Online Customer Trust in the Context of the General Data Protection Regulation (GDPR)

Background: A recent global survey found that almost half of Internet users who never buy online indicated lack of trust as the main reason. The General Data Protection Regulation (GDPR) is new legislation expected to provide the opportunity for organizations to improve their customer trust through personal data governance. Few studies explore online customer trust from the GDPR perspective. This study aims to fill this gap by drawing on the Technology Acceptance Model (TAM) and Self-Determination Theory (SDT), examining the antecedents of online customer trust from the GDPR perspective. The study also attempts to derive insights about the GDPR that may affect online customer trust, but which to date have little presence in frameworks of the antecedents of online trust. The main research questions are as follows. First, what are the impacts of perceived technology, perceived risks and perceived trustworthiness on online customer trust in the GDPR context? Second, what are the GDPR-specific factors that may affect online customer trust? Method: This positivist study used a survey strategy with a deductive approach to investigate the research questions. A questionnaire was designed for primary data collection as the basis for quantitative data analysis. Results: Data analysis confirmed that several GDPR-related trust antecedents - perceived security, perceived third-party assurance and perceived openness - are positively associated with online customer trust. This study offers new insights into the SDT adaptation that suggest the value of motivation theory for trust research in the GDPR context. This study also generates insights about the GDPR that may affect online customer trust. Conclusions: This study suggests that the GDPR plays a significant role in online customer trust by bringing about stronger rights and more transparency for online customers. Both the confirmation and insights are a contribution that can lead seemingly old-fashioned trust antecedents into a new application.