An analysis of economic impact on IoT industry under GDPR

Junwoo Seo, Kyoungmin Kim, Mookyu Park, Moosung Park, Kyungho Lee

Research output: Contribution to journalArticlepeer-review

9 Citations (Scopus)


The EU GDPR comes into effect on May 25, 2018. Under this regulation, stronger legislation than the existing directive can be enforced. The IoT industry, especially among various industries, is expected to be heavily influenced by GDPR since it uses diverse and vast amounts of personal information. This paper first analyzes how the IoT industry handles personal information and summarizes why it is affected by GDPR. The paper then uses the cost definition of Gordon and Loeb model to estimate how GDPR affects the cost of IoT firms qualitatively and uses the statistical and legal bases to estimate quantitatively. From a qualitative point of view, GDPR impacted the preventative cost and legal cost of the Gordon and Loeb model. Quantitative view showed that the cost of IoT firms after GDPR could increase by three to four times on average and by 18 times if the most. The study finally can be applied to situational awareness of the economic impact on the certain industry.

Original languageEnglish
Article number6792028
JournalMobile Information Systems
Publication statusPublished - 2018

ASJC Scopus subject areas

  • Computer Science Applications
  • Computer Networks and Communications


Dive into the research topics of 'An analysis of economic impact on IoT industry under GDPR'. Together they form a unique fingerprint.

Cite this