Top

Business & Information Systems Engineering

Published in:

Open Access 09-03-2020 | Discussion

The Role of IS in the Conflicting Interests Regarding GDPR

Authors: Dr. Timo Jakobi, Prof. Dr. Maximilian von Grafenstein, Prof. Dr. Christine Legner, Clément Labadie, Prof. Dr. Dr. hc. mult. Peter Mertens, Dr. Ayten Öksüz, Prof. Dr. Gunnar Stevens

Published in: Business & Information Systems Engineering | Issue 3/2020

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Excerpt

Timo Jakobi, Information Systems esp. IT-Security and Privacy, University of Siegen …

previous article Monetizing Online Content: Digital Paywall Design and Configuration

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

WIRTSCHAFTSINFORMATIK

WI – WIRTSCHAFTSINFORMATIK – ist das Kommunikations-, Präsentations- und Diskussionsforum für alle Wirtschaftsinformatiker im deutschsprachigen Raum. Über 30 Herausgeber garantieren das hohe redaktionelle Niveau und den praktischen Nutzen für den Leser.

inform now

Business & Information Systems Engineering

BISE (Business & Information Systems Engineering) is an international scholarly and double-blind peer-reviewed journal that publishes scientific research on the effective and efficient design and utilization of information systems by individuals, groups, enterprises, and society for the improvement of social welfare.

inform now

Wirtschaftsinformatik & Management

Texte auf dem Stand der wissenschaftlichen Forschung, für Praktiker verständlich aufbereitet. Diese Idee ist die Basis von „Wirtschaftsinformatik & Management“ kurz WuM. So soll der Wissenstransfer von Universität zu Unternehmen gefördert werden.

inform now

https://newsroom.mastercard.com/press-releases/mastercard-establishes-principles-for-data-responsibility/.

https://www.zurich.com/en/about-us/corporate-governance/code-of-conduct.

Albrecht JP (2016) How the GDPR will change the world. Eur Data Prot Law Rev 2:287–289CrossRef

Alizadeh F, Jakobi T, Boldt J, Stevens G (2019) GDPR-reality check on the right to access data: claiming and investigating personally identifiable data from companies. In: Proceedings of Mensch und Computer 2019. ACM, New York, pp 811–814

Alvarez SA, Barney JB (2007) Discovery and creation: alternative theories of entrepreneurial action. Strateg Entrep J 1:11–26CrossRef

Amnesty International (2019) Surveillance giants: how the business model of Google and Facebook threatens human rights. https://www.amnesty.org/download/Documents/POL3014042019ENGLISH.PDF. Accessed 9 Feb 2020

Berg-Larsen E (2015) The issue of privacy in the European Union – controversies of the General Data Protection Regulation. Master’s Thesis, University of Oslo

Berlin Commissioner for Data Protection and Freedom of Information (2019) Berliner Datenschutzbeauftragte verhängt Bußgeld gegen Immobiliengesellschaft. https://www.datenschutz-berlin.de/fileadmin/user_upload/pdf/pressemitteilungen/2019/20191105-PM-Bussgeld_DW.pdf. Accessed 3 Dec 2019

Capgemini Research Institute (2019) Championing data protection and privacy. https://www.capgemini.com/de-de/wp-content/uploads/sites/5/2019/09/Report_GDPR_Championing_DataProtection_and_Privacy.pdf. Accessed 9 Feb 2020

Crocoll S (2019) Der Schatz aus der Maschinenhalle. In: Wirtschaftswoche No. 13, 22 Mar 2019, pp 29–31

Cvik ED, Pelikánová RM, Malỳ M (2018) Selected issues from the dark side of the General Data Protection Regulation. Rev Econ Perspekt 18:387–407CrossRef

De Hert P, Papakonstantinou V (2016) The new General Data Protection Regulation: still a sound system for the protection of individuals? Comput Law Secur Rev 32:179–194CrossRef

De Hert P, Papakonstantinou V, Malgieri G et al (2018) The right to data portability in the GDPR: towards user-centric interoperability of digital services. Comput Law Secur Rev 34:193–203. https://doi.org/10.1016/j.clsr.2017.10.003CrossRef

