What problem does this paper attempt to address?

This paper attempts to explore whether the costs and efforts involved in the implementation of the General Data Protection Regulation (GDPR) are worth it. Specifically, the researchers surveyed employees who worked at the same company and had work experience both before and after the implementation of GDPR to understand their perspectives as employees executing GDPR and as consumers benefiting from it. The main research question is: "GDPR: Is it worth it?" ### Research Background - **GDPR**: GDPR is the gold standard for data protection and privacy regulation in Europe, aimed at protecting personal data and ensuring that organizations handling this data act responsibly. - **Research Subjects**: The research subjects are employees who worked at the same company and had experience both before and after the implementation of GDPR. They are both executors and beneficiaries of GDPR. ### Research Objectives - **Costs and Benefits**: To assess employees' views on the costs and efforts required during the implementation of GDPR and whether they believe these costs and efforts are worth it. - **Consumer Perspective**: To understand employees' awareness and feelings about GDPR as consumers, particularly whether they believe their privacy is better protected. - **Corporate Perspective**: To explore the responses and changes within companies during the implementation of GDPR and employees' views on the changes resulting from GDPR. ### Research Methods - **Survey Design**: Through a multi-stage survey, researchers first conducted interest tests and potential sample size tests, followed by a final detailed survey. - **Sample Selection**: Participants were recruited through the Prolific platform, requiring them to have worked at the same company for at least 5 years and be familiar with GDPR. - **Data Collection**: Data was collected using the Qualtrics platform. The final survey included 102 participants, with a representative and high-quality sample. ### Key Findings - **Consumer Awareness**: Most respondents confirmed they were aware of GDPR, but the level of understanding of specific rights varied. - **Privacy Perception**: Respondents generally believed their privacy was better protected after the implementation of GDPR. - **Corporate Response**: Companies generally responded to GDPR by making necessary legal, technical, and organizational changes. - **Employee Cognition**: Despite the corporate response, some employees were not fully aware of the actual benefits of these changes. ### Conclusion - **Overall Evaluation**: Overall, respondents believed that GDPR is worth it. Despite some challenges and costs, it plays a positive role in protecting personal privacy and promoting data protection. - **Policy Recommendations**: The research results support policymakers in continuing to promote and optimize GDPR while considering early feedback to further enhance public support and compliance effectiveness. Through this research, the authors hope to provide valuable references for policymakers and regulatory agencies to better understand and address the challenges and opportunities in the practical application of GDPR.