A lack of suitable EU regulation may be holding back Europe’s digital innovators from becoming global competitors, MEPs have warned. EURACTIV France reports.
“Better regulation” was one of the major pledges made by the current European executive when it took office in November 2014.
The aim of the initiative is to cut red tape and reduce the administrative burden for Europe’s businesses and citizens. But in the digital sector, a lack of regulation could harm Europe’s chances of leading the next wave of innovation (big data, connected objects, etc.).
“The problem we have today is that digital innovation moves so fast that if we do not make the necessary regulations, many European companies will die off,” said Robert Rochefort, a French liberal MEP (ALDE group) and vice-chair of the European Parliament’s internal market committee.
“We are in danger of missing out on necessary strategic regulations for fear of regulating too much,” he said at the European Digital Day held in Paris on Friday (18 June).
This fear of over-regulating may disadvantage European start-ups that are struggling to make an impact in a market dominated by American giants like Google.
“Start-ups come to see me all the time in the European Parliament, because they are being suffocated by Google, which does not respect net neutrality,” the MEP said.
But European regulation has already moved up a gear with the definition of a new data protection framework with the United States, called Privacy Shield.
“Europe is behind, but it is regaining ground with a framework that will apply from May 2018,” said Isabelle Falque-Pierrotin, the president of the French data protection authority (CNIL).
“As far as data protection is concerned, we are starting with a certain handicap because the geography is not in our favour,” the president added. The majority of personal data is stored in the United States, not in Europe.
But regulating the place where personal data is to be stored is a double-edged solution to data protection.
Privacy Shield currently foresees very high data protection standards for companies that collect personal data from European citizens and store it in the United States.
The agreement will give European citizens the same rights as Americans in case of legal challenges over the invasion of privacy.
“Our point of view is that we should go one step further. The Snowden affair made us aware of the fragility of data protection in the United States. We have to develop data residency. European data must come under the European legal system,” said Bernard Benhamou, the secretary general of the Digital Sovereignty Institute.
This relocation of data could pave the way for the creation of “data storage centres in the European Union”, he added.
“Parhaps this is an advantage in the short term, but Europe cannot be a fortress. I do not much believe in regulation to keep data in Europe,” said Falque-Pierrotin.
This view is shared by Fleur Pellerin, France’s former minister for the digital economy. “Today putting up barriers and borders is completely counter-productive,” she said at the end of the debate.
The existing European rules on data protection were adopted in 1995, when the internet was still in its infancy.
In January 2012, the European Commission published a vast legislative package aimed at replacing the existing rules and giving greater protection to personal data across the EU.
The package includes two legislative proposals: one general regulation on data protection (directly applicable in all the member states) and one directive specifically aimed at data protection in the police and the justice systems (to be transposed into national law).
Since then, the data protection debate took a new twist with revelations about US eavesdropping activities.
Whistleblower Edward Snowden revealed in 2013 that the NSA had secret wide-reaching authority to snoop on emails and internet communications using a data-mining programme called Prism.
European politicians reacted angrily to the news and called for stricter measures to ensure privacy.