Degeling M, Utz C, Lentzsch C et al (2018) We value your privacy… Now take some cookies: measuring the GDPR’s impact on web privacy. arXiv:180805096

Diker Vanberg A, Ünver MB (2017) The right to data portability in the GDPR and EU competition law: odd couple or dynamic duo? Eur J Law Technol 8(1):1–22

EDPB (2016) Guidelines on data protection impact assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of regulation. Data Protection Working Party 2016/679, 5:10. Accessed 9 Feb 2020

Eifert M, Hoffmann-Riem W, Schmidt-Aßmann E, Voßkuhle A (2012) Regulierungsstrategien. In: Grundlagen des Verwaltungsrechts. Bd. I „Methoden – Maßstäbe – Aufgaben – Organisation“, 2nd edn. Beck, München

Ermakova T, Fabian B, Bender B, Klimek K (2018) Web tracking – a literature review on the state of research. In: Proceedings of the 51st Hawaii international conference on system sciences. https://doi.org/10.24251/hicss.2018.596

European Parliament and Council (2016) Regulation (EU) 2016/679 of the European Parliament and of the Council. Off J Eur Union Law 119/2016, vol 59

Fox G, Tonge C, Lynn T, Mooney J (2018) Communicating compliance: developing a GDPR privacy label. In: 24th Americas conference on information systems, New Orleans

Gartner WB (1985) A conceptual framework for describing the phenomenon of new venture creation. Acad Manag Rev 10:696–706CrossRef

Gellert R (2018) Understanding the notion of risk in the General Data Protection Regulation. Comput Law Secur Rev 34:279–288CrossRef

Hartog C, Van Stel A, Storey DJ (2011) Institutions and entrepreneurship: the role of the rule of law; levie, autio, regulatory burden, rule of law, and entry of strategic entrepreneurs: an international panel study. J Manag Stud 48(6):1392–1419CrossRef

Heide D, Neuerer D (2018) Parteiübergreifende Kritik am neuen Datenschutz. Handelsblatt 13 June 2018, p 9

Hey J (ed) (2019) Digitalisierung im Steuerrecht. Schmidt, Köln

Hintze M, El Emam K (2018) Comparing the benefits of pseudonymisation and anonymisation under the GDPR. J Data Prot Priv 2(2):145–158

Hoffmann-Riem W (2006) Innovationsoffenheit und Innovationsverantwortung durch Recht: Aufgaben rechtswissenschaftlicher Innovationsforschung. Archiv des öffentlichen Rechts 131:255–277CrossRef

Huth D (2017) A pattern catalog for GDPR compliant data protection. In: Ralyté J, Roelens B, Demeyer S (eds): Proceedings of the doctoral consortium and industry track papers presented at the 10th IFIP WG 8.1 working conference on the practice of enterprise modelling (PoEM 2017), Leeuven, pp 34–40

Jaeckel L (2010) Gefahrenabwehrrecht und Risikodogmatik – Moderne Technologien im Spiegel des Verwaltungsrechts. Mohr Siebeck, TübingenCrossRef

Jakobi T, Patil S, Randall D et al (2019a) It’s about what they could do with the data: a user perspective on privacy in smart metering. ACM Trans Comput Hum Interact 9:43. https://doi.org/10.1145/3281444CrossRef

Jakobi T, Stevens G, Seufert A-M, Becker M (2019b) Webtracking under the new data protection law: design potentials at the intersection of jurisprudence and HCI. In: Proceedings of Mensch und Computer 2019. ACM, New York, pp 309–319

Kamara I (2017) Co-regulation in EU personal data protection: the case of technical standards and the privacy by design standardisation ‘mandate’. Eur J Law Technol 8(1):4

Karyda M, Mitrou L (2016) Data breach notification: issues and challenges for security management. In: Proceedings mediterranean conference on information systems, p 60. https://aisel.aisnet.org/mcis2016/60

