. The average score was 50.6, with a median of 53. Notably, the distribution in Figure 1 hints at two distinct populations—one less confident in their GDPR knowledge. A Kolmogorov-Smirnov test supports this, rejecting the null hypothesis of a single normal distribution (𝑝 = 0, 𝑠 = 1.00). Respondents were then presented with eight statements, of which four were correct regarding consumer rights, to test their depth of knowledge of the GDPR. The answer options were yes, no or unsure. While the averaged scores per individual are pretty high, only 59% of respondents got all the positive statements correct, and only 20% got all the negative statements correct, i.e. correctly identified the incorrect statements (Figure 2). We conclude there is a high awareness and knowledge of the GDPR. People may lack confidence that they know their consumer rights under the GDPR at a high level but are more sure-footed at a detailed level. Participants scored high on recognising legitimate rights but were unsure when presented with made-up rights. Authors:
(1) Gerard Buckley, University College London, UK (gerard.buckley.18@ucl.ac.uk);
(2) Tristan Caulfield, University College London, UK (t.caulfield@ucl.ac.uk);
(3) Ingolf Becker, University College London, UK (i.becker@ucl.ac.uk). Authors: Authors: (1) Gerard Buckley, University College London, UK (gerard.buckley.18@ucl.ac.uk); (2) Tristan Caulfield, University College London, UK (t.caulfield@ucl.ac.uk); (3) Ingolf Becker, University College London, UK (i.becker@ucl.ac.uk). This paper is available on arxiv under CC BY 4.0 DEED license. This paper is available on arxiv under CC BY 4.0 DEED license. available on arxiv available on arxiv

Part of HackerNoon's growing list of open-source research papers, promoting free access to academic material.

GDPR Is Working—Consumers Say Privacy Has Improved

Ethical, Scalable Survey Design for GDPR Impact Study

Tech User Story 

Too Long; Didn't Read

Boost your HackerNoon story @ $159.99! 🚀

Consumers Know GDPR Exists—But Not All Their Rights

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

AutoStory: Generating Diverse Storytelling Images with Minimal Effort: Conclusion and References

Growing Your Business on the Back of Customer Experience Management

GDPR: What We Already Know (and Don’t)

How GDPR Has Influenced Public Understanding of Privacy

Do Employees Know Their GDPR Regulator? Literature Says “No”

Ethical, Scalable Survey Design for GDPR Impact Study

AutoStory: Generating Diverse Storytelling Images with Minimal Effort: Conclusion and References

Growing Your Business on the Back of Customer Experience Management

GDPR: What We Already Know (and Don’t)

How GDPR Has Influenced Public Understanding of Privacy

Do Employees Know Their GDPR Regulator? Literature Says “No”

Ethical, Scalable Survey Design for GDPR Impact Study

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps