论文信息 - An analysis of economic impact on IoT under GDPR

An analysis of economic impact on IoT under GDPR

The EU's GDPR is expected to come into force on May 25, 2018. By this regulation, it will be possible to enforce even stronger legislation than the existing Directive. In particular, GDPR is expected to have a major impact on IoT industry, which uses diverse and vast amounts of personal information. This paper first examines why the IoT industry is affected by GDPR. Then, the paper describes how the GDPR will affect the IoT firm's cost qualitatively by using the cost definition of the Gordon and Loeb model and quantitatively by estimating cost using statistics and legal bases. As a qualitative view, the GDPR affected the preventative cost and legal cost of the Gordon and Loeb model, and the quantitative view showed that after the GDPR, the firm's cost could increase by 3 to 4 times on average, and by 18 times if it was more.

[1] Lawrence A. Gordon,et al. The economics of information security investment , 2002, TSEC.

[2] REGULATION (EU) 2019/518 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL , 2015 .

[3] David Thomas Ford,et al. Seeking opportunities in the Internet of Things (IoT): : A Study of IT values co-creation in the IoT ecosystem while considering the potential impacts of the EU General Data Protection Regulations (GDPR). , 2017 .