Knodt M (2019) Hürden für Dr. Algorithmus. Handelsblatt 15 Oct 2019, p 13

Koch M (2019) Wenig Gründermut. Handelsblatt 2 Sept 2019, p 8

Kremer S (2019) Ein Jahr DSGVO: Aktuelle Entwicklungen und Herausforderungen des neuen Datenschutzrechts in der Praxis. In: Der Betrieb No. 25, 24 June 2019, pp 1429–1435

Labadie C, Legner C (2019) Understanding data protection regulations from a data management perspective: a capability-based approach to EU-GDPR, In: Internationale Tagung Wirtschaftsinformatik 2019. https://wi2019.de/wp-content/uploads/Tagungsband_WI2019_reduziert.pdf. Accessed 10 Feb 2020

Lachaud E (2018) The General Data Protection Regulation and the rise of certification as a regulatory instrument. Comput Law Secur Rev 34:244–256CrossRef

Lambrinoudakis C (2018) The General Data Protection Regulation (GDPR) era: ten steps for compliance of data processors and data controllers. In: International conference on trust and privacy in digital business. Springer, Heidelberg, pp 3–8

Legner C, Eymann T, Hess T et al (2017) Digitalization: opportunity and challenge for the business and information systems engineering community. Bus Inf Syst Eng 59:301–308CrossRef

Levie J, Autio E (2011) Regulatory burden, rule of law, and entry of strategic entrepreneurs: an international panel study. J Manag Stud 48:1392–1419CrossRef

Lopes IM, Guarda T, Oliveira P (2019) How ISO 27001 can help achieve GDPR compliance. In: 14th Iberian conference on information systems and technologies (CISTI). Coimbra, pp 1–6. https://doi.org/10.23919/cisti.2019.8760937

Mayer-Schonberger V (2010) The law as stimulus: the role of law in fostering innovative entrepreneurship. I/S J Law Policy Inf Soc 6:153

Mertens P (2013) Integrierte Informationsverarbeitung. 1. Operative Systeme in der Industrie, Chapter 3.5.2.9, 18th edn. Springer, Heidelberg

Mertens P (2019) Die Datenschutz-Grundverordnung – eine kritische Sicht. Wirtschaftsinformatik und Management 11(1):6–17CrossRef

Mhaidli AH, Zou Y, Schaub F (2019) “We can’t live without them!” App developers’ adoption of ad networks and their considerations of consumer risks. In: Proceedings of the 15th USENIX conference on usable privacy and security. USENIX Association, pp 225–244

Mitrou L (2017) The General Data Protection Regulation: a law for the digital age? In: Synodinou TE et al (eds) EU Internet Law. Springer, Heidelberg, pp 19–57CrossRef

Moll R, Horn M, Scheibel L, Rusch-Rodosthenous M (2018) Informationspflichten und datenschutzfreundliche Voreinstellungen. Soziale Medien und die EU-Datenschutzgrundverordnung. Verbraucherzentrale NRW e. V. (Hrsg.). https://www.marktwaechter.de/sites/default/files/downloads/bericht_soziale_medien_dsgvo_i.pdf. Accessed 12 Feb 2020

Neuerer D (2019) Weniger ist mehr. Handelsblatt 20 Sept 2019, p 16

Politou E, Alepis E, Patsakis C (2018) Forgetting personal data and revoking consent under the GDPR: challenges and proposed solutions. J Cybersecur 4:tyy001CrossRef

Rehaag C (2019) Neuer Geheimnisschutz. Frankfurter Allgemeine Zeitung 19 June 2019, p 18

Riedl R, Benlian A, Hess T et al (2017) On the relationship between information management and digitalization. Bus Inf Syst Eng 59:475–482. https://doi.org/10.1007/s12599-017-0498-9CrossRef

Ritzer C (2019) Keine Harmonie bei Cookies. Frankfurter Allgemeine Zeitung 9 Oct 2019, p 16

Scheibel L, Horn M, Öksüz A (2019) Recht auf Auskunft und Datenübertragbarkeit. Soziale Medien und die EU-Datenschutzgrundverordnung. Verbraucherzentrale NRW e. V (ed). https://www.marktwaechter.de/sites/default/files/downloads/bericht_soziale_medien_dsgvo_ii.pdf. Accessed 12 Feb 2020

