Committed to connecting the world


Impact of the GDPR


The General Data Protection's (GDPR) Impact on Data-driven Business Models: the Case of the Right to Data Portability and Facebook


The General Data Protection Regulation (GDPR) has recently come into force and will have wide implications for the digital economy and the business models of various tech firms, as well as providing new opportunities for innovation. The GDPR aims to provide consumers with the control of their personal data, provide trust in the digital economy and harmonize data protection throughout the EU pursuant to the Digital Single Market strategy. This paper attempts to analyze and outline how the GDPR might change the data-driven business models (DDBMs) of firms, yet nonetheless they may lead to a variety of positive effects. Indeed, the principles and individual rights in the GDPR tackle monopolistic structures (and lock-ins), and they can increase the quality of data and digital provisions as a result of competitive pressures, as well as promoting consumer trust in the digital market. One of the individual rights and newer features introduced by the GDPR, namely the right to ‘data portability’, will be considered with regard to the case of its impact on Facebook’s DDBM.


Business models, data economy, data portability, Facebook, GDPR, innovation​, trust​


Moritz Böhmecke-Schwafert
(TU Berlin, Germany) ​

Moritz Böhmecke-Schwafert is a PhD Candidate and research fellow at the Technical University of Berlin. He is part of the teaching staff of the Chair of Innovation Economics where he regularly holds the lecture “Digital Innovation”. He holds a M.Sc. degree in Economics from the University of Jena and has studied in Germany, Finland and Chile. His research focuses on the interplay of institutions and ICT innovation and their role for upgrading in global value chains. From the technology perspective, he is specialized on the distributed ledger technology of blockchain. From the institutional perspective, he focuses on the General Data Protection Regulation (GDPR). ​In addition, he is a senior consultant for IT innovation in the sphere of AI, Blockchain and Data Protection at IBM Germany. In different projects, he is consulting the German insurance industry on the opportunities and challenges of the digital transformation.

Crispin Niebel 
(TU Berlin, Germany) ​ 

​Crispin Niebel is doing his PhD at the Technical University of Berlin and is part of the DFG Graduate program ‘Innovation Society Today’. The focus of his PhD thesis is analyzing the impact of the ‘General Data Protection Regulation (GDPR) on Innovation’. His core areas of interest is the digital economy and society, regulation and innovation. He did his B.A. in Politics and Sociology at the University of Sussex and a M.A. in Globalization and Corporate Development at SOAS, University of London. His M.A. thesis title was “The demise of ACTA in Europe: the contextualization of the role-played by the oppositional mass mobilization and its significance for future Intellectual Property Rights negotiations and provisions”. Furthermore, he did a M.Sc. in Economic Behavior​ and Governance at the University of Kassel. The M.Sc. thesis held the title “Time-use and Well-being in the Digital age”.​​​