Is Europe Saving Privacy or Killing Innovation?
Internet privacy seems almost oxymoronic, the two words opposites in many senses. The Internet gives you the tools to share your views with the world, making everything public, not private. This holds even as we move into an age wherein unprecedented importance is given to, and reliant upon, technology and the very firms that conceive these innovations. FANG, an acronym given to the largest of the Big Tech firms - Facebook, Amazon, Netflix, and Google - dominate not only consumers’ lives, but also financial markets. To illustrate tech’s outsized influence, Apple alone accounts for 4.13 percent to the S&P 500, a prominent measure of the American stock market and business overall. Recent scandals from Cambridge Analytica to the Equifax data breach have highlighted a clear problem in the tech space concerning the protection of consumers’ data. This has lead some to point quickly to regulation as the answer.
The European Union has historically sought to protect its citizens more than the United States government ever has. In 2014, the EU provided its citizens with the legal right to appeal to remove inquiries about themselves on search engines like Google, called the “Right to be Forgotten.” Beginning on May 25th, a far more overarching piece of legislation, the General Data Protection Regulation (GDPR), will become enforced in the EU. Ratified in 2016, GDPR has allotted two years for companies to become compliant with its framework; that period is now coming to an end. With regulatory changes ahead, there will be costs to corporations in becoming compliant, through legal fees and structural modifications to products or services offered.
With these legislative changes, some feel that large tech firms are actually advantaged due to greater resources and existing staff entirely devoted to compliance. In recent CNN coverage, certain smaller firms have determined that some of their products are no longer viable to support because of the high costs associated with altering legacy software. Certainly, the transgressions that have been underscored in recent tech conspiracies evidence a need for a stronger legal framework in dealing with data privacy; at the same time, only a mere five years ago, Edward Snowden exposed equally alarming privacy violations by the NSA. These offenses makes it difficult to trust any one party (public or private) more so than the other.
The United States has been hesitant to move forward with substantive regulations over Internet privacy. In fact, it has been moving in the opposite direction, with the repealing of Net Neutrality, as well as the failure of Congress to pass a data protection bill over Internet service providers. While some may argue this hesitancy harms consumers, it seems that governmental intervention has had some rather severe consequences. Innovation thrives when there exist low barriers to entry and a large amount of competition, but regulation like GDPR has already proven to act against forthcoming disruptors.
The American principles that allowed Silicon Valley to become virtually unrivaled should not be compromised by overly restrictive regulation. Nevertheless, privacy has great import and should not be taken lightly by corporations either. It comes down to a balancing act between protecting the privacy of individuals and ensuring that we do not stifle innovation in the process. Largely, it seems the situation may best be solved through advocacy and customer influence to steer corporations toward more careful handling of data, rather than inducing strict legislation imposed by their government.