Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
General Data Protection Regulation: No silver bullet for small and medium-sized enterprises
Journal of Payments Strategy & Systems,
12
(2),
139-149
(2018)
Abstract
The EU General Data Protection Regulation (GDPR) presents the biggest shake-up of data protection laws for 20 years. This paper discusses its potential impact on the 26 million small and medium-sized enterprises (SMEs) that represent 99 per cent of business in the EU, and which provide two-thirds of the total private sector employment in the EU. The European Commission considers SMEs and entrepreneurship as the key to ensuring economic growth, innovation, job creation and social integration in the EU. This paper argues that for SMEs, compliance with the GDPR represents a far greater burden of regulatory duty than is appropriate and may impede their development and competitiveness against larger firms that can afford dedicated staff to manage the process, implementation and ongoing supervision of GDPR compliance. The paper looks at several areas where cloud technology has enabled SMEs to compete and win against larger global players, but suggests that under the GDPR, such technology may entail greater cost and resources.
Keywords: cloud service providers; SMEs; personal impact assessment; consent; e-privacy
The full article is available to subscribers to the journal.
Author's Biography
Gerard Wilkinson is the Managing Director of Cognitive Research Limited, an organisation involved in funding, acquisitions and business consulting for small and medium-sized enterprises, with a focus on cloud ecosystems. He is also an associate consultant on the General Data Protection Regulation for Edgar, Dunn and Company, an independent and global strategy consulting firm specialising in payment and digital financial services. He has a strong background in risk management as well as owning and running several companies.
