Home RegionsEurope Two Years On, the GDPR’s Flaws Show Why the EU Should Avoid Additional Rules

Two Years On, the GDPR’s Flaws Show Why the EU Should Avoid Additional Rules

by Eline Chivot
by

BRUSSELS—In response to the European Commission’s two-year review of the General Data Protection Regulation (GDPR), the Center for Data Innovation released the following statement from Brussels-based Senior Policy Analyst Eline Chivot:

Two years after coming into force, the GDPR has failed to live up to its promise. Instead of serving as a gold standard data regulation for the world to emulate, it has proved to be a complicated, burdensome drain on Europe’s digital economy. The two-year review shines an unflattering light on many of these shortcomings, yet the Commission seems determined to double down by layering on even more rules. Make no mistake: That would come at the cost of EU’s economic competitiveness in the years ahead.

The Commission’s review exposes myriad challenges to implementing the GDPR. For example, many data protection authorities lack resources and staff. They diverge in their interpretations of the law, they are inconsistent in enforcing it, and they provide insufficient guidance, so companies are left to struggle with a lack of clarity on issues such as pseudonymization, anonymization, and how to process health data.

It is gratifying that the Commission finally concedes to concerns stakeholders have expressed over the lack of clarity and applicability of GDPR principles with respect to new technologies such as AI, especially for smaller firms. Yet the Commission still plans to adopt new rules, such as a complicated AI regulatory framework and an expansion of the right to data portability. This risks adding new layers of bureaucracy and compliance costs that would duplicate or overlap with the GDPR.

The Commission continues to assert that the GDPR has created tremendous advantages for businesses and users, despite its compliance costs. But this is a selective reading of the evidence that overlooks the damaging impact it has had on innovation. It also dismisses the fact that the Commission itself has found that European consumer trust in the Internet has plunged.

Policymakers should fix the GDPR’s many shortcomings before creating even more rules for innovative new technologies. Otherwise, the EU will tie the hands of companies that could help its economy compete in the global economy.

You may also like

Show Buttons
Hide Buttons