The Past, Present, and Future of Awareness and Preparation Toward General Data Protection Regulation (GDPR)

Ariana Tulus Purnomo, Navara Seetee


General Data Protection Regulation (GDPR) is a new law of privacy that influences companies having a presence both in European Union (EU) and outside. There are many research studies published on knowledge, awareness, and preparation related to the GDPR. Understanding awareness and readiness of any company toward GDPR will be a benefit for planning, implementing, and achieving compliance with the regulation. However, research studies examining the awareness and preparation toward the GDPR is less discussed. Therefore, this paper presents a detailed review of the awareness and preparation from the past, present, and future. We have reviewed and analyzed research reports from 2016 to 2018. The implication for the future research, scholar, and practitioner are discussed.

Full Text:



C. J. Bennett, “The European General Data Protection Regulation: An instrument for the

globalization of privacy standards?” Information Polity, vol. 23, no. 2, pp. 239–246, 2018.

Y.-S. Martin and A. Kung, “Methods and tools for GDPR compliance through privacy and data protection engineering,” 2018 IEEE European Symposium on Security and Privacy Workshops

(EuroS&PW), 2018.

T. Neilsen and J. Wind, “GDPR – are we ready? a comparative and explorative study of the

changes in personal data privacy and its impact on ICT companies,” Bachelor Thesis, Malmö universitet/Teknik och samhälle, Swedia, 2018.

C. Addis and M. Kutar, “The general data protection regulation (GDPR), emerging technologies and UK organizations: Awareness, Implementation and readiness,” UK Academy for Information

Systems Conference 2018, 2018.

W. Presthus, H. Sorum, and L.R Andersen, “GDPR compliance in Norwegian companies,”

Norwegian Conference for IT Use in Organizations (NOKOBIT), Savlbard, 2018.

M. D. C. Freitas and M. M. D. Silva, “GDPR in SMEs,” 2018 13th Iberian Conference on

Information Systems and Technologies (CISTI), 2018.

Dell, “GDPR: Perceptions and readiness. A global survey of data privacy professionals at companies with European costumers”, Dimensional Research, 2016.

S. Sirur, J.R.C. Nurse, and H. Webb, “Are we there yet?: understanding the challenges faced in complying with the general data protection regulation (GDPR),” The 2nd International Workshop on Multimedia Privacy and Security, 2018.

Intersoft consulting. (2018) General data protection regulation GDPR, Deutsch. [Online].


H. Schulze, “GDPR compliance report”, Cybersecurity-Insiders, 2018.

T. Katulic and A. Katulic, “GDPR and the reuse of personal data in scientific research,” 2018

st International Convention on Information and Communication Technology, Electronics and

Microelectronics (MIPRO), 2018.

T. W. Kim and B. R. Routledge, “Informational privacy, a right to explanation, and interpretable

AI,” 2018 IEEE Symposium on Privacy-Aware Computing (PAC), 2018.

V. Diamantopoulou, A. Androutsopoulou, S. Gritzalis, and Y. Charalabidis, “An assessment of privacy preservation in crowdsourcing approaches: Towards GDPR compliance,” 2018 12th International Conference on Research Challenges in Information Science (RCIS), 2018.

A. Skendzic, B. Kovacic, and E.Tijan, “General data protection regulation – protection of personal data in an organization,” The 41st International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), 2018.

L. Elluri and K. P. Joshi, “A knowledge representation of cloud data controls for EU GDPR

compliance,” 2018 IEEE World Congress on Services (SERVICES), 2018.

R. Crossler and C. Posey, “Robbing peter to pay paul: surrendering privacy for security’s sake in an identity ecosystem,” Journal of the Association for Information Systems, vol. 18, no. 7, pp.

–515, 2017.

Meta Compliance, “GDPR best practices implementation guide, transforming gdpr requirements into compliant operational behaviours”, London, 2016.

J. Seo, K. Kim, M. Park, M. Park, and K. Lee, “An analysis of economic impact on IoT under

GDPR,” 2017 International Conference on Information and Communication Technology

Convergence (ICTC), 2017.

K. Renaud and L. A. Shepherd, “How to Make Privacy Policies both GDPR-Compliant and

Usable,” 2018 International Conference On Cyber Situational Awareness, Data Analytics And

Assessment (Cyber SA), 2018.

L. Karry. (2018) GDPR: Are Asian firms ready? International Financial Law Review, London. [Online]. Available:

E. Gately (2018) 80 Percent of Companies Still not GDPR-Compliant. [Online]. Available: compliant/.


  • There are currently no refbacks.