Home RegionsEurope Two Years On, the GDPR’s Flaws Show Why the EU Should Avoid Additional Rules

Two Years On, the GDPR’s Flaws Show Why the EU Should Avoid Additional Rules

by Eline Chivot
by

BRUSSELS—In response to the European Commission’s two-year review of the General Data Protection Regulation (GDPR), the Center for Data Innovation released the following statement from Brussels-based Senior Policy Analyst Eline Chivot:

Two years after coming into force, the GDPR has failed to live up to its promise. Instead of serving as a gold standard data regulation for the world to emulate, it has proved to be a complicated, burdensome drain on Europe’s digital economy. The two-year review shines an unflattering light on many of these shortcomings, yet the Commission seems determined to double down by layering on even more rules. Make no mistake: That would come at the cost of EU’s economic competitiveness in the years ahead.

The Commission’s review exposes myriad challenges to implementing the GDPR. For example, many data protection authorities lack resources and staff. They diverge in their interpretations of the law, they are inconsistent in enforcing it, and they provide insufficient guidance, so companies are left to struggle with a lack of clarity on issues such as pseudonymization, anonymization, and how to process health data.

It is gratifying that the Commission finally concedes to concerns stakeholders have expressed over the lack of clarity and applicability of GDPR principles with respect to new technologies such as AI, especially for smaller firms. Yet the Commission still plans to adopt new rules, such as a complicated AI regulatory framework and an expansion of the right to data portability. This risks adding new layers of bureaucracy and compliance costs that would duplicate or overlap with the GDPR.

The Commission continues to assert that the GDPR has created tremendous advantages for businesses and users, despite its compliance costs. But this is a selective reading of the evidence that overlooks the damaging impact it has had on innovation. It also dismisses the fact that the Commission itself has found that European consumer trust in the Internet has plunged.

Policymakers should fix the GDPR’s many shortcomings before creating even more rules for innovative new technologies. Otherwise, the EU will tie the hands of companies that could help its economy compete in the global economy.

0
FacebookTwitterPinterestEmail
Avatar photo
Eline Chivot

Eline Chivot is a former senior policy analyst at the Center for Data Innovation. Based in Brussels, Eline focuses on European technology policy issues and on how policymakers can promote digital innovation in the EU. Prior to joining the Center for Data Innovation, Eline Chivot worked for several years in the Netherlands as policy analyst in a leading think tank, where her work included research projects on defense, security and economic policy issues. More recently, Eline worked at one of Brussels’ largest trade associations and managed its relations with representatives of the digital tech industry in Europe and beyond. Eline earned master’s degrees in political science and economics from Sciences Po, and in strategic management and business administration from the University of Lille.

You may also like

Europe’s GDPR Fines Against US Firms Are Unfair...

EU’s AI Ambitions Take a Step Forward, but...

Comments to the UK Government on Proposed Changes...

Selective Outrage Over AI and Copyright

UK AISI Rebrand Highlights a Missed Chance to...

Why The Pursuit of Sovereign AI is Not...

UK’s AI Opportunities Action Plan Offers a Promising...

Comments to UK Home Office’s Consultation on the...

House AI Report Lays the Foundation for a...

Statement on Enhancing International Collaboration on Open-Source AI...

Show Buttons
Hide Buttons