Last week I had the honour of accompanying the European Parliament’s Delegation to Washington DC for the 77th interparliamentary meeting. Besides other important topics such as TTIP and foreign affairs, the meeting focused on the transatlantic digital agenda, on which topic I delivered the keynote speech. The debate following my speech got quite heated at times, and the participants were clearly very passionate about the topic.
A lot in common
The media often like to stress the differences between the U.S. and the EU, but the two actually have much more in common than perceived. I believe I am not wrong in saying that we all agree on the digital economy’s being a priority on both sides of the Atlantic, given its growth potential for users and companies, but also for governments and public administration. This is particularly true of e-government solutions and public services that can be simplified by going digital.
We can probably also agree that the digital economy does not come without challenges, because its very nature is disruptive. It shakes up not only the companies in the traditional sectors but also traditional laws and frameworks – the current debate around the need to reform copyright legislation is a good example here.
Furthermore, we share the common principles of open internet and net neutrality. Although the internet is global in nature, it is limited by artificial barriers made by various regulations. In the U.S., some have expressed concerns that the European Union’s initiative on the digital single market is another attempt to protect European companies from external competition. This is not the case. Its central aim is to remove barriers within Europe so that goods and services could function optimally via an internet that knows no borders. This goal serves the interests of American as well as European companies.
Digital Single Market – building trust
One important aspect of creating a strong digital single market is, of course, building trust. We need to build up both the trust of citizens, so that they may take up digital services, and of companies, so that they may invest in new data driven technologies. Most business models used by technology companies are based on trust, so these companies understand that if they lose this trust, they lose everything. This is crucial to empowering users.
When we talk about trust we cannot ignore the issue of data privacy and the Safe Harbour scheme that was declared unlawful, so that now, for example, it is unlawful to transfer personal data from the EU offices of an American company to their offices in the U.S.
The Safe Harbour scheme was always going to be a temporary measure. It is vital, then, that we find a permanent solution, as new innovations such as the Internet of Things and the development of big data technologies will require even stronger cooperation on privacy, cybersecurity and the global trade of services. The biggest problem in the interim period is that we presently have 28 different data protection authorities in the EU that will each implement the decision based on their interpretation of it.
The European data protection authorities have put together a working group which has agreed:
- not to implement the decision retroactively;
- to explore the possibilities for companies to continue their activities, relying on personal consent and binding corporate rules for continuing data transfers;
- on a transmission period until the end of January 2016 to let companies adapt with the new situation, and give policymakers time to come up with new solutions.
Some have said that large U.S. companies will suffer, but they are big enough to deal with the complexity of rules and have been preparing for this outcome for a while. The ones that will struggle the most are small EU companies that relied on Safe Harbour and will now have to get prior authorisation from national data protection authorities.
Still far from consensus
We treat personal data very differently. Listening to the reactions from the U.S. side, I was struck by the thought that their attitude to data protection is heavily influenced by their patriotism. It does not bother them that their government “spies on them” (though they admitted that tapping Angela Merkel’s phone was “not nice”), as it is done in the name of their own security. Yet it is worth reminding ourselves that their own government databases have previously been hacked – personal data becomes a powerful weapon in the hands of the wrong people. It is paramount, then, that we find a common, permanent solution to how such data should be stored and transferred.
Although we did not manage to reach a specific agreement on how to organize data protection, we recognized that we share the same goals and fears, particularly as regards cyberterrorism and internet safety. Now we need to figure out how to solve the present disarray in data protection in a way that would please all parties.