cbased coordinated and contributed to the study. 



The team studied the impact of the General Data Protection Regulation (GDPR) from a legal, technical and innovation point of view with the aim of elaborating recommendations for a future oriented digital industry policy. The impact of GDPR is far reaching and crosses the boundary of any of the disciplined involved. To be able to analyse and forecast the implications of GDPR demands a truly multidisciplinary approach – as employed here – that goes beyond the limitations of each of the involved disciplines. 


The consistent implementation of the General Data Protection Regulation (GDPR) – despite all the outstanding issues – can be a major step towards an independent European digitisation strategy and should therefore receive much more attention than it has done so far.


Project partners were SBA Research GmbH and the Vienna University of Economics and Business Administration, Department of Information Systems and Process Management. The study was funded by the Federal Ministry for Transport, Innovation and Technology


Data privacy regulations are desirable from a socio-political point of view, interesting from an industrial policy point of view, and should be indispensable as part of a geopolitical strategy. Europe has misjudged digital technologies as ordinary generic technologies and underestimated the wider economic and geopolitical implications. Because of its ties to the United States, the constant pressure to remain competitive, and the attempt to regain already lost ground, Europe has bet mainly on the rapid diffusion of digital technologies, at the expense of their appropriation. Instead of a strategic approach – such as China or Russia – a laissez faire approach was chosen. 

Developments have shown that this positioning is not sustainable and that an independent and Europe-centred approach is needed. Additionally, Europe is underrepresented in many of the hot topics surrounding digitisation (e. g. AI in the military sector) and cannot afford to remain in this strategic vacuum in the long run. In order to make progress, the European dimension must be significantly strengthened despite the present incoherence of opinions among member states. The hardly working Franco-German axis is not helpful in this respect either. 

On the positive side, it must be noted that Europe was first to reign in the big US platform companies. Still, It is obvious that the current steps at European level – the pursuit of abuse of market power, compliance with data protection rules – are defensive strategies and, as such, are important but successful only if active elements are strengthened. A geopolitical repositioning of Europe that is accompanied by thriving digital ecosystems that lead to a renaissance of technological and societal change is the only answer in the long run. This is a must if Europe wants to stay Europe.

GDPR is an asset that should be further boosted by compatible policy measures that are part of a horizontal strategy that makes sure that users again have control over their data and can centrally manage access. To this end, uniform standards and APIs for Europe must be developed and put live as quickly as possible.

See the online discussion of the draft study

See the deliberations around the draft of the study that was discussed with a well informed community on

Close Menu