EU Digital Paradox: GDPR as a Barrier for the Digitalizationof Polish SMEs

Abstract

Poland's transition to a digital knowledge economy is still slow, especially in the predominant microenterprise sector, despite the country's steady economic convergence with Western standards. This study explores the "EU Digital Paradox," in which Polish small and medium-sized enterprises (SMEs) face a structural obstacle due to the simultaneous pursuit of digital acceleration and strict data restrictions under the General Data Protection Regulation (GDPR). Using secondary quantitative data from the Polish Agency for Enterprise Development (PARP, 2025) and the Digital Economy and Society Index (DESI, 2022–2024), this study adopts the Resource-Based View (RBV) of the firm and uses a descriptive analytical design. The analysis reveals that companies are forced into "defensive digitalization" and data avoidance due to prohibitive compliance expenses, which are expected to be between 40,000 and 100,000 PLN per year. The study emphasizes that although making up the great majority of the economic landscape, micro-enterprises are subject to the same compliance obligations as larger businesses due to the current legal framework's failure to separate them. The article recommends introducing GDPR regulatory sandboxes for micro-enterprises and transitioning to a vendor-based compliance model to remove these structural barriers and accelerate digital growth.