Schelter S, Kunegis J (2018) On the ubiquity of web tracking: insights from a billion-page web crawl. J Web Sci 4:53–66CrossRef

Schröder M (2019) Der risikobasierte Ansatz in der DS-GVO – Risiko oder Chance für den Datenschutz. Zeitschrift für Datenschutz 9:503–506

Schumpeter J (2003) Capitalism, socialism and democracy. 5th edn. Routledge, New York

Software AG (2017) Ensuring compliance with the General Data Protection Regulation (GDPR). Software AG, Darmstadt

Tankard C (2016) What the GDPR means for businesses. Netw Secur 2016:5–8. https://doi.org/10.1016/S1353-4858(16)30056-3CrossRef

Theile G, Creutzburg D (2019) Die Deutschen scheuen das Risiko. Frankfurter Allgemeine Zeitung 16 August 2019, p 15

Triumph-Adler (2019) Datenschutz: Kein Grund zur Panik. https://triumph-adler.de/ta-de-de/talking-future/undesgehtdoch-leben-mit-DSGVO. Accessed 26 Nov 2019

Urbach N, Ahlemann F, Böhmann T et al (2019) The impact of digitalization on the IT department. Bus Inf Syst Eng 61:123–131CrossRef

Utz C, Degeling M, Fahl S et al (2019) (Un)informed consent: studying GDPR consent notices in the field. In: Proceedings of the ACM SIGSAC conference on computer and communications security. ACM, New York, pp 973–990

Voigt P, Von dem Bussche A (2017) The EU General Data Protection Regulation (GDPR). A practical guide. Springer, ChamCrossRef

von Grafenstein M (2020) Co-regulation and the competitive advantage in the GDPR: data protection certification mechanisms, codes of conduct and the “state of the art” of data protection-by-design. In: González-Fuster G, van Brakel R, De Hert P (eds) Research handbook on privacy and data protection law. Values, norms and global politics. Elgar, Cheltenham

Waschinski G (2019) Spahn plant eigenes Datenschutzgesetz. Handelsblatt 5 July 2019, p 12

Wiebe A, Helmschrot C (2019) Untersuchung der Umsetzung der Datenschutz-Grundverordnung (DSGVO) durch Online-Dienste. https://www.bmjv.de/SharedDocs/Downloads/DE/News/Artikel/112919_DSGVO_Studie.pdf. Accessed 12 Feb 2020

Wieduwilt H (2019) Gerichtshof begrenzt das Vergessen im Internet auf die EU. Frankfurter Allgemeine Zeitung 25 Sep 2019, p 17

Wuhrmann D (2019) Plattform für den Autobau. Frankfurter Allgemeine Zeitung 19 June 2019, p 18

Zarsky TZ (2016) Incompatible: the GDPR in the age of big data. Seton Hall Law Rev 47:995–1020

Title: The Role of IS in the Conflicting Interests Regarding GDPR
Authors: Dr. Timo Jakobi
Prof. Dr. Maximilian von Grafenstein
Prof. Dr. Christine Legner
Clément Labadie
Prof. Dr. Dr. hc. mult. Peter Mertens
Dr. Ayten Öksüz
Prof. Dr. Gunnar Stevens
Publication date: 09-03-2020
Publisher: Springer Fachmedien Wiesbaden
Published in: Business & Information Systems Engineering / Issue 3/2020
Print ISSN: 2363-7005
Electronic ISSN: 1867-0202
DOI: https://doi.org/10.1007/s12599-020-00633-4

Springer Professional

Excerpt

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

WIRTSCHAFTSINFORMATIK

Business & Information Systems Engineering

Wirtschaftsinformatik & Management

Other articles of this Issue 3/2020

Designing Anthropomorphic Enterprise Conversational Agents

Intelligent User Assistance for Automated Data Mining Method Selection

Monetizing Online Content: Digital Paywall Design and Configuration

Interview with Omer Biran and Michael Halfmann on “Conversational Agents at SAP”

User Assistance for Intelligent Systems

Virtual Assistance in Any Context

Premium Partner